From 3d82b990d1fdd7b8af23d69f140cd4aff56ee6ad Mon Sep 17 00:00:00 2001 From: slontis Date: Fri, 12 Dec 2025 13:52:25 +1100 Subject: [PATCH] Added LMS support for OpenSSL commandline signature verification using pkeyutl. Added LMS 'SubjectPublicKeyInfo' encoder/decoder support. Modified LMS keymanager and signature code to work with pkey and pkeyutl. Test data for public keys and signatures were generated by modifying BouncyCastle code tests. Reviewed-by: Viktor Dukhovni Reviewed-by: Paul Dale Reviewed-by: Matt Caswell MergeDate: Fri Feb 27 14:40:27 2026 (Merged from https://github.com/openssl/openssl/pull/29381) --- CHANGES.md | 6 + crypto/lms/lms_key.c | 22 ++ crypto/lms/lms_params.c | 40 ++-- doc/man7/EVP_PKEY-LMS.pod | 12 ++ doc/man7/EVP_SIGNATURE-LMS.pod | 5 + doc/man7/OSSL_PROVIDER-base.pod | 13 +- doc/man7/OSSL_PROVIDER-default.pod | 11 + include/crypto/lms.h | 6 + .../implementations/encode_decode/build.info | 2 +- .../encode_decode/decode_der2key.c | 24 +++ .../encode_decode/encode_key2any.c | 19 ++ .../encode_decode/encode_key2text.c | 13 ++ .../encode_decode/lms_codecs.c | 191 ++++++++++++++++++ .../include/prov/implementations.h | 5 + .../implementations/include/prov/lms_codecs.h | 25 +++ .../implementations/include/prov/names.h | 2 +- providers/implementations/keymgmt/lms_kmgmt.c | 50 ++++- .../implementations/keymgmt/lms_kmgmt.inc.in | 8 + .../implementations/signature/lms_signature.c | 28 +++ test/lms_test.c | 9 +- test/recipes/15-test_lms_codecs.t | 62 ++++++ .../sha256_n24_w1_msg.bin | Bin 0 -> 128 bytes .../sha256_n24_w1_pub.der | Bin 0 -> 72 bytes .../sha256_n24_w1_pub.pem | 4 + .../sha256_n24_w1_pub.txt | 12 ++ .../sha256_n24_w1_sig.bin | Bin 0 -> 4956 bytes .../shake_n24_w1_msg.bin | 2 + .../shake_n24_w1_pub.der | Bin 0 -> 72 bytes .../shake_n24_w1_pub.pem | 4 + .../shake_n24_w1_pub.txt | 12 ++ .../shake_n24_w1_sig.bin | Bin 0 -> 5436 bytes .../shake_n24_w2_msg.bin | 2 + .../shake_n24_w2_pub.der | Bin 0 -> 72 bytes .../shake_n24_w2_pub.pem | 4 + .../shake_n24_w2_pub.txt | 12 ++ .../shake_n24_w2_sig.bin | Bin 0 -> 2940 bytes .../shake_n24_w4_msg.bin | Bin 0 -> 128 bytes .../shake_n24_w4_pub.der | Bin 0 -> 72 bytes .../shake_n24_w4_pub.pem | 4 + .../shake_n24_w4_pub.txt | 12 ++ .../shake_n24_w4_sig.bin | Bin 0 -> 1500 bytes .../shake_n24_w8_msg.bin | 2 + .../shake_n24_w8_pub.der | Bin 0 -> 72 bytes .../shake_n24_w8_pub.pem | 4 + .../shake_n24_w8_pub.txt | 12 ++ .../shake_n24_w8_sig.bin | Bin 0 -> 1020 bytes .../shake_n32_w1_msg.bin | 1 + .../shake_n32_w1_pub.der | Bin 0 -> 80 bytes .../shake_n32_w1_pub.pem | 4 + .../shake_n32_w1_pub.txt | 13 ++ .../shake_n32_w1_sig.bin | Bin 0 -> 9004 bytes .../shake_n32_w8_msg.bin | 1 + .../shake_n32_w8_pub.der | Bin 0 -> 80 bytes .../shake_n32_w8_pub.pem | 4 + .../shake_n32_w8_pub.txt | 13 ++ .../shake_n32_w8_sig.bin | Bin 0 -> 1932 bytes 56 files changed, 649 insertions(+), 26 deletions(-) create mode 100644 providers/implementations/encode_decode/lms_codecs.c create mode 100644 providers/implementations/include/prov/lms_codecs.h create mode 100644 test/recipes/15-test_lms_codecs.t create mode 100644 test/recipes/15-test_lms_codecs_data/sha256_n24_w1_msg.bin create mode 100644 test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.der create mode 100644 test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.pem create mode 100644 test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.txt create mode 100644 test/recipes/15-test_lms_codecs_data/sha256_n24_w1_sig.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w1_msg.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w1_pub.der create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w1_pub.pem create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w1_pub.txt create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w1_sig.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w2_msg.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.der create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.pem create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.txt create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w2_sig.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w4_msg.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w4_pub.der create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w4_pub.pem create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w4_pub.txt create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w4_sig.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w8_msg.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.der create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.pem create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.txt create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n24_w8_sig.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w1_msg.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.der create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.pem create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.txt create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w1_sig.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w8_msg.bin create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.der create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.pem create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.txt create mode 100644 test/recipes/15-test_lms_codecs_data/shake_n32_w8_sig.bin diff --git a/CHANGES.md b/CHANGES.md index 34b959f152d..51e2eb5dda8 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -32,6 +32,12 @@ OpenSSL 4.0 ### Changes between 3.6 and 4.0 [xx XXX xxxx] + * Added LMS support for signature verification to `pkeyutl' command. + To enable this, LMS 'SubjectPublicKeyInfo' encoder and decoders were + added, and the LMS keymanager and signature code were updated. + + *Shane Lontis* + * New `SSL_get0_sigalg()` and `SSL_get0_shared_sigalg()` functions report the TLS signature algorithm name and codepoint for the peer advertised and shared algorithms respectively. These supersede the existing `SSL_get_sigalgs()` and diff --git a/crypto/lms/lms_key.c b/crypto/lms/lms_key.c index a5d87ad8453..752ffea5192 100644 --- a/crypto/lms/lms_key.c +++ b/crypto/lms/lms_key.c @@ -106,3 +106,25 @@ int ossl_lms_key_has(const LMS_KEY *key, int selection) return 0; return 1; } + +/* Returns the public key data or NULL if there is no public key */ +const uint8_t *ossl_lms_key_get_pub(const LMS_KEY *key) +{ + return key->pub.encoded; +} + +/* The encoded public key size */ +size_t ossl_lms_key_get_pub_len(const LMS_KEY *key) +{ + return 24 + key->lms_params->n; +} + +size_t ossl_lms_key_get_collision_strength_bits(const LMS_KEY *key) +{ + return key->lms_params->n * 8; +} + +size_t ossl_lms_key_get_sig_len(const LMS_KEY *key) +{ + return 12 + key->lms_params->n * (1 + key->ots_params->p + key->lms_params->h); +} diff --git a/crypto/lms/lms_params.c b/crypto/lms/lms_params.c index 6ac6dcdb81d..006a5d3768c 100644 --- a/crypto/lms/lms_params.c +++ b/crypto/lms/lms_params.c @@ -11,27 +11,27 @@ /* Refer to SP800-208 Section 4 LMS Parameter Sets */ static const LMS_PARAMS lms_params[] = { - { OSSL_LMS_TYPE_SHA256_N32_H5, "SHA256", 32, 5 }, - { OSSL_LMS_TYPE_SHA256_N32_H10, "SHA256", 32, 10 }, - { OSSL_LMS_TYPE_SHA256_N32_H15, "SHA256", 32, 15 }, - { OSSL_LMS_TYPE_SHA256_N32_H20, "SHA256", 32, 20 }, - { OSSL_LMS_TYPE_SHA256_N32_H25, "SHA256", 32, 25 }, - { OSSL_LMS_TYPE_SHA256_N24_H5, "SHA256-192", 24, 5 }, - { OSSL_LMS_TYPE_SHA256_N24_H10, "SHA256-192", 24, 10 }, - { OSSL_LMS_TYPE_SHA256_N24_H15, "SHA256-192", 24, 15 }, - { OSSL_LMS_TYPE_SHA256_N24_H20, "SHA256-192", 24, 20 }, - { OSSL_LMS_TYPE_SHA256_N24_H25, "SHA256-192", 24, 25 }, - { OSSL_LMS_TYPE_SHAKE_N32_H5, "SHAKE-256", 32, 5 }, - { OSSL_LMS_TYPE_SHAKE_N32_H10, "SHAKE-256", 32, 10 }, - { OSSL_LMS_TYPE_SHAKE_N32_H15, "SHAKE-256", 32, 15 }, - { OSSL_LMS_TYPE_SHAKE_N32_H20, "SHAKE-256", 32, 20 }, - { OSSL_LMS_TYPE_SHAKE_N32_H25, "SHAKE-256", 32, 25 }, + { OSSL_LMS_TYPE_SHA256_N32_H5, "SHA256", 32, 5, 128 }, + { OSSL_LMS_TYPE_SHA256_N32_H10, "SHA256", 32, 10, 128 }, + { OSSL_LMS_TYPE_SHA256_N32_H15, "SHA256", 32, 15, 128 }, + { OSSL_LMS_TYPE_SHA256_N32_H20, "SHA256", 32, 20, 128 }, + { OSSL_LMS_TYPE_SHA256_N32_H25, "SHA256", 32, 25, 128 }, + { OSSL_LMS_TYPE_SHA256_N24_H5, "SHA256-192", 24, 5, 96 }, + { OSSL_LMS_TYPE_SHA256_N24_H10, "SHA256-192", 24, 10, 96 }, + { OSSL_LMS_TYPE_SHA256_N24_H15, "SHA256-192", 24, 15, 96 }, + { OSSL_LMS_TYPE_SHA256_N24_H20, "SHA256-192", 24, 20, 96 }, + { OSSL_LMS_TYPE_SHA256_N24_H25, "SHA256-192", 24, 25, 96 }, + { OSSL_LMS_TYPE_SHAKE_N32_H5, "SHAKE-256", 32, 5, 256 }, + { OSSL_LMS_TYPE_SHAKE_N32_H10, "SHAKE-256", 32, 10, 256 }, + { OSSL_LMS_TYPE_SHAKE_N32_H15, "SHAKE-256", 32, 15, 256 }, + { OSSL_LMS_TYPE_SHAKE_N32_H20, "SHAKE-256", 32, 20, 256 }, + { OSSL_LMS_TYPE_SHAKE_N32_H25, "SHAKE-256", 32, 25, 256 }, /* SHAKE-256/192 */ - { OSSL_LMS_TYPE_SHAKE_N24_H5, "SHAKE-256", 24, 5 }, - { OSSL_LMS_TYPE_SHAKE_N24_H10, "SHAKE-256", 24, 10 }, - { OSSL_LMS_TYPE_SHAKE_N24_H15, "SHAKE-256", 24, 15 }, - { OSSL_LMS_TYPE_SHAKE_N24_H20, "SHAKE-256", 24, 20 }, - { OSSL_LMS_TYPE_SHAKE_N24_H25, "SHAKE-256", 24, 25 }, + { OSSL_LMS_TYPE_SHAKE_N24_H5, "SHAKE-256", 24, 5, 192 }, + { OSSL_LMS_TYPE_SHAKE_N24_H10, "SHAKE-256", 24, 10, 192 }, + { OSSL_LMS_TYPE_SHAKE_N24_H15, "SHAKE-256", 24, 15, 192 }, + { OSSL_LMS_TYPE_SHAKE_N24_H20, "SHAKE-256", 24, 20, 192 }, + { OSSL_LMS_TYPE_SHAKE_N24_H25, "SHAKE-256", 24, 25, 192 }, { 0, NULL, 0, 0 } }; diff --git a/doc/man7/EVP_PKEY-LMS.pod b/doc/man7/EVP_PKEY-LMS.pod index a51e9be436a..4a5323e2aae 100644 --- a/doc/man7/EVP_PKEY-LMS.pod +++ b/doc/man7/EVP_PKEY-LMS.pod @@ -27,6 +27,16 @@ is expected to be in XDR format. =back +The following parameters is gettable using EVP_PKEY_get_utf8_string_param(). + +=over 4 + +=item "mandatory-digest" (B) + +The empty string, signifying that no digest may be specified. + +=back + =head1 CONFORMING TO =over 4 @@ -91,6 +101,8 @@ L =head1 HISTORY This functionality was added in OpenSSL 3.6. +The gettable "mandatory-digest" and support for loading LMS public keys in +SubjectPublicKeyInfo format was added in OpenSSL 4.0. =head1 COPYRIGHT diff --git a/doc/man7/EVP_SIGNATURE-LMS.pod b/doc/man7/EVP_SIGNATURE-LMS.pod index bd936bfbfe8..7bffe8b9120 100644 --- a/doc/man7/EVP_SIGNATURE-LMS.pod +++ b/doc/man7/EVP_SIGNATURE-LMS.pod @@ -24,6 +24,9 @@ that specify the digest name are not necessary. LMS support is disabled by default at compile-time. To enable, specify the B build configuration option. +For backwards compatibility reasons EVP_DigestVerifyInit_ex() and +EVP_DigestVerify() may also be used, but the digest passed in I must be NULL. + LMS should only be used for older deployments. New deployments should use either L or . @@ -56,6 +59,8 @@ L, =head1 HISTORY This functionality was added in OpenSSL 3.6. +Support for EVP_DigestVerifyInit_ex() and EVP_DigestVerify() was added in +OpenSSL 4.0. =head1 COPYRIGHT diff --git a/doc/man7/OSSL_PROVIDER-base.pod b/doc/man7/OSSL_PROVIDER-base.pod index fdc7d0e54ee..ca8416f755e 100644 --- a/doc/man7/OSSL_PROVIDER-base.pod +++ b/doc/man7/OSSL_PROVIDER-base.pod @@ -132,6 +132,10 @@ are also available in the default provider. =item SLH-DSA-SHAKE-256f +=item LMS + +Private keys are not supported for LMS. + =back In addition to this provider, all of these encoding algorithms are also @@ -202,6 +206,10 @@ combination with the FIPS provider. =item SLH-DSA-SHAKE-256f +=item LMS + +Private keys are not supported for LMS. + =back In addition to this provider, all of these decoding algorithms are also @@ -230,7 +238,10 @@ L, L This functionality was added in OpenSSL 3.0. -Support for B and was added in OpenSSL 3.5. +Support for B and B was added in OpenSSL 3.5. + +Support for B Public Key (SubjectPublicKeyInfo) encoders and decoders +was added in OpenSSL 4.0. =head1 COPYRIGHT diff --git a/doc/man7/OSSL_PROVIDER-default.pod b/doc/man7/OSSL_PROVIDER-default.pod index d49502b5fdb..1c98bb787f4 100644 --- a/doc/man7/OSSL_PROVIDER-default.pod +++ b/doc/man7/OSSL_PROVIDER-default.pod @@ -444,6 +444,10 @@ are also available in the base provider. =item SLH-DSA-SHAKE-256f +=item LMS + +Private keys are not supported for LMS. + =back In addition to this provider, all of these encoding algorithms are also @@ -512,6 +516,10 @@ combination with the FIPS provider. =item SLH-DSA-SHAKE-256f +=item LMS + +Private keys are not supported for LMS. + =back In addition to this provider, all of these decoding algorithms are also @@ -538,6 +546,9 @@ L =head1 HISTORY +Support for B Public Key (SubjectPublicKeyInfo) encoders and decoders +was added in OpenSSL 4.0. + The RIPEMD160 digest was added to the default provider in OpenSSL 3.0.7. The HKDF-SHA256, HKDF-SHA384 and HKDF-SHA512 algorithms were added in OpenSSL 3.6. diff --git a/include/crypto/lms.h b/include/crypto/lms.h index 6fd2835c294..ffb856893fc 100644 --- a/include/crypto/lms.h +++ b/include/crypto/lms.h @@ -117,6 +117,7 @@ typedef struct lms_params_st { const char *digestname; /* One of SHA256, SHA256-192, or SHAKE256 */ uint32_t n; /* The Digest size (either 24 or 32), Useful for setting up SHAKE */ uint32_t h; /* The height of a LMS tree which is one of 5, 10, 15, 20, 25) */ + size_t bit_strength; } LMS_PARAMS; typedef struct lms_pub_key_st { @@ -156,5 +157,10 @@ int ossl_lms_pubkey_decode(const unsigned char *pub, size_t publen, LMS_KEY *lmskey); size_t ossl_lms_pubkey_length(const unsigned char *data, size_t datalen); +const uint8_t *ossl_lms_key_get_pub(const LMS_KEY *key); +size_t ossl_lms_key_get_pub_len(const LMS_KEY *key); +size_t ossl_lms_key_get_collision_strength_bits(const LMS_KEY *key); +size_t ossl_lms_key_get_sig_len(const LMS_KEY *key); + #endif /* OPENSSL_NO_LMS */ #endif /* OSSL_CRYPTO_LMS_H */ diff --git a/providers/implementations/encode_decode/build.info b/providers/implementations/encode_decode/build.info index 09c2d8c435d..2347ef865f3 100644 --- a/providers/implementations/encode_decode/build.info +++ b/providers/implementations/encode_decode/build.info @@ -20,7 +20,7 @@ ENDIF DEPEND[encode_key2any.o]=../../common/include/prov/der_rsa.h IF[{- !$disabled{lms} -}] - SOURCE[$DECODER_GOAL]=decode_lmsxdr2key.c + SOURCE[$DECODER_GOAL]=decode_lmsxdr2key.c lms_codecs.c ENDIF IF[{- !$disabled{'ml-dsa'} -}] diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index b75d73b0fdf..3458fd324a9 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -44,6 +44,7 @@ #include "internal/nelem.h" #include "prov/ml_dsa_codecs.h" #include "prov/ml_kem_codecs.h" +#include "prov/lms_codecs.h" #include "providers/implementations/encode_decode/decode_der2key.inc" #ifndef OPENSSL_NO_SLH_DSA @@ -1001,6 +1002,25 @@ static ossl_inline void *ml_dsa_d2i_PUBKEY(const uint8_t **der, long der_len, /* ---------------------------------------------------------------------- */ +#ifndef OPENSSL_NO_LMS +#define lms_evp_type EVP_PKEY_HSS_LMS +#define lms_free (free_key_fn *)ossl_lms_key_free +#define lms_check NULL +#define lms_adjust NULL + +static ossl_inline void *lms_d2i_PUBKEY(const uint8_t **der, long der_len, + struct der2key_ctx_st *ctx) +{ + LMS_KEY *key; + + key = ossl_lms_d2i_PUBKEY(*der, der_len, ctx->provctx); + if (key != NULL) + *der += der_len; + return key; +} +#endif +/* ---------------------------------------------------------------------- */ + /* * The DO_ macros help define the selection mask and the method functions * for each kind of object we want to decode. @@ -1303,3 +1323,7 @@ MAKE_DECODER("ML-DSA-65", ml_dsa_65, ml_dsa_65, SubjectPublicKeyInfo); MAKE_DECODER("ML-DSA-87", ml_dsa_87, ml_dsa_87, PrivateKeyInfo); MAKE_DECODER("ML-DSA-87", ml_dsa_87, ml_dsa_87, SubjectPublicKeyInfo); #endif + +#ifndef OPENSSL_NO_LMS +MAKE_DECODER("LMS", lms, lms, SubjectPublicKeyInfo); +#endif diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index b4deb9b59bc..396c0179985 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -41,6 +41,7 @@ #include "prov/endecoder_local.h" #include "prov/ml_dsa_codecs.h" #include "prov/ml_kem_codecs.h" +#include "prov/lms_codecs.h" #include "providers/implementations/encode_decode/encode_key2any.inc" #include @@ -1107,6 +1108,19 @@ static int slh_dsa_pki_priv_to_der(const void *vkey, unsigned char **pder, #define slh_dsa_shake_256f_pem_type "SLH-DSA-SHAKE-256f" #endif /* OPENSSL_NO_SLH_DSA */ +#ifndef OPENSSL_NO_LMS +static int lms_spki_pub_to_der(const void *vkey, unsigned char **pder, + ossl_unused void *ctx) +{ + return ossl_lms_i2d_pubkey(vkey, pder); +} + +#define prepare_lms_params NULL +#define lms_check_key_type NULL +#define lms_evp_type EVP_PKEY_HSS_LMS +#define lms_pem_type "LMS" +#endif /* OPENSSL_NO_LMS */ + /* ---------------------------------------------------------------------- */ static OSSL_FUNC_decoder_newctx_fn key2any_newctx; @@ -1768,3 +1782,8 @@ MAKE_ENCODER(ml_dsa_87, ml_dsa, PrivateKeyInfo, pem); MAKE_ENCODER(ml_dsa_87, ml_dsa, SubjectPublicKeyInfo, der); MAKE_ENCODER(ml_dsa_87, ml_dsa, SubjectPublicKeyInfo, pem); #endif /* OPENSSL_NO_ML_DSA */ + +#ifndef OPENSSL_NO_LMS +MAKE_ENCODER(lms, lms, SubjectPublicKeyInfo, der); +MAKE_ENCODER(lms, lms, SubjectPublicKeyInfo, pem); +#endif diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index 20b26e7024f..8f6aabc4522 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -33,6 +33,7 @@ #include "prov/endecoder_local.h" #include "prov/ml_dsa_codecs.h" #include "prov/ml_kem_codecs.h" +#include "prov/lms_codecs.h" DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) @@ -621,6 +622,14 @@ static int ml_dsa_to_text(BIO *out, const void *key, int selection) return ossl_ml_dsa_key_to_text(out, (const ML_DSA_KEY *)key, selection); } #endif /* OPENSSL_NO_ML_DSA */ + +#ifndef OPENSSL_NO_LMS +static int lms_to_text(BIO *out, const void *key, int selection) +{ + return ossl_lms_key_to_text(out, (LMS_KEY *)key, selection); +} +#endif /* OPENSSL_NO_LMS */ + /* ---------------------------------------------------------------------- */ static void *key2text_newctx(void *provctx) @@ -743,3 +752,7 @@ MAKE_TEXT_ENCODER(slh_dsa_shake_192f, slh_dsa); MAKE_TEXT_ENCODER(slh_dsa_shake_256s, slh_dsa); MAKE_TEXT_ENCODER(slh_dsa_shake_256f, slh_dsa); #endif + +#ifndef OPENSSL_NO_LMS +MAKE_TEXT_ENCODER(lms, lms); +#endif diff --git a/providers/implementations/encode_decode/lms_codecs.c b/providers/implementations/encode_decode/lms_codecs.c new file mode 100644 index 00000000000..1d4a446622c --- /dev/null +++ b/providers/implementations/encode_decode/lms_codecs.c @@ -0,0 +1,191 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include +#include "internal/encoder.h" +#include "internal/nelem.h" +#include "internal/packet.h" +#include "prov/lms_codecs.h" + +/*- + * The DER ASN.1 encoding of LMS public keys prepends 20 bytes + * to the encoded public key: + * + * - 2 byte outer sequence tag and length + * - 2 byte algorithm sequence tag and length + * - 2 byte algorithm OID tag and length + * - 11 byte algorithm OID (from NIST CSOR OID arc) + * - 2 byte bit string tag and length + * - 1 bitstring lead byte + * + * A HSS key with a single tree also represents LMS public key. + * This has 4 extra bytes after the above data with the value 0x00, 0x00, 0x00, 0x01 + * + * The LMS public key consists of + * 4 byte LMS type + * 4 byte OTS type + * 16 byte Id + * n bytes of K where n = 32 or 24. + * i.e. 24 + n bytes + */ + +#define LMS_SPKI_OVERHEAD 20 +#define HSS_HEADER 4 +#define HSS_LMS_SPKI_OVERHEAD (LMS_SPKI_OVERHEAD + HSS_HEADER) +#define HSS_LMS_HEADER(n) { \ + 0x30, 0x2E + n, 0x30, 0x0d, \ + 0x06, 0x0b, \ + 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x11, \ + 0x03, 0x1D + n, \ + 0x00, \ + 0x00, 0x00, 0x00, 0x01 \ +} + +typedef struct { + const uint8_t header[HSS_LMS_SPKI_OVERHEAD]; +} LMS_SPKI_FMT; + +static const LMS_SPKI_FMT hss_lms_32_spkifmt = { + HSS_LMS_HEADER(32) +}; +static const LMS_SPKI_FMT hss_lms_24_spkifmt = { + HSS_LMS_HEADER(24) +}; + +typedef struct { + const LMS_SPKI_FMT *spkifmt; +} LMS_CODEC; + +static const LMS_CODEC codecs[2] = { + { &hss_lms_32_spkifmt }, + { &hss_lms_24_spkifmt } +}; + +static const LMS_SPKI_FMT *find_spkifmt(const uint8_t *pk, int pk_len) +{ + size_t i; + + if (pk_len <= HSS_LMS_SPKI_OVERHEAD) + return NULL; + + for (i = 0; i < OSSL_NELEM(codecs); ++i) { + if (memcmp(pk, codecs[i].spkifmt->header, HSS_LMS_SPKI_OVERHEAD) == 0) + return codecs[i].spkifmt; + } + return NULL; +} + +LMS_KEY * +ossl_lms_d2i_PUBKEY(const uint8_t *pk, int pk_len, PROV_CTX *provctx) +{ + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); + LMS_KEY *ret; + const LMS_SPKI_FMT *spkifmt; + + spkifmt = find_spkifmt(pk, pk_len); + if (spkifmt == NULL) + return NULL; + + if ((ret = ossl_lms_key_new(libctx)) == NULL) + return NULL; + + pk += sizeof(spkifmt->header); + pk_len -= sizeof(spkifmt->header); + + if (!ossl_lms_pubkey_decode(pk, (size_t)pk_len, ret)) { + ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING, + "error parsing LMS public key from input SPKI"); + ossl_lms_key_free(ret); + return NULL; + } + + return ret; +} + +int ossl_lms_i2d_pubkey(const LMS_KEY *key, unsigned char **out) +{ + if (key->pub.encoded == NULL || key->pub.encodedlen == 0) { + ERR_raise_data(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY, + "no LMS public key data available"); + return 0; + } + if (out != NULL) { + WPACKET pkt; + size_t sz = HSS_HEADER + key->pub.encodedlen; + uint8_t *buf = OPENSSL_malloc(sz); + int ret; + + if (buf == NULL) + return 0; + ret = WPACKET_init_static_len(&pkt, buf, sz, 0) + /* Output HSS format which has a 4 byte value (L = 1) */ + && WPACKET_memcpy(&pkt, hss_lms_32_spkifmt.header + sizeof(hss_lms_32_spkifmt.header) - HSS_HEADER, HSS_HEADER) + /* Output the LMS encoded public key */ + && WPACKET_memcpy(&pkt, key->pub.encoded, key->pub.encodedlen); + WPACKET_cleanup(&pkt); + if (ret == 0) { + OPENSSL_free(buf); + return 0; + } + *out = buf; + } + return (int)key->pub.encodedlen + HSS_HEADER; +} + +static const char *get_digest(const char *name) +{ + if (strcmp(name, "SHAKE-256") == 0) + return "SHAKE"; + return strcmp(name, "SHA256-192") == 0 ? "SHA256" : name; +} + +int ossl_lms_key_to_text(BIO *out, const LMS_KEY *key, int selection) +{ + const LMS_PARAMS *lms_params = key->lms_params; + const LM_OTS_PARAMS *ots_params = key->ots_params; + + if (out == NULL || key == NULL) { + ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if (key->pub.encoded == NULL || key->pub.encodedlen == 0) { + /* Regardless of the |selection|, there must be a public key */ + ERR_raise_data(ERR_LIB_PROV, PROV_R_MISSING_KEY, + "no LMS key material available"); + return 0; + } + if (BIO_printf(out, "lms-type: %s-N%d-H%d (0x%x)\n", + get_digest(lms_params->digestname), + (int)lms_params->n, (int)lms_params->h, (int)lms_params->lms_type) + <= 0) + return 0; + if (BIO_printf(out, "lm-ots-type: %s-N%d-W%d (0x%x)\n", + get_digest(ots_params->digestname), + (int)ots_params->n, (int)ots_params->w, (int)ots_params->lm_ots_type) + <= 0) + return 0; + if (!ossl_bio_print_labeled_buf(out, "Id:", key->Id, 16)) + return 0; + if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { + /* Private keys are not supported */ + } else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { + if (BIO_printf(out, "LMS Public-Key:\n") <= 0) + return 0; + } + if (!ossl_bio_print_labeled_buf(out, "pub:", key->pub.encoded, key->pub.encodedlen)) + return 0; + if (!ossl_bio_print_labeled_buf(out, "K:", key->pub.K, lms_params->n)) + return 0; + return 1; +} diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h index 86f876a0db7..7ac15cf0d0a 100644 --- a/providers/implementations/include/prov/implementations.h +++ b/providers/implementations/include/prov/implementations.h @@ -748,6 +748,10 @@ extern const OSSL_DISPATCH ossl_slh_dsa_shake_192f_to_text_encoder_functions[]; extern const OSSL_DISPATCH ossl_slh_dsa_shake_256s_to_text_encoder_functions[]; extern const OSSL_DISPATCH ossl_slh_dsa_shake_256f_to_text_encoder_functions[]; +extern const OSSL_DISPATCH ossl_lms_to_SubjectPublicKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_lms_to_SubjectPublicKeyInfo_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_lms_to_text_encoder_functions[]; + /* Decoders */ extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_dh_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_dh_decoder_functions[]; @@ -864,6 +868,7 @@ extern const OSSL_DISPATCH ossl_file_store_functions[]; extern const OSSL_DISPATCH ossl_winstore_store_functions[]; extern const OSSL_DISPATCH ossl_xdr_to_lms_decoder_functions[]; +extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_lms_decoder_functions[]; extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_ml_dsa_44_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_ml_dsa_44_decoder_functions[]; diff --git a/providers/implementations/include/prov/lms_codecs.h b/providers/implementations/include/prov/lms_codecs.h new file mode 100644 index 00000000000..d8dc96045ee --- /dev/null +++ b/providers/implementations/include/prov/lms_codecs.h @@ -0,0 +1,25 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef PROV_LMS_CODECS_H +#define PROV_LMS_CODECS_H +#pragma once + +#ifndef OPENSSL_NO_LMS +#include +#include "crypto/lms.h" +#include "prov/provider_ctx.h" + +__owur LMS_KEY * +ossl_lms_d2i_PUBKEY(const uint8_t *pubenc, int publen, PROV_CTX *provctx); +__owur int ossl_lms_i2d_pubkey(const LMS_KEY *key, unsigned char **out); +__owur int ossl_lms_key_to_text(BIO *out, const LMS_KEY *key, int selection); + +#endif /* OPENSSL_NO_LMS */ +#endif /* PROV_LMS_CODECS_H */ diff --git a/providers/implementations/include/prov/names.h b/providers/implementations/include/prov/names.h index 8bfed63ff5a..a7006be4be8 100644 --- a/providers/implementations/include/prov/names.h +++ b/providers/implementations/include/prov/names.h @@ -416,7 +416,7 @@ #define PROV_DESCS_SM2 "OpenSSL SM2 implementation" #define PROV_NAMES_curveSM2 "curveSM2" #define PROV_DESCS_curveSM2 "OpenSSL curveSM2 implementation" -#define PROV_NAMES_LMS "LMS" +#define PROV_NAMES_LMS "LMS:id-alg-hss-lms-hashsig:1.2.840.113549.1.9.16.3.17" #define PROV_DESCS_LMS "OpenSSL LMS implementation" #define PROV_NAMES_ML_DSA_44 "ML-DSA-44:MLDSA44:2.16.840.1.101.3.4.3.17:id-ml-dsa-44" #define PROV_DESCS_ML_DSA_44 "OpenSSL ML-DSA-44 implementation" diff --git a/providers/implementations/keymgmt/lms_kmgmt.c b/providers/implementations/keymgmt/lms_kmgmt.c index 8d7cfcc6f4f..af1075b414b 100644 --- a/providers/implementations/keymgmt/lms_kmgmt.c +++ b/providers/implementations/keymgmt/lms_kmgmt.c @@ -28,6 +28,8 @@ static OSSL_FUNC_keymgmt_export_fn lms_export; static OSSL_FUNC_keymgmt_import_types_fn lms_imexport_types; static OSSL_FUNC_keymgmt_export_types_fn lms_imexport_types; static OSSL_FUNC_keymgmt_load_fn lms_load; +static OSSL_FUNC_keymgmt_gettable_params_fn lms_gettable_params; +static OSSL_FUNC_keymgmt_get_params_fn lms_get_params; #define LMS_POSSIBLE_SELECTIONS (OSSL_KEYMGMT_SELECT_PUBLIC_KEY) @@ -49,7 +51,7 @@ static int lms_has(const void *keydata, int selection) if (!ossl_prov_is_running() || key == NULL) return 0; - if ((selection & LMS_POSSIBLE_SELECTIONS) == 0) + if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0) return 1; /* the selection is not missing */ return ossl_lms_key_has(key, selection); @@ -150,6 +152,50 @@ static void *lms_load(const void *reference, size_t reference_sz) return NULL; } +static const OSSL_PARAM *lms_gettable_params(void *provctx) +{ + return lms_get_params_list; +} + +static int lms_get_params(void *keydata, OSSL_PARAM params[]) +{ + LMS_KEY *key = keydata; + const uint8_t *d; + size_t len; + struct lms_get_params_st p; + + if (key == NULL || !lms_get_params_decoder(params, &p)) + return 0; + + if (p.bits != NULL + && !OSSL_PARAM_set_size_t(p.bits, 8 * ossl_lms_key_get_pub_len(key))) + return 0; + + if (p.secbits != NULL + && !OSSL_PARAM_set_size_t(p.secbits, ossl_lms_key_get_collision_strength_bits(key))) + return 0; + + if (p.maxsize != NULL + && !OSSL_PARAM_set_size_t(p.maxsize, ossl_lms_key_get_sig_len(key))) + return 0; + + if (p.pubkey != NULL) { + d = ossl_lms_key_get_pub(key); + if (d != NULL) { + len = ossl_lms_key_get_pub_len(key); + if (!OSSL_PARAM_set_octet_string(p.pubkey, d, len)) + return 0; + } + } + /* + * This allows apps to use an empty digest, so that the old API + * for digest signing can be used. + */ + if (p.dgstp != NULL && !OSSL_PARAM_set_utf8_string(p.dgstp, "")) + return 0; + return 1; +} + const OSSL_DISPATCH ossl_lms_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))lms_new_key }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))lms_free_key }, @@ -161,5 +207,7 @@ const OSSL_DISPATCH ossl_lms_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))lms_export }, { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))lms_imexport_types }, { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))lms_load }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))lms_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))lms_gettable_params }, OSSL_DISPATCH_END }; diff --git a/providers/implementations/keymgmt/lms_kmgmt.inc.in b/providers/implementations/keymgmt/lms_kmgmt.inc.in index 59e1ed9f53c..1e34a1eabfc 100644 --- a/providers/implementations/keymgmt/lms_kmgmt.inc.in +++ b/providers/implementations/keymgmt/lms_kmgmt.inc.in @@ -14,3 +14,11 @@ use OpenSSL::paramnames qw(produce_param_decoder); {- produce_param_decoder('lms_import', (['OSSL_PKEY_PARAM_PUB_KEY', 'pub', 'octet_string'], )); -} + +{- produce_param_decoder('lms_get_params', + (['OSSL_PKEY_PARAM_BITS', 'bits', 'int'], + ['OSSL_PKEY_PARAM_SECURITY_BITS', 'secbits', 'int'], + ['OSSL_PKEY_PARAM_MAX_SIZE', 'maxsize', 'int'], + ['OSSL_PKEY_PARAM_MANDATORY_DIGEST', 'dgstp', 'utf8_string'], + ['OSSL_PKEY_PARAM_PUB_KEY', 'pubkey', 'octet_string'], + )); -} diff --git a/providers/implementations/signature/lms_signature.c b/providers/implementations/signature/lms_signature.c index 65ebe68c00e..b88b9a3a961 100644 --- a/providers/implementations/signature/lms_signature.c +++ b/providers/implementations/signature/lms_signature.c @@ -24,6 +24,8 @@ static OSSL_FUNC_signature_newctx_fn lms_newctx; static OSSL_FUNC_signature_freectx_fn lms_freectx; static OSSL_FUNC_signature_verify_message_init_fn lms_verify_msg_init; static OSSL_FUNC_signature_verify_fn lms_verify; +static OSSL_FUNC_signature_digest_verify_init_fn lms_digest_verify_init; +static OSSL_FUNC_signature_digest_verify_fn lms_digest_verify; typedef struct { OSSL_LIB_CTX *libctx; @@ -130,11 +132,37 @@ static int lms_verify(void *vctx, const unsigned char *sigbuf, size_t sigbuf_len return ret; } +static int lms_digest_verify_init(void *vctx, const char *mdname, void *vkey, + const OSSL_PARAM params[]) +{ + PROV_LMS_CTX *ctx = (PROV_LMS_CTX *)vctx; + + if (mdname != NULL && mdname[0] != '\0') { + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, + "Explicit digest not supported for LMS operations"); + return 0; + } + if (vkey == NULL && ctx->key != NULL) + return 1; /* lms_set_ctx_params(ctx, params); */ + + return lms_verify_msg_init(vctx, vkey, params); +} + +static int lms_digest_verify(void *vctx, const uint8_t *sig, size_t siglen, + const uint8_t *tbs, size_t tbslen) +{ + return lms_verify(vctx, sig, siglen, tbs, tbslen); +} + const OSSL_DISPATCH ossl_lms_signature_functions[] = { { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))lms_newctx }, { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))lms_freectx }, { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_INIT, (void (*)(void))lms_verify_msg_init }, { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))lms_verify }, + { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, + (void (*)(void))lms_digest_verify_init }, + { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY, + (void (*)(void))lms_digest_verify }, OSSL_DISPATCH_END }; diff --git a/test/lms_test.c b/test/lms_test.c index 579da372768..82af0a2f060 100644 --- a/test/lms_test.c +++ b/test/lms_test.c @@ -281,15 +281,20 @@ static int lms_digest_verify_fail_test(void) LMS_ACVP_TEST_DATA *td = &lms_testdata[0]; EVP_PKEY *pub = NULL; EVP_MD_CTX *vctx = NULL; + int expected = 1; if (!TEST_ptr(pub = lms_pubkey_from_data(td->pub, td->publen))) return 0; if (!TEST_ptr(vctx = EVP_MD_CTX_new())) goto err; - /* Only one shot mode is supported, streaming fails to initialise */ + /* Prior to 4.0 EVP_DigestVerifyInit_ex is not supported */ + if (OSSL_PROVIDER_available(libctx, "fips") + && fips_provider_version_match(libctx, "<4.0.0")) + expected = 0; + if (!TEST_int_eq(EVP_DigestVerifyInit_ex(vctx, NULL, NULL, libctx, NULL, pub, NULL), - 0)) + expected)) goto err; ret = 1; err: diff --git a/test/recipes/15-test_lms_codecs.t b/test/recipes/15-test_lms_codecs.t new file mode 100644 index 00000000000..7f2d046dc51 --- /dev/null +++ b/test/recipes/15-test_lms_codecs.t @@ -0,0 +1,62 @@ +#! /usr/bin/env perl +# Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +use File::Spec; +use File::Copy; +use File::Compare qw/compare_text compare/; +use IO::File; +use OpenSSL::Glob; +use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; + +setup("test_lms_codecs"); + +# The test vectors were generated using modified Bouncy Castle tests +# from core/src/test/java/org/bouncycastle/pqc/crypto/test/LMSTest.java +my @algs = qw(sha256_n24_w1 shake_n24_w1 shake_n24_w2 shake_n24_w4 shake_n24_w8 shake_n32_w1 shake_n32_w8); + +plan skip_all => "LMS isn't supported in this build" + if disabled("lms"); + +plan tests => @algs * 7; + +foreach my $alg (@algs) { + my $pubpem =data_file(sprintf("%s_pub.pem", $alg)); + my $pubder = data_file(sprintf("%s_pub.der", $alg)); + my $pubtxt = data_file(sprintf("%s_pub.txt", $alg)); + my $msg = data_file(sprintf("%s_msg.bin", $alg)); + my $sig = data_file(sprintf("%s_sig.bin", $alg)); + my $outpubder = sprintf("%s_pubout.der", $alg); + my $outpubpem = sprintf("%s_pubout.pem", $alg); + my $outpubtxt = sprintf("%s_pubout.txt", $alg); + + # Load Public PEM and generate Public DER + ok(run(app([qw(openssl pkey -pubin -outform DER -in), + $pubpem, '-out', $outpubder]))); + ok(!compare($pubder, $outpubder), + sprintf("pubkey DER match: %s", $alg)); + + # Load Public DER and generate Public PEM + ok(run(app([qw(openssl pkey -pubin -inform DER -outform PEM -in), + $pubder, '-out', $outpubpem]))); + ok(!compare($pubpem, $outpubpem), + sprintf("pubkey PEM match: %s", $alg)); + + # Check text encoding + ok(run(app([qw(openssl pkey -pubin -noout -text -in), + $pubpem, '-out', $outpubtxt]))); + ok(!compare_text($pubtxt, $outpubtxt), + sprintf("pubkey TEXT match: %s", $alg)); + + # Perform verify + ok(run(app([qw(openssl pkeyutl -verify -rawin -pubin -inkey), + $pubpem, '-in', $msg, '-sigfile', $sig]))); +} diff --git a/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_msg.bin b/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_msg.bin new file mode 100644 index 0000000000000000000000000000000000000000..aa52d7284fb8181c622511cfeb8cc79067b6cdbb GIT binary patch literal 128 zc-jGg0Du1*%tf1G&87rc2`ayvp%C8OIJV7!pW2G+dcTud8TJp?J#Rq>&4wgBF?a&* zMma8j#S8P-s11q@PH5=y<2KL?83okOkfi7%pl_~*`Q0KJ!$gt* literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.der b/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..aa33e955609e1d0b6c70307fa098b9b86b0c8cb7 GIT binary patch literal 72 zc-k{?GvH<8)@t);`_9YADZnhqY{~!xj6lo<#H_pLNXMTSYC9rdd-mn;;H8$wA3uHf Z_1BJyy=DjeR)^gCenz#&Xob^}zW~%V90C9U literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.pem b/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.pem new file mode 100644 index 00000000000..9525959d86f --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MEYwDQYLKoZIhvcNAQkQAxEDNQAAAAABAAAACgAAAAW7nBtfzxKGxB99zen7U6U5 +x+Pl7vX6uHi9NsBOq1Te98wljDKoQsT9 +-----END PUBLIC KEY----- diff --git a/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.txt b/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.txt new file mode 100644 index 00000000000..57dc5966902 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_pub.txt @@ -0,0 +1,12 @@ +lms-type: SHA256-N24-H5 (0xa) +lm-ots-type: SHA256-N24-W1 (0x5) +Id: + bb:9c:1b:5f:cf:12:86:c4:1f:7d:cd:e9:fb:53:a5:39 +LMS Public-Key: +pub: + 00:00:00:0a:00:00:00:05:bb:9c:1b:5f:cf:12:86:c4: + 1f:7d:cd:e9:fb:53:a5:39:c7:e3:e5:ee:f5:fa:b8:78: + bd:36:c0:4e:ab:54:de:f7:cc:25:8c:32:a8:42:c4:fd +K: + c7:e3:e5:ee:f5:fa:b8:78:bd:36:c0:4e:ab:54:de:f7: + cc:25:8c:32:a8:42:c4:fd diff --git a/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_sig.bin b/test/recipes/15-test_lms_codecs_data/sha256_n24_w1_sig.bin new file mode 100644 index 0000000000000000000000000000000000000000..573353d7f59f69b6f778ee3eec4aeb483a6e1766 GIT binary patch literal 4956 zc-jG66Qk?^00031000Fp-W(KUiYow~A+8(2fxXI9fr%7HTeXis#pVL;w7YII?Kj+PQ$`j6aQW1r=;VH-qQlT7rPV%)d)R##C;dVf0mpSRIK!^KS@Eu^fgeR)MJVT3%L(ida!KkbTRaX zB_ClmY>t2P7~3Exs3q!&xKw+yM)9ZM0Wovlg*AF&GKU>H?QT#zOt>d6e+!@l&7P5p zW($6S6#DbbeV4=FM8?waL|3z9`JU>yPG!lJ7o zx&sn&F1bxsQ8Rv!Ro)*Pj;YJZlj6M~B2oGAw_sH8w3X~^GICpHK9$HVPy@=NPPUqT zDoFu$X+;@azx(GalnW|rp)XdvN~SGYVcofVR!ewQ?<>t{Z8ZGw$lf~+#?8~D`yuR8 zs&E#*^*@g}6}XuJDdP5iQU2qQn}CCnP$Fhe8ER%KyYt^9#ylW=^)pza&0K!#DSL4s zkAbE^F>fUlMZgu_Haahg#i~nN>`=zBc7|yFD+`5)Aku%CbS%GCb^pf9o-?GQd0mXJ z_%|l=9C!}7mmYQGY*qgK2pm85cu#!{m1gAalJBxUOIigK++7g_=!9G!SkSPdqV}Ey z=3yDSmh^z(7%_Dk=l)}9GYWbA^#E$hM;A$K0x(teHeizNm^JqGd$eE{RJ`=B*vg{? ztIqBW(Nr{V6mJ-TcgrgvJt7Pw&s`pOktz=X*!Y75S{TD3DlGKlPwVq$4HCI_b=jo0 zI4p%{P5vup3Yo%8A}6{Fmd*O^ypH+@802%LyuEPjzJw2|-c_-JnXjo4kHUXQD``P~ z`mNA$4ExVKp)WuW+oR~cH-D`2ivgveafiB-%2KNfN%at-l{^;6h@tU}5}AnIZ$>xU ze5GNjpfV}CEK3f-JtdGN8~w(Ok5D)Wnl)J`nXa>andllfPRE95`?2GNMrRrUdh;+M z^)bU3Tj2>USmznTL3vcxymVad{Mz4O9{A6G%|0|DbbBHU@MJ!4h#*0hK z;KOhyXr!RBpE9AwYf>W}wo`!%6bNMHYC?e_Z^%f095jPnXlcCf)K zanSRlyQ}!4E#{^VS>liCw4=Cm*SAIql7kL7OJ{Qv!|}R&%}onJ?S7}7P#2FW%|kCjJP;QJ;*nEZ0^A$PX+k!% z#whL$MY|8+ZcarFW7JpI91Hv}#|mcJ0^CD-b!95pgE|c@GLKw|lkW%WWa6QF^6_~f zc*55M9KILjH3_-Qp2SSsYylx0$#4Pe{=!Yi928)YSf`ulyWbt)ul{qx4fge=IWE=@ z0s}mJpgrO;)Ue0(845?xe)<~i)ve*Mu!g^nR12FfDdXmF)Kh>{g9v1<1A#mb(Y9yI zkwI!?A`V-NTth`pdhPup=81<{k0I3hvPn~;A!-u+RrfJy?wH``IT~rD`eYbV3k-O; z7XE~56?8a;#jv%4v_B?6M+6EzCPuJmZBl@#@(sD>w7D3}+jan8^FMA+nm>@O+?=dE zop<2St4E*b5Wd%)6$&W}1ACwc6_Tiy=?Q>DOlGjH>4hd&6apsn#p!t&%#~rPa_#D> zs$mOiga=wpqANq&&K|(%ud^4xjD{>ji^*yYPwS_Otk+2gL zrXe19n%~87Y>iI4*;_f6UdOnN(t;40#~ns?^6DR#L*^OPi_F{jH@de>O2|gkzif)P zaZ$7{y1R&a`>20(?!L~rZ0=5kcYS*cIhd&wGl3aSL#B^QEn^q zMr0@K4|Q^POA)GPhjm|Cs>uGSPvKTm(^}&U$q320o8B9wCFQ-wZgh z+X;gp_PeQIxC&_{#=Yhqt(Ly1NB4FnYM$aIg^mKPcwNNtE>efHiN3CjOn0|*fYGJ% zSHEJaLGK3rg_{?R7thAt;TQbKWM3?`)@G%NR|Z4W!L`&)@l`HA^Z~MMaK^%HKnWDv z#xYko3xW~0?wWBs1^V}^aM5ln`|iqhyePVU=q*cRZH7Iiw|~z&rxFn(CVK!eWOpRw zrMX!>k}Xw`nH|Xr8R|`*T2_0r-Z@$C8>D~2nwm2nG^4}Ry`htDn8B<&0Bg}wi|h(u z%10{RX43nwcPIV#E8^AZF(5FE7TRu5ghHaW!YuxJL#2xI`qf{($iK`c%I{3G-(tL) zVDZ?Q5%KXt~t9(>$( zc{B>ik#KCgtmfDgd>H6FDs;MAfY;Si17g6xE8F%fZ^sl$)KK;JsLV|rlZdRu1Cx%?I0Y{oT|}LN%NPHQVwD@xbs9WVNNK3-%H2( ziARp1lMmdSu5d!*zur^}v&ZMMW4BoePNglQaSx}34+9@Z-%a?kMr~k#Nzp>g)RN}T z+Q7TvTD>3$E%8o#y61a<>>O}+?kn>W6sqVm&(o45ZPDv{^TLHZ!f_;Hru5>Om+&z=b_bLwaqv;`K|W)xHjsMsszs z&@@Tl{)SzF=#bJkbWEz8nT0L0=|NNRJQN)Cya8qEKfIZ@#6_RSr@+74aEroUi$ zifNeYS9uKquVXPR32jk9<>;p@wlCJ?QQ%bdkFh(5NcwDD0u5g^)X}LRB!B~?ctL!R zD5^x~!zUDbq3iLc0BD&L0FM!jy;T>~(($J2BaNJGpPnb|pj9D~y2FXbo8>6bH)+@- zEK`#(ne}lVFW1{pVL}1u@Mbo=D=R!|_xf`cWmk?@?M@p1rL!wZEm7M z+5+<}BAvkvc?OnZH*fEEBU%1BwK&j~;`+3T=b%XStffEixi)^zy0IrX{iVsr3d|QW zi_z*V&Jl(29AgOW<{PE3kQ*v^)p2+;I$)LKqWi9#{!2@!18p8v8X>8_(I#4Nk4nuz z{PQgu=e8!*Q^gWOqar%+7UUgO*VZ!S+vCblz}-t=kB?I=U=fs5aYz)H(6CI|_X(T7 zb9sdr)~$|BGHqQG2CdXp12}U1$@H{Y*F*smWlq%OuhGgWD$K`r%b5F|Cui?bA{wzs z$=CPR*h!wIhC8RO)H+WJp54|-4#p3n_-Z@!goJtL3cZdk%?oxmVyAV*wV|sfzN>C4 zo`QaM(l;=Z&9o@K@|le)`{749DkE~e*pgyrs)x$EQNS_PJ=?;$4$j>3Y{sJ&eRsh# z1m-YwWbaaYc{_>HeQt5p*1U!CaQlswMpGIwP5bQ}w)Y1>zDvox*}UMv(HY1km{{^t zFK13~UJ+54o8}wp>daTuV;8Ndr<_H!7gjjcdPT}p%12U|wPC|+wXjCht7PmBh1TwiRK!Y3xU3qQwf3@t3#fCsO=-2dE#O7 z_qckW4yU^fs4Mdn#MI4IIdkVh5I3t(?Xxh!GRwA|T9|{{{|Fgj*TK}A9{e+yDUz0Y z{gAziWylsNAJ!*%<+;cwmeeI4wFB(*vXT~$awc|F;AujI;*YS_C@PJ<>wtYFDNw70 z+?w5C%`DWM%EHG@7z4GP&XKCdXXqW0O_q8`d2Lh6^lBL_T8@!On`iTWMO6L3Q+tym z+$`Tt^C^6&qW9dN%4OMs$MKE;&Yd;Ej{A#nL`=p3J`W=Ek-#7!gQDI7rJXfw9P;H| zW$w}Y=EoWKYLc?#C9@zveI{tl?@aFNc6mZdToeSzftd0maJn-I3({X!k8ioGI+Hq2 z_KL~8%cbsn2r<=UixO+884D;+CNL6;rb0*91>N`Pg2Jy8Lgbhv#{e}|4j{Kx>;6^% zxcd}xFlb1q)Y0R&nv@#g$mvp_Hx{^6XMB{M;}nSq(O%)&X}+sKlqa=E9-_UI2&5)W zB+{k|t);+`4fqBM&g2T!sqrygi8V;-;bT*u{XBW`ev7{|qY#{Ryc zj7V)_T`Nk~oKd8C@+`lVK=b>Yv&-s-0=#HN>FdDrTw@D|{r?tePcRway&KtxW?=o1 ztq)1UT#d~@nYGyDvP;nduYG04^&Z@fCN1+~m=WsVwCZ2-eC5h}ZNS~FBJbV}r!X zTT-YJ`B7gv<=d!I)cGYZNpKV-8W<;im^fq{eLOgEhpXC}yki?NOO*3sIeY!?0x&49 zgTslkU~LezS|`f^A`ow+_LqzIQ4mbXdn{4S?}`^qcli@eW(JRL^aj~xB|`Z9cWy|N zb?Vs-s&31gWIVTNpso|6j3D3VunS31_2~Hhz0Eq>+SYMOcz$sweWkw<=;RIyt@$RP zJRx?K8=&W$<-KiCSONR|W;cDO91|6rT4hJL#k=5rsjcHr#`8W!M9aSA(g z+1aU-sic7g=O7mL91YE*q`%jzj!j8LAV9??2rXm8eJXp4YXqhT6hC@TX>i_LUto#3I8!j1cN1DFsf)5{+I&Y*J?P_{qDga~4}e~5877V?0{ia*5KrL? zFeW7(6ZC1(R7!Lx;z$!d8whbQbz%*;9hfIT-FQkwpVie_jL~0POA7Zrk%Acx?NcW^ zN~=BxMPIdd&Rx1E_Bu43hGt!?g3~mSC*pWi!6nBR&)qX7*(_qiVslTh5PGrP+?D`R z;rw}Ta;shQYYO@pWhpG((m56%av}6HdDP2g4Lq|6 zTvU2NaloA)@me3ge3YDzfnInK~^j^qf;3X1+|#hO&(0+WFJx69>wNu2%L7ld^{Af`(VS zVrBZo=(d9<=Vw{eDp< zZ_!Iuwr%ebg2VgopxrI6atZwC3S20+s6xyQH)b}mWe1&Tr9Lx&?yB*YB(pT9>0iSa zpb|W150~2c^NZ_%B@OU9#A5Sw3Wi1m!qS^`lvt`$iDFhoux*gM_Y;z5CLVH>Qh%v! z{-6Ph?+yhsVfNs>YT2G8#ZEU`(<W?RNnv%<{=ãj=؛çäŸWi \ No newline at end of file diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w1_pub.der b/test/recipes/15-test_lms_codecs_data/shake_n24_w1_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..db738593cc9dd7d127e08a73de342afa64217bb1 GIT binary patch literal 72 zc-k{?GvH<8)@t);`_9YADZnhqY{~!xj6f^_#JmqX4(6*lEKXFaNeZLH@Bgo?2&mB5F_}!tPw5iI}~k138|KJ)5G`GE1&&Yq*?cP^x)&Gk+r^3iS5*S zeD0v9vuN{Ud#y8c8ngXi;e+&w&RU(VwH>udcktFuc1 zCO$ltIA^=txN>W91hL1BIzczf>RFArCwlNcuk3vjLa21)F%&S@maKl=;Kr8qL$yT+m1fK>(aw>*SoLXC2Q4M6Pe|6Ws2R z9BoowEcVaPs%-KHR5Fj(U*d76pAeas6=6Sn`aTD~csyaYUE)&JYnVk-WE?X6S7ak@+f_C0geF%jG{Ln5W=x0T(oVj`l*O}Vd0O{U-lD9KD^{7fe z=lL}-e!BMOC><_m_=Yx#a@g+TyitZwz-9(C;2lH{-V3VIGV+;vuZVU>rB|iq*%gED zn+6{?053LjPT+|-6pS;)--G#=EI&~lQYS#rC?{gv2-5bc%spJ|j;W&GkDM)yXIX~i zId9Z&X)B}NhDmA0HI}{*RRH|Le!*QcHd^1My2|}*`N)pVRg`_QGuKLdrxE0zuNb`0yW@gFSoZBlhF$V=C34|6 z$a5ezZzUQN$T0#zvKCf*9fj2TcA1*?Ou7>r?zK-{)okYSM|$UKAD30Nf7YXR^W(bN zW%zf-R;0au2OsEX^}*b##-Gh995yR_xiCsGT!0ULUjZ&djN;pkY?c$^(LB#Ba6V;} zk)Vqqsl;;hSuvpV@?<<-ezdsom^#!;x?633rl3C5(5^`@bdxEohKMEtSfXH*U=-_^ zK1#+Vh;Viny2p+lht0VlOdf{2XBEFF^CR983vXylf`0$I&U($sdc12{yoakwk0Z`n zx}mp&wLa*ox>myN;ag-nR)-U)ldCQ=>!p6j@u|dkxgN(NP z&_+aoKezo7=h^AE8QU}3oz6;;c*>|pC@8ybV%avOlhs@ZWNl@v~mkdCL+?7=VE@#Dj;= zdHQ2Oivwrh@KP%l9VLj{T<&InLs1Fa@l2`xNAZQCC)ay{+b@QYq zI*PrB<*hnm-+Ih$EdI5Fq}pGRo9O)5T^7@4k$6i`?$Ypb;ykt|L9Z5owk!C6!H*I# z-I1kTddp$`YBV&DLlHSkIl^uk6;8lU0j46xY{e)Bo9bR&fOA6pvmPzvbk+_L>hQVZ zPmc!Qa@=U{{H_=Jnl}Xgs2OH;;^6-%eX-yrhkFPBTY3u~mcQLp#rX_a1LNgV6%s_i zJkI^ZHi>i&B$yEiiH}^~Ocvy_od-*EtiQyvi1$%1Re-Qct^U3UDd_B4}8KM@2#k=GNqe&3aTh3XdHdh3gE{h!;o%LatthC$ExvSs5AdXrg015 zA_0?;;@fOG^_W{PkXQ(ythegL^u^R-(&l{yma$w|&LSuneYT7S;>B+wD9wwTo%c+A zPuhE#NuEhbU(M2W#MPvXN~)zyO=^*$+CX3#Gx>Uaggf=0Uw1!cV`6ZhR!9|5ZHkwx z7rK(C$S?|5Esu(EMn1$w`v9oeMVbQymD0!fKeUY2Wz2O07`$&EdC91?^%b!9#`)fo zXe8#_zLxQIw*LcZ-4E68$r>eUh}F~RB?exv`k3ueM+@ZJ{j2}_b5Y3Gd6PUgFZ3Qf z^M|kWC_%Cau~#ba6`+bedgh%+W?-vsNhE!-rTn?zp9ln_*Dn!x^h3I2_;yRguSZ7s z6@hjm*&6deG6S!PrKt7~fMcpi7ZUEn>Eyi-C30Q{f^x)kD!6pjt0Xj}lu-G+OQnI; zg8lz^TIA+q@1x1wN~S;ZEV*cP#6QX5n=|aH8m6|ZXAa%CL)X$6_oJe35Mhe+J|t{5 zNdreS_3nn-i?Z5V-wR>3zSOAqbfAA?1$S79l{dW9W>zB{FGmWUI3r@rxb1X&CGkf* zbf#gWMj#|f^|fBMT4?;fB@Y;T`YTzQ=VyJ`@_qL9?TRJ@w*Cn2=?cWqhZd zK1Du-`e^1Kagpk3dWM1aoeTxb~y~DtU#z$2JVTBo;wqA;MV9yl~HB?B{lDpK1_P zSdH1-bj7azC?V;6a`fUd<6F3?+`RUamuxfz*uRzD7OQ}J3b#s}+jd`755K?R{H)2{ zuo`DO-qWO1k+kI{*8c-;AGot99|rvn*^?^p3v*Lg3xLnZ1l%Mlo4GbHF4NwCMR(!^ z=>F$9GQyD=JLLkBwJ8?2wt|$g%(H9+u6ye#LpsD*^(NW6^8~RrXfCz3i4S(tX`!4= zZA$=i-jG%Fk339Z$$UbC-o8QZzjx2p3iS`9eKan}^(iH7#%nm!&^dL$u%{vT&=aC^ z5?0ZEr6l2Z39*Q|MLLeJx}H1TZRjYwrk|Un+;=<|747+}k$kc*>>-~ufos|FP-ueW z|7iMPi2td2!~*}obw?;XLzlsJ&fju$P-JmDq4Vb%HqqcZd;A|>FDdZ_Gk&bAE)#pG zWP(wB1mjp-mKxCVG@eAhxt#bYAJ)573KPv~97mxW53iZwhl5+j1Gaz2%pHf#O|cq6 zNTYKK(cM4z0lcyi^n~6)vE2v(Y0LsI=eLuuOmmeeV6cX5q#7D_vAt}5!07zo5h(&; zl=n=k?lvJ;jz!KoF^>q%Dzl{$X>fRTpwd10S%v{b<~4X$jg<0&8G-K0)YJ|(1^H;S zk<}umrR6DU*We(?*APGFumQWLR#>Agu}7~RJ*`lR8gkiTaPE#o({Yhr6sgpq^D_Y`G$mN@A&Y!#VF3JN2Dnffz9= zdyf`w`7C3Q6G~TOsqbPVJNm8jUKSja7CZ}O`LLf>_W8r6Q0v;bjpeo7=5t_Oaiz@A z+;IGN<#ph>BSFn8t}y8>l!*L~4ZE<~n* z6X;Pfdq z&;fzliu-&9ZVPjoAg=c%foCZ3MEXkLL3xl|y=!SiJ>+c-EBjSug~1!a(M@QX=dzC)t-Zh{jFjtO$P^Ff_!O#9|1 zs#JYUff0CPju1?GPZw8uYq0HmM9y)My}hdx`i9%jf+LN(iKE}c3G}A_V2J(oTcq+$ ze|WXZrX|Ae3xWYi{qCJ2N@`?-l_G($qI-IK4Sez1&z`0S!(UHMUGXe6F}qLC1J<7R z@?;gouYFC5J6&2>=7u53cZs`^d>#nh%;4OvC(X%+$8Tz4l@73J||o>@PHKl={?7b5om6JR?PJwi4|YLXX( z*pK@@CPQuzzC;`O`eZ{OJZCj&1JDwI1rudzK zbIsm^^0E?D;-{wA*IQ{+8mn|n!qw+(lzqN~6&NN(U(6U@R#>TwX3yQUMw3fZXd9&* z3rrocok|&CEww&b9axcv2X1FikzQy8fa>6P)3VQBlS5@n0_quOAQoi6;J_)0HY6Er zfl=jfX(sOcdEbKi^rU`gM4t?v%aMj}EdL9rLN|x%q!p&0Dl6K`XTJqzZ3v#*$z#kq(`WWXMP?C@R1HfmtlkJl0%RnjRzOjF>z|Dw$B>Q)0iQs;_wH zY{GGI&Jx{z0e~5$W#rE;(b25u8pk{bd)iWlODs}|V;`Snm)oM2#}FYuiOrw!k9rTav!*GGWDGs$=o zedb2s2Lkf;#|Rd|(t)e2v7d>EI6bRi zb!i4Ov0cw@OXiU;W8>~vs9?h3IT?`w7hcYVFFMt^A6BFn%mlOY4ju9O|4gjdfm5le zs7|1C6|;g*$i>>(9V(qSJ*-U2 zd^LwKfF2Q86E3BPZ3LS!g)(d3-Fa%dlMiHZZ6Pplpg_V%tCG1b>DlR|UJWzhWfqJLzcjvQUooFR8_{|n#VRJgc)?#_^6bDkk>DC>q1 zFE1welD}kGo}Y_wkNI_+i&1X+Qqu;>li3I2Fv_JiQUInW`32?yuRc{^Qwd55{Q=0JxLI%(U)nU3^Bb2*&!xRA0daC90!)7*q@e2QSB= zd30vgvyXC--68!r5&0}t4x{xtl&tbPi*-XJOfY5A7IP{NY8D5C-Ik-*P0dSoFYs%{ z;?jvDW;9ikxcu1N=k%|~F|Ud{cg|kvi@dl19sH=Z%qS}k%K74GBbUtRZkT1-HdaaNa?*IE3f!PEH2@pp&U4Zj8VCp3a8IX%Bos*BfVs{}7uDKksH|wt9SEH2%UjA6f6@BNPUu%3*~a&yxOj087X? z5<+v*Q_RZaz<0wSM3Axq0L&;mR3*s4I59gzF=LFxjx!7eEGYsMdOw2Br^hrzRU=OH zhmow$P?lS6&*Dn{2LJ@|ss32|=8^o3*c$tay@@9-13p;|(M%gzyEwno=Gp4qB?^>J zk1c4dNbe3==K5B|Pl)y44d|@10P7XrD?Z-5-E$n1O=P6AA@d?z>wplo0)4apWnN>f mwzV8PBr902>TWlYnWI*{gQAZAs*IbyI=NAuK$#;_UNrC$ew*L` literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w2_msg.bin b/test/recipes/15-test_lms_codecs_data/shake_n24_w2_msg.bin new file mode 100644 index 00000000000..5028abb9dec --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n24_w2_msg.bin @@ -0,0 +1,2 @@ +é^/ BšÁ¢(ßáôÑuV*áª"®Ççiø`ž$g;É8 û­:ÿR±¹}ì1¶ Ÿo?Z… +v+º|™Sáÿ_àÌö™Ü<0(¸>$uú²xI›ª;í—ñG;‚Ùr^§°¼¹Gõ/A÷ “Õ•-S]ïð«};R$ \ No newline at end of file diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.der b/test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..041cc4518cc099dadba8b803513ed638fde7b351 GIT binary patch literal 72 zc-k{?GvH<8)@t);`_9YADZnhqY{~!xj6f_7#C%a38`@9z?9-`eX|+1~yDu;D)pEbu ZvyS}-wuD4~)ITw0WAYJ;<2xr`0sywF8iN1; literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.pem b/test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.pem new file mode 100644 index 00000000000..bd75db43ba0 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MEYwDQYLKoZIhvcNAQkQAxEDNQAAAAABAAAAFwAAAA5asYCHy4y+LHiEhTrF+45u +WeqnTn3NQY/AtFRb8S/IlLFjxDjHuZPS +-----END PUBLIC KEY----- diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.txt b/test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.txt new file mode 100644 index 00000000000..59572f28b01 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n24_w2_pub.txt @@ -0,0 +1,12 @@ +lms-type: SHAKE-N24-H20 (0x17) +lm-ots-type: SHAKE-N24-W2 (0xe) +Id: + 5a:b1:80:87:cb:8c:be:2c:78:84:85:3a:c5:fb:8e:6e +LMS Public-Key: +pub: + 00:00:00:17:00:00:00:0e:5a:b1:80:87:cb:8c:be:2c: + 78:84:85:3a:c5:fb:8e:6e:59:ea:a7:4e:7d:cd:41:8f: + c0:b4:54:5b:f1:2f:c8:94:b1:63:c4:38:c7:b9:93:d2 +K: + 59:ea:a7:4e:7d:cd:41:8f:c0:b4:54:5b:f1:2f:c8:94: + b1:63:c4:38:c7:b9:93:d2 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w2_sig.bin b/test/recipes/15-test_lms_codecs_data/shake_n24_w2_sig.bin new file mode 100644 index 0000000000000000000000000000000000000000..a6c8730b7397a3f71d4790d7a9da5156b75de918 GIT binary patch literal 2940 zc-jGc3xo6k1X&dT000hFC?maTNqxYU$lUnfbh^1eJ5PSwtQStC5uzubrc#yIFFAS- zgxD~t`1-OeJik&YL{dX4M`<-%k%+U7vdCZ475owipkD^Hxc}F|4sN~>JX#+Z{`r5Z z-*f=i94aGqtF9+isEJw?o1M_k6?RRZN>2VRd!%u!nR!0t_H21{H-iCNQKu~LI@I&; zG$}lQhC0MjYnSpaA+q5dT_nxGN{pr(uk)-F%@WhFK**U|NwI1iWXrLyB9nHA=XUVm z|67x8ktP+bHuYZBbBLUL1!GE*F=zTx7;}qbS@r>KKj;b{iZViM+1A8|9BcZgWe*&E z6Pxj>D_hdJAr~XjStv!M~uOczrzDiy zZFg}2dc_iVB&%6%ufq#QL)DNNPt2pi7|fQ|2FYT{fO;11AdOf_{E~;nr+^p(fek(I zDDiuzyle?$4ul`un^E20kecwDzl%=+Ao*hUt2OtuV&=)<#bDx5|&2YIGv<;B&FxWUK zwK870FtE2(&)%{p>qT3d;xH_Bup>0I8QWMAGL1D#UHwv==I~;wl^2>KYX-1EQEU0* zW1IM)g={WSbl%91Q)9jqCuCGL#nlMzp$j9QS%{#^mU7QqFqRx*YDtV21xeGpvFeu>%6T%m5?Z& zQ<)5aDZ6<39|NR-w@UQF_kyK3nVhm6&yB4?y57trQPd003oLuXEI9qa8Q@igJOJg3 z#SQ^gs>l!KtwWLNM3+H);-9aqJDh(11w7Avm1G!W*7k||`Y2EuxhVDNDH*NPwtAV_!FSG70rgYw0cag4FklEd{>3ZNh#qThkqs z=TSI?ZLYPpFEagb>hq$qb`GMXI)Q>^8vW>7?G!-mik&7Ia~Z?Rc6p5ONqTmw?M|2m zD)>X4J5I8g#AXfQf)y~Xw>!M_)K5iFzvy~e7urbQd3WmO9fW}DHjGM_9MD=O3NKl1 zmQi>mF;g4ajjcR|_a4QHvmwOF9%?4sWJYQT4DY-UjtcZN|NUjv5(%xdR+nUjQa)Lb zaz*EzA>ZdfgvUMADGwM@dszjt0+ugkET-i=JzBQ#kQK%c*SN;zhLZi$rm$8P{77H% zBoM@#@G@*VW3Yyb=c6Z$cL)dKLQ8+Z(OEm_mXwndL^hS$M^Ak$Pn^iw|E z?t)^Dv=K-hf);Gu>z-xq@KeJls&m0NWB7^a0-4$QCCzc=SJ4UE`HnN?ROvv((@NWN_mqdm`g;^8M=oPp9aYrXN{X!v+9ciHOki+ zeK1Qzr!(0+-geeSm2#Yf*D$n$XcUQ=0625x12}aoMhi}T&MqAUx5&TT8{Mpp1I0k0 z87s*F8VIdh-BRdQ*sdg!_hd?6AuF?12dsNuVo-GdDAz8Xp?Osr1fUfL+Pkf>OeB`f zYz*uD+srxhwft7YcZHPl+ki~{pfm7(9ofr}YTj+1q7^bq=>j~@LBzWTq`AxQVL+b&_Q>!B6s)>lgeL@G@vHskxahz}XInUu+ z+0b0396Sbe_XwKWTZR277*8bdn!qoLTYHh8G#e+l_!K-$pyn&uhIp+R(>zp-$aE0>DO_)0q)qGND;+>|^6xD05Z#F2xs)!5r2q6(*d^on_TJ|%j0={w~{(JTL@}oq3BAJw7 zK2(i>?C1ye1iMKXQRrsp*%0$6bKb~ZZ%~;vmRFX3GOTdLdb*FAenq+14ie{yS7h!g zyWoMQA{3@KXbSHaSw1a#uvZ~^89^p~bNKzKv(??5EpLZFLEb?|4@CG(`X)~6xjEtc zhwQP$;P_`0NR?`KVrr_L-*)BC!pwu;?AUa!;`!7r7mN`ulgUPpU#lnA;ozfWq7~v> z%OeY(>x4^y#w;w~kwrI}p!aPD6w zT?d$Ki<>rn$>56|HdTC=sGH!KRZa3prN^-X507f_3Fu`LmrSR%;=5O|a+PcaLcpDM zt@|HOnm&-W{ZE7f5yTO7qKg)7JcVVrb{j&oj*fx;c0Ew8Bmk~&&Gd;h4fIj(^J?N{ z(>3c>Bn_tgd1BgvEo4~24S_qRSNI0lAEl^q$C`+X91-}2Y$xeq1QQRYj3mWxWegw} zL{t%6!|0YmnnwdK=Ws%>C4eQ0J=izQT;KPoEMHqq$5Fpq^i{~H(?B|wwt(>GKjWis zRubl-WC!Ozhdzl80Yw};`m?pp6mWyiQ_p3ZjZ!N^D^BD9n#}eAGSlwHusT_Vf$sI$ z2yS2<%4g{#d*hwzi^_{cBv6Ht`8j^jr-@bKLfm`HU9U~!%*i05Ox-YG&c<*YK`O~6 zgV|;s*Q=eHO!e*vi%`R-BN6)R(=>I>7c>tzneUB;Kl$Zmq++`cv=z|EvH(2R>%|5p mKrj;jnS7?5O2@wM<&oi^0Pf^!Dgt2vlbeF|ng`zR+XF4r%c&6n literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w4_msg.bin b/test/recipes/15-test_lms_codecs_data/shake_n24_w4_msg.bin new file mode 100644 index 0000000000000000000000000000000000000000..76372b99fb130c51a9b894f2dbfd6cc39a02fd63 GIT binary patch literal 128 zc-jGg0Du29rZ$gQgk$3bbJnh<@}Lc`c{OS6RwhCTv;FG**{G!4u(&R)P(Lb@n!U~^ zKRqOE^X4a!Ai_>Y~b%&pfT?;PK&Q i0LV=#iP27Of)X^ZaJ&$Z$9bXH;=&3_7i{QUZWy!XC`PaV literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w4_pub.der b/test/recipes/15-test_lms_codecs_data/shake_n24_w4_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..5a00b90eaab873ef5b9030ec3b448853b7b4386a GIT binary patch literal 72 zc-k{?GvH<8)@t);`_9YADZnhqY{~!xj6f_3#Qdx-m7+DAuj@>fPt5*uz~qrX6JxbV Y>b_P9Vo&H`{dUbEfjLKs!;AJJb^d;Lr{bOBRkde z&L&pDFW6>tBqtt-9fqfIWuCwr`?A)hzjhvP&}2bS_1qY5WMVwjH7{+ z^J8t#bBd0A`Ad^z#U7s*dm80yetg!mTtHU-ytI1|z(FaK|~FC=*Pl zgj>%g1Gg#deW%^-TxS?KgS$J}8FzfUZ0zciK`a(vF%Hy*4Vac zB#QiYsNG3B_gY^o1lN%PL@C-!MXf26KhdT?O|ea=#%59K24Q!!CD0#=aE0N_$Eff& zkSQz@7pYFM11Taa|KgqOq%2o8JhJataPlY)FvR*ZZC?Jp-jj-f?0KVFRe?@V&CSAr z{j-A^t;<)RIfDfSR;-H{&L1Q9Ry}i*&srJTla*TO)Pd4SRnD+GaD%{y-o8W}v)6fW zE8A}pJ*-VNAkTPztjWRqo~iVqVRM2n_FefuWqUmq5j?wUn)7~7w*4_-`;Q>HYghZ{ zhpvx};wu^y{ad5lt=RLoGfY)AUE0Z-k|<;IF>9f99YI4$Ijc5sJ?=`D5o6 zHY;tu)fZd7-&?q>%cu-19Xlxo)SU8jfIwhklzmufW|~q@(XYCf1woP>YJPi!nFVQ{ z)D+L|)N~ZSAc&RYQm=ZAZp=Ih1NHfIiwi1hels_T@MGOlE_8Fn7|jk!_V*}bGO6V3 zIy2xKI0@&o#ziIg`(@%U-a;?gzdcDDqWr`F@4d)3eoo>)bDJEi|l zMzjr}~3UKpY)Gba0}{*inzNb9ZA%t2d8>~%#1rir<1hUTjkr=u071RkduV3{rMK;vp7 z(u&AvEj)ggeLmuq*y$+%000$dQV8u}^2pZwHItUKM;X4B6-6t{X!BZsyC3;8T0$DF z;5gBUp_CmK{PiW3j%SO`Z5L=Py4i-SYUhm6?N-rK4Xak~is1b2EVqa+Rna3bMx%}) z_v?&Lj+|if+-WXWED=5`P*|^DF`WBc51%wlvmuicrws0VErPFiutAE(6cMO;Ag~^@ znK4CtvXpF99`SwvA!eF3Soa$@;n%lhe#YR0MCrG#=y;uZCv4?9O4_Rd_bZfRYf=XV2t*+6t{x CsMZ7k literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w8_msg.bin b/test/recipes/15-test_lms_codecs_data/shake_n24_w8_msg.bin new file mode 100644 index 00000000000..4116f7fe2ac --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n24_w8_msg.bin @@ -0,0 +1,2 @@ + *6YŸ&uä˜ßNð¥p'Øl51ã?lzó‚‹âÁÐô†W$NÊ +°,ó,Χ½ìVÉߪ°)¨i0&Ä®õ­³]}-¢LßP“Ì•"]³6œæ†~êÁ9´¢|lV}†ùdÊÁ#òO^”àêBË$և¶ŽŠ½ÀÉt€p2 \ No newline at end of file diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.der b/test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..55d9a499ca3930e29b477dd046358f1b983fdb67 GIT binary patch literal 72 zc-k{?GvH<8)@t);`_9YADZnhqY{~!xj6f^~!~$LuR!E5$Ri;j#zO|?=XRS)KU8q{` Y{fw-2)jO9yFJ@VALW%FR(_V%S09hFo%>V!Z literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.pem b/test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.pem new file mode 100644 index 00000000000..b9d91ba8402 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MEYwDQYLKoZIhvcNAQkQAxEDNQAAAAABAAAAFgAAABBKkKgaFDJ5ZZeXtXKGbK0k +Wz5VJo3faGque7ml53MEoMgiDstCvQCI +-----END PUBLIC KEY----- diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.txt b/test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.txt new file mode 100644 index 00000000000..e1d16691350 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n24_w8_pub.txt @@ -0,0 +1,12 @@ +lms-type: SHAKE-N24-H15 (0x16) +lm-ots-type: SHAKE-N24-W8 (0x10) +Id: + 4a:90:a8:1a:14:32:79:65:97:97:b5:72:86:6c:ad:24 +LMS Public-Key: +pub: + 00:00:00:16:00:00:00:10:4a:90:a8:1a:14:32:79:65: + 97:97:b5:72:86:6c:ad:24:5b:3e:55:26:8d:df:68:6a: + ae:7b:b9:a5:e7:73:04:a0:c8:22:0e:cb:42:bd:00:88 +K: + 5b:3e:55:26:8d:df:68:6a:ae:7b:b9:a5:e7:73:04:a0: + c8:22:0e:cb:42:bd:00:88 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n24_w8_sig.bin b/test/recipes/15-test_lms_codecs_data/shake_n24_w8_sig.bin new file mode 100644 index 0000000000000000000000000000000000000000..2705ff88c18d87677513ae7b285ac233bff20b9b GIT binary patch literal 1020 zc-jH{0|Wd3056;X000nUReQ<~o9~;3F*v^$0it(O3~qh`3c&2Zhkd6(welO2sgAl; z-J?OWOy{aIVg#-MM7l>7<1kBRzNJsI)E97ga(YxCy`}Tw(D}wg&7-rA&yCaIEf$;# zi#M0O0Xu9c@@kAJllO5e4WOAR|A3;(A*SS%m00ZI6oPH`^Vr59p)x!y$lUjzk$Nxq zk+`#UMp}2)e%VNCPo(mH0xo9G2XBm!kFvekBC+_8=8ENg(u}-`L-u=g(WB6G%R%!d zSjA(nS+7_-NR7KR^(G?XHJY%1ULQ^;X~L{c+%=T}j^x63nY;7D35O;>T(4DT=U5!h zbFpPDYvlOh_N86`{7)t^GN2_;e>5wRK~njp+y&t4m`&R+df~fT@x`vX7s@GLX#)tYFGjj z6G>FWmmX8JTQV%i{{TH4cNW{V&NRA*c-xK%^O>iqpRYhJ>3?hhf3akJxO)v+;8A6| z87(rZGvg#|h0re3h%-L|yOtq*EzCvm7m<*9c>hx0X)}L1w9xWVS5nV)mJ7SQ2?7RD zbA*+y3|bYCK;Uwd{ke;VW#}Ph(O+3$)1`@s=|*kkn$JygO(jd`C?Nitj$=zT9ZQS{ z=@HUD$gt>kgumrXP((&$`@s5SFxDE2vQ8?%i@2w|IfiUu)ff$L4IQvS8j?RyQ2stF z^34X4saZa|EevrY8vg{UNRk+!r9~2RveD}kYZq9ze8CeKY9kpjJO)UbzC7Y9lPw?+ zacTzf+;;H4QJfYejUiM-N8$T=051DE_{=z#ju{8&-o6KBR(2`?000(9t2m=y_E5X- zBwOijv^vB}Op622^E{=HCC4bma4?9WSHGO!z1^gqM);y&Vi(B6trF&ouQr}Q;!Fi8 zbAwnqh~43TG}knIM#jrP0y&`GouV0f7mQ_5)nof=61(K~QcSoDJNl3MiM?g2gZ)tNBAqmj} qfhTrSHstG*+idVH2`C(j3~2*7vRmZsQlQjxXS}tic~_}2{h^?G)9Z); literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w1_msg.bin b/test/recipes/15-test_lms_codecs_data/shake_n32_w1_msg.bin new file mode 100644 index 00000000000..c7066c13582 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n32_w1_msg.bin @@ -0,0 +1 @@ +Ý«å¸ÁHiä¹Ï«èy˜Ö&´~`bP”lÖՁ]µóÄ×÷{ÿlÐ,†Ìš›o3ê÷n_º<Õ'ä%Ó–j†¬jdD(É7wy’ªîÇ; øÞô\ D•%ßGOÝØ5>ÿ‰˜012)ºùøݺŠ¿€ú<žzg \ No newline at end of file diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.der b/test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..0474e535d4044a3052d8eca9612012583e2633ec GIT binary patch literal 80 zc-k}YGvH<8)@t);`_9YADZnhqY|8)yj6f_1#GED7`-GN>R#g7?zoh^A?AGu!0n>9W h*84BS$~M2OpJrO7o2Twn@j+4Z@v}z{gj(mz0RU7e8(07U literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.pem b/test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.pem new file mode 100644 index 00000000000..745d68e8f16 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +ME4wDQYLKoZIhvcNAQkQAxEDPQAAAAABAAAAEQAAAAl0e74SphV4ef9P0i/rzbVX +ZhA1zoQ7v9BdHYPpf5Y1di1uJ0J48CEp4+bi4BKFnx4= +-----END PUBLIC KEY----- diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.txt b/test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.txt new file mode 100644 index 00000000000..685066ea944 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n32_w1_pub.txt @@ -0,0 +1,13 @@ +lms-type: SHAKE-N32-H15 (0x11) +lm-ots-type: SHAKE-N32-W1 (0x9) +Id: + 74:7b:be:12:a6:15:78:79:ff:4f:d2:2f:eb:cd:b5:57 +LMS Public-Key: +pub: + 00:00:00:11:00:00:00:09:74:7b:be:12:a6:15:78:79: + ff:4f:d2:2f:eb:cd:b5:57:66:10:35:ce:84:3b:bf:d0: + 5d:1d:83:e9:7f:96:35:76:2d:6e:27:42:78:f0:21:29: + e3:e6:e2:e0:12:85:9f:1e +K: + 66:10:35:ce:84:3b:bf:d0:5d:1d:83:e9:7f:96:35:76: + 2d:6e:27:42:78:f0:21:29:e3:e6:e2:e0:12:85:9f:1e diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w1_sig.bin b/test/recipes/15-test_lms_codecs_data/shake_n32_w1_sig.bin new file mode 100644 index 0000000000000000000000000000000000000000..80da90a09d871be465a2083d14e9edd92d53fbf7 GIT binary patch literal 9004 zc-jFhBh%af05KW>000S6-In}Qn+y3Ae~x z-$!#rD)s|I&@WNS@L!;BgV%dNG1Dx@&|WOsYOSP1vBiqN*{>zG0VLfo_pni}=^-t% zx;tg*mJg(!TLHYv>sM_k&HV4WZt+r7WQF45LcH_ACM2>dvVn!?2^(w;{lC(~(^jX2 zmsAunBLLCnDH>orUBa9jCGPP_w%T>W(grg`9ncWI=@{@iqPD*) zkOU4hnMZofrh3}3sHD>@Z5g4$yXRdAIh4(=qa`n3dCVWoI&H~8c(sZ#BVOe$OoCen z$SjWQAI>3(h`5R8a2LeAZz(EeX7$V1@Cp%DW@@EclZ7ltgf{24$no6HgcS9J@&z5L z@`N1^t_razUlC*A!MzkSb21QtBO4;rtRIvle@O~09C9;nCVkDcF-<-Cuf)NegTbF^ zc1K&HvDTy&wmohFI6saceXu0k5OSZ%$39Uj-`BP+2hd&Qu~SoCi)O^E5ljPto}-?& z$v$WxM6t#W*D|5)hG9dBWoW6`v)9ZH58R^JVC*74>o2kddB<8@@`Ad0axeSBmslca zu4TL*@kuH8%6Iz)it5lVjyun)Kuuwpp zau$J?mrt>Zcdd)B*_c1QG$`)W4+cSzNB~0>NZq=-+z+b~*e36QB|!=ZNugOB$Ro5$ z@1Y&{Jce*5N-^6J>z7g~&eE!Ev5yN|5BA?GqtIj+Z`WRvha5A7iJ!SUn4DSE790Dl z(n+gYyAu)p*)x0!CxK$Iph8oLaNgL9R%MWRturgFHVV}JuZdqdp5D|bH%S<_peUd| zZ>b*GYCRHy%Y~`Wj026Hu#|;Nk(6ljbnZMcR-#6hL-paMr9B@OkHRGpX+)~6+K?^Z zbn3!bI~;mESWBC!U-NQAz4R&3?$8fzWOQ&&YV&SSwJJlYxa>_PGrnkV8!R3+m+DMI z7B~eH-TE(NCeY-C_X_SgAdfs~U!B{1%>|i6{K!2jRsLC%G!ph(fo#EHj95$7c;WEBjN(^okx>XoJid2*!=>Nu-4szlxc~c}8Rn=D4#vB6%URdangEoA+n8^qV zhbyT_r#Nr2WO^cU(3^zqK7@xlN<>nqB+x|N+H|_qp-vgPPnGOoYbh5guLX2)m6Z53G>`Qo%Nqj2M;7NlUTFq+KpA{ikz7> z2mgL$M<*X`bXZ2iXfbxMX4bV}7j$_%8JM*;N_y>W?i~=Owm{&VlSd1WB1l=*YLYE$ zL*PWfE>wR}5GCL@oi2RtjirJJ*&S)s1Dq-SzAi*wq(U4cz2{E!aU#MJg}!SKx3L)JYJ+EIf0z=4 zw3AS4C5|HjQ0i(zQm*rR=W+R?XO6XMr`~vaEWCgEJ0c#@sxf8Cyz`pd*&D%`q9*Vt z8QVncp?xmK_e;G9-h|?Nu-Xje`-6*>TNb(RPq`vbRgdjQLulSdoe~ME0-B9dmRB5x zJ8W$o4%r_}PnM^~``F~a0II?i*Cu9F{s5A?&HIaWT|~!Cqb>xr?LDYQYELLa8}<}h zwDhXc^P+aib@7AyObT(20l)#5$!w&s{ElsG?908%H}{Dgem0^1kS$?g5hA> zsK*dx-gmAvt)cq5%qW7Xwy=8pvNPg#AW)Bq!;=JukCTRVNC7rZG`j8#g!UdlF-3`s zM%c`>YJ+o=fzBB$E8;&^XBztc>Q}TH!V~<=7j}wUE-q&Z7Gz&8b+nN{M7th{cEa0iDne`64r+jy6<&>k?+c0fb5?7_KsE&R;#dfBVSp{K)2Zx9?WttoXM zRcCFR2YJ7iNesA}+V;WU(4Hm5MYx7^Nx;{86W(#iKB{EHwk-n?4~R5OZQ^2Skq}b< zn#5S*ys=Ec)p;DJ6K?nXUrD1O%hw%2O3+>}boj=j8-x^(c{L&?Tf4l0jwoi5krB0d z7sT$EIjhbBsg#k=M!O0nMCAXdg=QD3E>mGSpDnWWOYCD!0wg`%0OC|Tf3NJH|y z=uiSxctV{`JkB>Gn*9St+<=e4Ob&w4Mw9qGeCEMpdwFFjAfjpx2DX6~XL!i{=bv>i zY)OfHieELuAWmOFI71N~AH`&pw~UqM3X2%yH9gk53%)<@w5XysUqI48MZha{c{D$Y z)sL3?;e2jS0$7qdlox(On`+^qt!huFvxHprHI%(6O(fm+f$0E(f_^A5OYOiv`!E1igrF4i{6$CE#m(w zhbxCtJV9VswwP{^R}e`(K)7eo>A)L~KAF=pUZ$_L@>N4>yrO;l3g@z4qO8@Ibt7ml+uN9^1vb>e zBFp0L9OQ~CN$0)$4t|_3ztZk_nmi2H?X{wOxWVS-X{>O-Vx;tOij)7z;rFHt`XHQ0 z(**Uh8+5a5xa0vIPN)+wS_uf=A6sr&aIS&CRor#tHDsXc3Y-U#F&x%?^x7O0_wyp; zT%r70JI47UU^Jeg^4Z)qyutHCO~1suwXs~OR$a)hj+499| z-P&h8K_iS2PXBgWDyxxR;%`Dgr(guZLP!yu0GB8tMXNy$(-;bCJ%4*`8zfma5>8w`Y=^D(E3LVCU)!zil1w0Fzn^ zFjq+veW>SmOrr`^nRqg3HHqe|&qf~{?bX9%hdB6u61NR`sSnbP3#&+D@l@96Vq6G||c)4B9fYa3PI6po8Jn$Na zY;LXs0V_k94k5e1I^Eo4+16#OjGHtE&-ylGkH~Y`aEyF6 zrFX@&U*v5nH`C&)VO75)=LerT)VWHAM939&1;6=nlMnTMp?!bFVZH= z{0o+IKhqgl?{M1XNEPMR=9IpfRD-@(^Kg@cN|rP<6e)PtsCrPrI8RJlIoJOhYkL!< z9LSGH{TdSHVPpDq5yqj9JN8X&R($ZPMhMLM{rqB5*qOJ92)q5p_VarWyQ_^4$e_?m z(mSKCs{?qMV{|!KrOWCHg57aQ?Vp*jhCr?7zz!rkdp3H3ieggFpXH~-*UG}aG;uF- z?%*Bwfpj|ihF$cewfb*p*>PU@;<6<1WiXnvL@mQ~e?2}aW0@P$A z2|6DHK4fGv4Y8tt9`ozReTyKSE^Gilv=~cm2lkk1AQVRePlQdo8XEwJ@RU!@pOJiQ zIGC_lTD+w(i%+aAR(|3xZuNH1UxRw~{H-q4+3tuaP#PZci)Qh~>$y5~f_^2@-hs|` zO(vhZ3{62omH?1v8?cTlO!oSD0`*PqrUX?`Nw^@i4c+M!(~YLUEO?3xGRQpuV5m!X z<##JDG(n49Ma5Pm=W47uHDU*&UVE4SR0Uyde$5h>mwf?Lvw;Z_<%}>M=s+fTv0wq zzuf(VWIUr(C!icqyv{wplF_q%Imo1utgm#-c_TNPnd{3-~oIEd|v=uqd z2%e0t8Etz)t1DM+Km%j! zbNMex9e-0ny9(Om@_+-u{D_?_+@a;SH{5U^{{P(h*H}RvVGX>QOVXbw5kR{y5T^{| zbM7uIP=7yaJ9_#4dzzPsRmjhTLW3c5N zd+9tmTy$s*f02`LQ2RFd9xfRO=_rKvRsxW{zu|y&Kcob{5(4;Z(#EoQR){~Z;tB?*=ZL%f+1&Ta< zi6n?Po|X3M^m-vlCmP!eFNvG|_t>qF(p9_`tEZ@$fp|=VD&H4`Zh*c6*&5JJLtG-R zgMGOh6N(qpqJ)n_+j26VBqqkL_(n@`(00!=;qplv%EhNKFsUs^3McB{!_s@3r@lNv zx*4J@A|J&-W;x6k&qs8(F2j~-fn;0+Ww^U!A`^6torQNXC2+B}<}(if2=9BI@j-#G zA*bZl^7q5YQMGj-E|sC{VwD;Qir?@Vn+Xb44n-?G^x55|t; zl%>bL-z{&HrxML0u_R3F^od~ilInwpz(B1M~;jZ|< zSSt9oJTq#Pl@cQPyt-dwc%|I)pzZLP7%vl>c-gf7Hu~C-rnnx=u|qLM$g=JeOhDMC zF6G%Zf$c+A>qChVm_j0P40GTP4&Tf~mczxZn}G<&Igy)3u-YMza*$!YBN=FQU!S55 zm69@w9XQtEWBCSj?p@vEnFM|Pjh*f3$h5=&_IYt%l;VJ>E@fdLr@(WUy+vu8Su01o zM&*zVzm^W1(*3`FLhJ(*D%-@X=u29)xtt}baA*zu;Okw0>Ce+5v#je#E}l+7=}i${ zGWuEDfZko@_n?*@zED1q4Ft$EjG$yY47}ey-av&R?7-v29WQ!VTYU_ZA{ovQ+kH2i zdfIZ~K>jbdbfUPa^RAuErzw}}B@KzL0in=n!_P&ToI$2bo604C;^_#68vY=-;_B|U zfw`F(iASm$j6jBqc8bdSdQ`MVGQy#M2!%g;#%c2p#gPuoSV7KO%P-Qy5ln`K4;lwBJj zHIt%5$zcTIKc;##j8&w44Jo}iG$AIEsW2%5iWzrdEXq>9^25>8yDv5&7}_rmAZbHR!GMuPxOk=b{E&)0TqeDncOm?g z&mg^!1N0(nv!URE#J1BDu0HjKPwqs+dh|xYE9L+L>SHQcAI;e=*5tPuJ_ca(Tqg+s z=o%e|>R6_1&+Tm<>h6*wGz7(4l)qEqu}bw!mW8r(Wof)=7Ud>bmk@{_r8C>}0|inf zke^h1%d)V`2u}ywYujAn8$L?7_?W@(K{T8`|GS~!ZNHGpA8L$JKt0HHFWL?{PMoP1 z`}WB@ffr5KazO>uOg-qP?Csbg%^{&CF&mW93h()p-C%7u+@J9Y!7u}Sss`=H=~rDM z;M{jLW*Kkh**S)buMmhQ&C+!q#>bkyubUIw=tX|d{T;u!L4IIS;V42x@7Vf=bnolP za;By3FO@v9w9I*j8Vti)fhfO{m&o2d;_Ea30V9@R}>QYmyf5IuBk5((quTNMA<1?wZ(}(>Yqh{#rD$o6zECUKP=LVm(LDm(+{J*0Vo;Y z{tnPT(C1iQ1m^rE(@~=>c+PBdr}ntrH%ZiH#!8xP?AvcF$l!_tXcRV`j<8V+}V?jtpWiWdLcNM!Hk=O>(qL#IKn7#h3 z%*SL;)}R4B?acC|AEsi{TK|W#six&1qI36&>IaE(gE;}WtC=fX73I$68;U*S{Ah_G zE~C@XHuB`+3~NiIiG?U)XsDv?8abJ%+ePvO21W_66Pe|+t;smk)T4rZfV+^s602KX8JZ`vQ?*HQrNya+n=Mri=MklV&is31Vwg?ucUW>x-tv1E1&&6-h z4%BV%R8pw2kWC?8g0)QUn=y1^jYzngc-u|qW#nB$uo-952#bK%Fp<9M2rap@HL~Y6 zv-jBV6Zf*V#CUUihWH^+7X^sTT)~4ek?`GFV@r>d8=Tb{ZHziE^Yz%Yez4dP8FyEr z-97=uK~K|Ff172-gA)u6U5?mc_l!J7x1}*tTgR~0Igs(O;kQ&Sqki7ZcU3l>ew`S++} zj}Qymr$`C@jJb1|mfhE+qA`#FS5OeXccp4>IOSzy&Rc(k!Y9?puZ_3mDyCaKZqc~F zMQe%+C(HR5a5;DIu}ndzRi}0adYRCE!E4SqPbB*a$iWn)byt;)R>dNKO*IUrD7PVH zm?j?KcqTc7K(M;KxTVuJhIwqeU6RG}rW{i0K^W=75lZO^lYD@>?kW})VqVr!3L*1~ zA;yz?^x~)#YJ*Jx@SwRZl}O`mLS}Q@Fh0956v$D2U;JKt5}n9hxG7X=sR^ay3UK@Y zSyRF8d4h;VeHuhzI0NU0d$IZMOV(Ahy3BpMCLozZo7Pc=NHd_1P$|uu;m^L_Z9YNe zlILrnCi+a&QnOwr?q4G2IYCOSie9swpJOP_3IJVeA(}I&a5ZI2g53J(tj&In^4sS5 z3*f`qEpsr^u{w`u59-I6)bnHdu}!!cr1IKa8e(6kC#}Af^@L@Tl+g7iJ@`TRM92Zy zkB>ZtQS-XE#e3R%ms%yO*pL*B=KouurT!)w)Lz@aGXKeSgZH#$up)K@8GZ`*=u*624Y;E4C4Y^LxoE%#i`597EKtD)Pk3<|5MD0L03f;e0R8S z*U^jjEgLt2{sp;{XtQa@*!#sy6(A6(bOD1eBe;BWd3tIT3o z0lE?$_2;uCCs1MmWp%t))Elw^a~|^+*L$!9a842i)*rn&K&)$sxK=Q2`t*Xgzx9gG zFG#wSlmRIol2{Y2FjaUXc31rpasr%=+k13v*?R^$bdAz`JraKr-b|pCzhxPRgY%E@ z7mL~6CKJ$`*e^ilCL0`X9e6yDk&S~!w>DGwIZfK6B3yx#_a~#}wTP2rDFm57EInE! zcq^RN^hL*lc6|rASR3w}?X(-`|Bt$S{V{Bvw+;Z3b-7Pw7@j;5pI_Azt`-R+OtU9A;Xfq>u`6Unz6vJ-ys*eU zKDM?KD!HE?U4@7-LA-i$jIH$Cr(WR=r+a>O361hPl%YanB{fLNwI(*Dv{1&kXrwYa z5wW@*n_B#?EH4)H%@X-KK53E`pxRl*r-qn2w{#_) zwgV?JOsAA$ZnuCagF$n--Na1DLu;0YFEe1@QfW>UMG*Gp-iQLIIE&{QS%OcU9!U`0 zf@0dAEwUCy15`|NV5!qg?u_gmz|6~_+|Wx}qe=o>=!a!|53f|!xE9WGe&)r1R-09I z+OG+FzyYADg?7DpwE^gFjdn+k``}4~KNGpUSSuL`Dc2)k9B)7d`Hz*{#;xd)sdcm5 zbKfVJM9UEK4L7cOpcP>TFK2nDl?kicm9@TakUYqTSbk zFux$C6jZmEVJR`2(yI?;D64^))`N8Y)*FDGavRfcn?1T<)Y*{VYZ>;l|flNUZE{Hz%A zDxZB;9@{UO5m(i-m0H2Lznqs5(Qe{!y&Mo@!8(^BUvY!^=biB<*;`ltda4)(zWEAi zq6v;efd4_c^qcGN7C1vmpVz11!4yd1uYb?SUg0n2u;nlHWV6{bqY6y&w)P!Do+e0Y zNNOS$hJM0)9tp7LxfTJ~&yAYy`N9?va7qL26F!KU0JXS8u||aY^TDvnki99rpc>+> zs1WSG`=sDW<$tYUFH+=8+Ksq7vhC?G6Uqyd_^EF%5a@2AxphRT`_#NuDFq{+Xof8C zyB)QUEw?0;ggU0+EXz?GfHULZ$Q;G0(|c;aP^SOz6nXY6=U)Dc5YO=un8%hzZC;4@ zEz?T&x3E*?eDpNaL+^QdirN|dRLkm8X~fK!q`C;GPY*xYoSy#7QpgG2rO4On@P0o8 z^&-LJk@jGfu)fZQTWEAwV1kDy6IAPys&7EE`ZT*#<=7)BQ^nO|eg695j87Fks|htZ+a32^(1#LJXkV)0f$#Qf2GXcpt| zzp7=ISUYZ1IIfVdAKw3f2J$oUTe`6vN_UuoYm)2q6OtR|? zb&>bMcIqfpsSC!?3*j9}DR4X*Gg#{DdWmBhjpH&yubCBzs>x|~cj^d6Y{Wr^%d7yB zR0SRY@fY331YC_r(^1t6jHU~9x#6&HFc2>pLBcPfER*OMr@BI!ren7-`>HF5Ws>OaaPZZIFj?4^S7Q#l#>Ar@d&`+yn{d@w{Qmji-9=soK^O#Zx5a2d57p8) za#HDa_c*!W+~)%gvS;65&M`oE` zrPX>zN)74~(AcztdqY}KJ?b|-4dY6${88s6d zzO%S@w7Ac99NYA2f2A>AhSkQ#s@@r7QYq#+$j<%f5UBkdof63ddE_n+KyGAsO_4^y Sb;GtWgmz@BeK8YA`Qf@Y#$Me3 literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w8_msg.bin b/test/recipes/15-test_lms_codecs_data/shake_n32_w8_msg.bin new file mode 100644 index 00000000000..637df1950f6 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n32_w8_msg.bin @@ -0,0 +1 @@ +K*ÙÇDぅ½“ÀWŠÉªoâ³¼?ã^¥i„|ç—Ò@ØF¿­×*xOFó“±ÁQp® ¥ie é†çùÕ`°'r‚Y&¥ñH,PŸŠ½÷‚gJ_OÛÈ=Yƒžô7;¿aj-¥" ´Å\ÅO%u’—É—ìçsz†H \ No newline at end of file diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.der b/test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..95bd5af430a2dac9b93fe6df473f70e785cff405 GIT binary patch literal 80 zc-k}YGvH<8)@t);`_9YADZnhqY|8)yj6f_5#5~jWpO;_ZfB61p8S^rAE8}I-C literal 0 Hc-jL100001 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.pem b/test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.pem new file mode 100644 index 00000000000..4ffcce60c67 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +ME4wDQYLKoZIhvcNAQkQAxEDPQAAAAABAAAAEwAAAAyXL+d31A/h79l2A6YnM80c +0tbxPFSghfIwF7vUaWXAhTq8Nj+rztkRmiYzejBqe4g= +-----END PUBLIC KEY----- diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.txt b/test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.txt new file mode 100644 index 00000000000..bd82d8cf904 --- /dev/null +++ b/test/recipes/15-test_lms_codecs_data/shake_n32_w8_pub.txt @@ -0,0 +1,13 @@ +lms-type: SHAKE-N32-H25 (0x13) +lm-ots-type: SHAKE-N32-W8 (0xc) +Id: + 97:2f:e7:77:d4:0f:e1:ef:d9:76:03:a6:27:33:cd:1c +LMS Public-Key: +pub: + 00:00:00:13:00:00:00:0c:97:2f:e7:77:d4:0f:e1:ef: + d9:76:03:a6:27:33:cd:1c:d2:d6:f1:3c:54:a0:85:f2: + 30:17:bb:d4:69:65:c0:85:3a:bc:36:3f:ab:ce:d9:11: + 9a:26:33:7a:30:6a:7b:88 +K: + d2:d6:f1:3c:54:a0:85:f2:30:17:bb:d4:69:65:c0:85: + 3a:bc:36:3f:ab:ce:d9:11:9a:26:33:7a:30:6a:7b:88 diff --git a/test/recipes/15-test_lms_codecs_data/shake_n32_w8_sig.bin b/test/recipes/15-test_lms_codecs_data/shake_n32_w8_sig.bin new file mode 100644 index 0000000000000000000000000000000000000000..39a2faf9d1c5c63a71755ee9aae912d7d2871bf2 GIT binary patch literal 1932 zc-jGs2XpuVzNcvb000by0gHdXVIPs(`pg@3J7V_+QpD8`BLpCuRzG}unw3VAA#2ynwL3ZuxUUNui8 zKNX_Z6yHP;f@V6Fx4q+|@!#NTn5;^)@dT2ZelAYv2`iEbu-VY>iahBMhLUr8K^7Nm zQzlJJY5VLOxw7R>-G9`QQU5fNM=eKIGq(JN@+`KgW?I1175-gfFYksEKB2wgRgB&ST7- z8lf%b<>U`0k1IN*J`mWF<3tL${8iQMbUdcui-r}0D%0rW3TQ-KuZZ_1Ds3=;X<~Ad zH)=4E8@o1i(3##XsJ8&-VG{0``T(QIgR%c%N@!aUkK+*Q_0;^^MRynAD1B-@y>ZPe zJ&PoUSTQLbdOy(wD9OlE5V^WDCl007#{NvnWt_AqIRd|-Nj(R8ygva&! zu=dI85FYtZ7G^7pp@nQfx(~2)yOB23m)Q&`4g5V#J@*3cBEjC+WpCjIjI$EkrHS}b zn;9%RR+dtJ-c{^VbVMg5VP>gjOHnf~v=T7!7ZDd)b?z;l#xK zjOS50P9#RuiIly4SjU+ovVy*GGujw;r_nS!SpzjcddRn#fcpk3;Mnxui7aG#N3s0CSi|}iIg*G} zsB3#j%4Vh;inpIXO^GGh=SM0K(@+HokV>5aO3s^@dh7?5dG{e6_;T;R*i|2Zsx(MlpJV!U9W1(H})7F_bT5GTG-=Qt@e#iget&#BX z;)I_rA_wRM;zXzt5wZV*LfTSaMXJVyz|N^Qm`#L(c7s4=B>*L^p(g4~5jg!!di*SQ zm=KC~dX+x+&E%Pn|7EoOO(7*8E|EbU5*uy;TWjBHNExr52~1HO)mYDE%Ylk3j;#qc zzWwlbTptQMwtRsX3=1{zfsAy10l$~XkJk#5uHHv$2fcRGAsS{-`gDb`sf7Uy6se$B zcHE@-=tL^f*_>CTb^}7WC7@9aK{B-jt9t92kHhpk)63B82&%DEJT2<#LHp~fI~e7i zQviZ2D%7mDQT-OJ!C1M_dpcvL1X{quslD@iJ@uv-ZO7_VKmM6pZ^6L5>=F|up$fQW zv0k28`0m6G6R!G;MOouja6fpYao8 z%>CL~rjV)1uyi#Ap{kiVdgMV4>Q@->1IR`*FBx_QawJzwacT#+mS%|p>2MuG8~GbP zI*i^P9%g`3jw`l=T_gqPF`XAN)QUj5fs52D9RRut#*s}l$^qpb zHRxtfuL={Zq=UHRc-~FWPdxjI7!2G5y(4D>a5&2XeiUSd>*C}kt)0dS_20pCZeS)= zM!>PKQ9E4(d@~@XmKjuyA5lYDAT%Zm3Kw_Ufxv)ce^27w`;^VU(ZG{L|8k~bM@J#B z?#8t)fhv!IVLrqNk0`lcI}Mcd8LkE=5+4OKcyeSe?B-IM=i5oEnmDE^$PLmYAEqA~ zfKzRC^%=?!0Y&F~oMYa$S%3z!xkz6;nX9=Ii8Wrado%`}j@Mk9*ASK2}I0ZH^9AwlyJ^)ck!;GW+A literal 0 Hc-jL100001 -- 2.47.3