pqc/crypto_sign/sphincs-shake256-256f-simple/clean/fors.h

#ifndef SPX_FORS_H
#define SPX_FORS_H

#include <stdint.h>

#include "params.h"
#include "hash_state.h"

/**
 * Signs a message m, deriving the secret key from sk_seed and the FTS address.
 * Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.
 */
void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_sign(
    unsigned char *sig, unsigned char *pk,
    const unsigned char *m,
    const unsigned char *sk_seed, const unsigned char *pub_seed,
    const uint32_t fors_addr[8], const hash_state *hash_state_seeded);

/**
 * Derives the FORS public key from a signature.
 * This can be used for verification by comparing to a known public key, or to
 * subsequently verify a signature on the derived public key. The latter is the
 * typical use-case when used as an FTS below an OTS in a hypertree.
 * Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.
 */
void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_pk_from_sig(
    unsigned char *pk,
    const unsigned char *sig, const unsigned char *m,
    const unsigned char *pub_seed, const uint32_t fors_addr[8],
    const hash_state *hash_state_seeded);

#endif
Add the other 35 SPHINCS+ variants 2019-04-16 14:15:03 +01:00			`#ifndef SPX_FORS_H`
			`#define SPX_FORS_H`

			`#include <stdint.h>`

			`#include "params.h"`
Incorporate feedback * Names passed around (mostly constant) value more clearly * Put ``const`` where applicable (almost everywhere) * Renamed ``primitive.h`` * Fixed some nits 2019-07-17 07:37:14 +01:00			`#include "hash_state.h"`
Add the other 35 SPHINCS+ variants 2019-04-16 14:15:03 +01:00
			`/**`
			`* Signs a message m, deriving the secret key from sk_seed and the FTS address.`
			`* Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.`
			`*/`
			`void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_sign(`
			`unsigned char sig, unsigned char pk,`
			`const unsigned char *m,`
			`const unsigned char sk_seed, const unsigned char pub_seed,`
Incorporate feedback * Names passed around (mostly constant) value more clearly * Put ``const`` where applicable (almost everywhere) * Renamed ``primitive.h`` * Fixed some nits 2019-07-17 07:37:14 +01:00			`const uint32_t fors_addr[8], const hash_state *hash_state_seeded);`
Add the other 35 SPHINCS+ variants 2019-04-16 14:15:03 +01:00
			`/**`
			`* Derives the FORS public key from a signature.`
			`* This can be used for verification by comparing to a known public key, or to`
			`* subsequently verify a signature on the derived public key. The latter is the`
			`* typical use-case when used as an FTS below an OTS in a hypertree.`
			`* Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.`
			`*/`
			`void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_pk_from_sig(`
			`unsigned char *pk,`
			`const unsigned char sig, const unsigned char m,`
Eliminate the global state This PR sacrifices passing some extra arguments to get rid of the global state. * Haraka needs state in all hash calls, this results in changes to the hash functions specified in `hash.h`. The extra pointers passed would not be necessary for SHA256 or SHAKE256. * SHAKE256 did not have global state, but uniformity in the implementations requires us to pass around the new state context anyway. Otherwise, @joostrijneveld's SPHINCS+ generator doesn't really work anymore). We introduce a new header file called `primitive.h` which defines the required state type for the generic functions. I did not go into replacing _all_ occurrences of state variables by the new `hash_state` macro. 2019-06-21 13:34:36 +01:00			`const unsigned char *pub_seed, const uint32_t fors_addr[8],`
Incorporate feedback * Names passed around (mostly constant) value more clearly * Put ``const`` where applicable (almost everywhere) * Renamed ``primitive.h`` * Fixed some nits 2019-07-17 07:37:14 +01:00			`const hash_state *hash_state_seeded);`
Add the other 35 SPHINCS+ variants 2019-04-16 14:15:03 +01:00
			`#endif`