2019-12-12 13:29:29 +00:00
|
|
|
#ifndef PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_FORS_H
|
|
|
|
#define PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_FORS_H
|
2019-04-16 14:15:03 +01:00
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
2019-07-17 07:37:14 +01:00
|
|
|
#include "hash_state.h"
|
2019-08-01 08:13:05 +01:00
|
|
|
#include "params.h"
|
2019-04-16 14:15:03 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Signs a message m, deriving the secret key from sk_seed and the FTS address.
|
2019-12-12 13:29:29 +00:00
|
|
|
* Assumes m contains at least PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_FORS_HEIGHT * PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_FORS_TREES bits.
|
2019-04-16 14:15:03 +01:00
|
|
|
*/
|
|
|
|
void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_sign(
|
|
|
|
unsigned char *sig, unsigned char *pk,
|
|
|
|
const unsigned char *m,
|
|
|
|
const unsigned char *sk_seed, const unsigned char *pub_seed,
|
2019-07-17 07:37:14 +01:00
|
|
|
const uint32_t fors_addr[8], const hash_state *hash_state_seeded);
|
2019-04-16 14:15:03 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Derives the FORS public key from a signature.
|
|
|
|
* This can be used for verification by comparing to a known public key, or to
|
|
|
|
* subsequently verify a signature on the derived public key. The latter is the
|
|
|
|
* typical use-case when used as an FTS below an OTS in a hypertree.
|
2019-12-12 13:29:29 +00:00
|
|
|
* Assumes m contains at least PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_FORS_HEIGHT * PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_FORS_TREES bits.
|
2019-04-16 14:15:03 +01:00
|
|
|
*/
|
|
|
|
void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_pk_from_sig(
|
|
|
|
unsigned char *pk,
|
|
|
|
const unsigned char *sig, const unsigned char *m,
|
2019-06-21 13:34:36 +01:00
|
|
|
const unsigned char *pub_seed, const uint32_t fors_addr[8],
|
2019-07-17 07:37:14 +01:00
|
|
|
const hash_state *hash_state_seeded);
|
2019-04-16 14:15:03 +01:00
|
|
|
|
|
|
|
#endif
|