From 74efb10807541e5ef6911580d68415b91a9229df Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Wed, 17 Jul 2019 08:37:14 +0200 Subject: [PATCH] Incorporate feedback * Names passed around (mostly constant) value more clearly * Put ``const`` where applicable (almost everywhere) * Renamed ``primitive.h`` * Fixed some nits --- .../sphincs-haraka-128f-robust/clean/fors.c | 32 +++++++------- .../sphincs-haraka-128f-robust/clean/fors.h | 6 +-- .../sphincs-haraka-128f-robust/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-128f-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-128f-robust/clean/thash.h | 10 ++--- .../clean/thash_haraka_robust.c | 29 +++++++------ .../sphincs-haraka-128f-robust/clean/utils.c | 30 ++++++------- .../sphincs-haraka-128f-robust/clean/utils.h | 12 +++--- .../sphincs-haraka-128f-robust/clean/wots.c | 26 ++++++------ .../sphincs-haraka-128f-robust/clean/wots.h | 8 ++-- .../sphincs-haraka-128f-simple/clean/fors.c | 32 +++++++------- .../sphincs-haraka-128f-simple/clean/fors.h | 6 +-- .../sphincs-haraka-128f-simple/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-128f-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-128f-simple/clean/thash.h | 10 ++--- .../clean/thash_haraka_simple.c | 23 +++++----- .../sphincs-haraka-128f-simple/clean/utils.c | 30 ++++++------- .../sphincs-haraka-128f-simple/clean/utils.h | 12 +++--- .../sphincs-haraka-128f-simple/clean/wots.c | 26 ++++++------ .../sphincs-haraka-128f-simple/clean/wots.h | 8 ++-- .../sphincs-haraka-128s-robust/clean/fors.c | 32 +++++++------- .../sphincs-haraka-128s-robust/clean/fors.h | 6 +-- .../sphincs-haraka-128s-robust/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-128s-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-128s-robust/clean/thash.h | 10 ++--- .../clean/thash_haraka_robust.c | 29 +++++++------ .../sphincs-haraka-128s-robust/clean/utils.c | 30 ++++++------- .../sphincs-haraka-128s-robust/clean/utils.h | 12 +++--- .../sphincs-haraka-128s-robust/clean/wots.c | 26 ++++++------ .../sphincs-haraka-128s-robust/clean/wots.h | 8 ++-- .../sphincs-haraka-128s-simple/clean/fors.c | 32 +++++++------- .../sphincs-haraka-128s-simple/clean/fors.h | 6 +-- .../sphincs-haraka-128s-simple/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-128s-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-128s-simple/clean/thash.h | 10 ++--- .../clean/thash_haraka_simple.c | 23 +++++----- .../sphincs-haraka-128s-simple/clean/utils.c | 30 ++++++------- .../sphincs-haraka-128s-simple/clean/utils.h | 12 +++--- .../sphincs-haraka-128s-simple/clean/wots.c | 26 ++++++------ .../sphincs-haraka-128s-simple/clean/wots.h | 8 ++-- .../sphincs-haraka-192f-robust/clean/fors.c | 32 +++++++------- .../sphincs-haraka-192f-robust/clean/fors.h | 6 +-- .../sphincs-haraka-192f-robust/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-192f-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-192f-robust/clean/thash.h | 10 ++--- .../clean/thash_haraka_robust.c | 29 +++++++------ .../sphincs-haraka-192f-robust/clean/utils.c | 30 ++++++------- .../sphincs-haraka-192f-robust/clean/utils.h | 12 +++--- .../sphincs-haraka-192f-robust/clean/wots.c | 26 ++++++------ .../sphincs-haraka-192f-robust/clean/wots.h | 8 ++-- .../sphincs-haraka-192f-simple/clean/fors.c | 32 +++++++------- .../sphincs-haraka-192f-simple/clean/fors.h | 6 +-- .../sphincs-haraka-192f-simple/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-192f-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-192f-simple/clean/thash.h | 10 ++--- .../clean/thash_haraka_simple.c | 23 +++++----- .../sphincs-haraka-192f-simple/clean/utils.c | 30 ++++++------- .../sphincs-haraka-192f-simple/clean/utils.h | 12 +++--- .../sphincs-haraka-192f-simple/clean/wots.c | 26 ++++++------ .../sphincs-haraka-192f-simple/clean/wots.h | 8 ++-- .../sphincs-haraka-192s-robust/clean/fors.c | 32 +++++++------- .../sphincs-haraka-192s-robust/clean/fors.h | 6 +-- .../sphincs-haraka-192s-robust/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-192s-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-192s-robust/clean/thash.h | 10 ++--- .../clean/thash_haraka_robust.c | 29 +++++++------ .../sphincs-haraka-192s-robust/clean/utils.c | 30 ++++++------- .../sphincs-haraka-192s-robust/clean/utils.h | 12 +++--- .../sphincs-haraka-192s-robust/clean/wots.c | 26 ++++++------ .../sphincs-haraka-192s-robust/clean/wots.h | 8 ++-- .../sphincs-haraka-192s-simple/clean/fors.c | 32 +++++++------- .../sphincs-haraka-192s-simple/clean/fors.h | 6 +-- .../sphincs-haraka-192s-simple/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-192s-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-192s-simple/clean/thash.h | 10 ++--- .../clean/thash_haraka_simple.c | 23 +++++----- .../sphincs-haraka-192s-simple/clean/utils.c | 30 ++++++------- .../sphincs-haraka-192s-simple/clean/utils.h | 12 +++--- .../sphincs-haraka-192s-simple/clean/wots.c | 26 ++++++------ .../sphincs-haraka-192s-simple/clean/wots.h | 8 ++-- .../sphincs-haraka-256f-robust/clean/fors.c | 32 +++++++------- .../sphincs-haraka-256f-robust/clean/fors.h | 6 +-- .../sphincs-haraka-256f-robust/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-256f-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-256f-robust/clean/thash.h | 10 ++--- .../clean/thash_haraka_robust.c | 29 +++++++------ .../sphincs-haraka-256f-robust/clean/utils.c | 30 ++++++------- .../sphincs-haraka-256f-robust/clean/utils.h | 12 +++--- .../sphincs-haraka-256f-robust/clean/wots.c | 26 ++++++------ .../sphincs-haraka-256f-robust/clean/wots.h | 8 ++-- .../sphincs-haraka-256f-simple/clean/fors.c | 32 +++++++------- .../sphincs-haraka-256f-simple/clean/fors.h | 6 +-- .../sphincs-haraka-256f-simple/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-256f-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-256f-simple/clean/thash.h | 10 ++--- .../clean/thash_haraka_simple.c | 23 +++++----- .../sphincs-haraka-256f-simple/clean/utils.c | 30 ++++++------- .../sphincs-haraka-256f-simple/clean/utils.h | 12 +++--- .../sphincs-haraka-256f-simple/clean/wots.c | 26 ++++++------ .../sphincs-haraka-256f-simple/clean/wots.h | 8 ++-- .../sphincs-haraka-256s-robust/clean/fors.c | 32 +++++++------- .../sphincs-haraka-256s-robust/clean/fors.h | 6 +-- .../sphincs-haraka-256s-robust/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-256s-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-256s-robust/clean/thash.h | 10 ++--- .../clean/thash_haraka_robust.c | 29 +++++++------ .../sphincs-haraka-256s-robust/clean/utils.c | 30 ++++++------- .../sphincs-haraka-256s-robust/clean/utils.h | 12 +++--- .../sphincs-haraka-256s-robust/clean/wots.c | 26 ++++++------ .../sphincs-haraka-256s-robust/clean/wots.h | 8 ++-- .../sphincs-haraka-256s-simple/clean/fors.c | 32 +++++++------- .../sphincs-haraka-256s-simple/clean/fors.h | 6 +-- .../sphincs-haraka-256s-simple/clean/hash.h | 10 ++--- .../clean/hash_haraka.c | 28 ++++++------- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-haraka-256s-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-haraka-256s-simple/clean/thash.h | 10 ++--- .../clean/thash_haraka_simple.c | 23 +++++----- .../sphincs-haraka-256s-simple/clean/utils.c | 30 ++++++------- .../sphincs-haraka-256s-simple/clean/utils.h | 12 +++--- .../sphincs-haraka-256s-simple/clean/wots.c | 26 ++++++------ .../sphincs-haraka-256s-simple/clean/wots.h | 8 ++-- .../sphincs-sha256-128f-robust/clean/fors.c | 32 +++++++------- .../sphincs-sha256-128f-robust/clean/fors.h | 6 +-- .../sphincs-sha256-128f-robust/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-128f-robust/clean/sha256.c | 8 ++-- .../sphincs-sha256-128f-robust/clean/sha256.h | 2 +- .../sphincs-sha256-128f-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-128f-robust/clean/thash.h | 10 ++--- .../clean/thash_sha256_robust.c | 20 ++++----- .../sphincs-sha256-128f-robust/clean/utils.c | 30 ++++++------- .../sphincs-sha256-128f-robust/clean/utils.h | 12 +++--- .../sphincs-sha256-128f-robust/clean/wots.c | 26 ++++++------ .../sphincs-sha256-128f-robust/clean/wots.h | 8 ++-- .../sphincs-sha256-128f-simple/clean/fors.c | 32 +++++++------- .../sphincs-sha256-128f-simple/clean/fors.h | 6 +-- .../sphincs-sha256-128f-simple/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-128f-simple/clean/sha256.c | 8 ++-- .../sphincs-sha256-128f-simple/clean/sha256.h | 2 +- .../sphincs-sha256-128f-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-128f-simple/clean/thash.h | 10 ++--- .../clean/thash_sha256_simple.c | 20 ++++----- .../sphincs-sha256-128f-simple/clean/utils.c | 30 ++++++------- .../sphincs-sha256-128f-simple/clean/utils.h | 12 +++--- .../sphincs-sha256-128f-simple/clean/wots.c | 26 ++++++------ .../sphincs-sha256-128f-simple/clean/wots.h | 8 ++-- .../sphincs-sha256-128s-robust/clean/fors.c | 32 +++++++------- .../sphincs-sha256-128s-robust/clean/fors.h | 6 +-- .../sphincs-sha256-128s-robust/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-128s-robust/clean/sha256.c | 8 ++-- .../sphincs-sha256-128s-robust/clean/sha256.h | 2 +- .../sphincs-sha256-128s-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-128s-robust/clean/thash.h | 10 ++--- .../clean/thash_sha256_robust.c | 20 ++++----- .../sphincs-sha256-128s-robust/clean/utils.c | 30 ++++++------- .../sphincs-sha256-128s-robust/clean/utils.h | 12 +++--- .../sphincs-sha256-128s-robust/clean/wots.c | 26 ++++++------ .../sphincs-sha256-128s-robust/clean/wots.h | 8 ++-- .../sphincs-sha256-128s-simple/clean/fors.c | 32 +++++++------- .../sphincs-sha256-128s-simple/clean/fors.h | 6 +-- .../sphincs-sha256-128s-simple/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-128s-simple/clean/sha256.c | 8 ++-- .../sphincs-sha256-128s-simple/clean/sha256.h | 2 +- .../sphincs-sha256-128s-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-128s-simple/clean/thash.h | 10 ++--- .../clean/thash_sha256_simple.c | 20 ++++----- .../sphincs-sha256-128s-simple/clean/utils.c | 30 ++++++------- .../sphincs-sha256-128s-simple/clean/utils.h | 12 +++--- .../sphincs-sha256-128s-simple/clean/wots.c | 26 ++++++------ .../sphincs-sha256-128s-simple/clean/wots.h | 8 ++-- .../sphincs-sha256-192f-robust/clean/fors.c | 32 +++++++------- .../sphincs-sha256-192f-robust/clean/fors.h | 6 +-- .../sphincs-sha256-192f-robust/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-192f-robust/clean/sha256.c | 8 ++-- .../sphincs-sha256-192f-robust/clean/sha256.h | 2 +- .../sphincs-sha256-192f-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-192f-robust/clean/thash.h | 10 ++--- .../clean/thash_sha256_robust.c | 20 ++++----- .../sphincs-sha256-192f-robust/clean/utils.c | 30 ++++++------- .../sphincs-sha256-192f-robust/clean/utils.h | 12 +++--- .../sphincs-sha256-192f-robust/clean/wots.c | 26 ++++++------ .../sphincs-sha256-192f-robust/clean/wots.h | 8 ++-- .../sphincs-sha256-192f-simple/clean/fors.c | 32 +++++++------- .../sphincs-sha256-192f-simple/clean/fors.h | 6 +-- .../sphincs-sha256-192f-simple/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-192f-simple/clean/sha256.c | 8 ++-- .../sphincs-sha256-192f-simple/clean/sha256.h | 2 +- .../sphincs-sha256-192f-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-192f-simple/clean/thash.h | 10 ++--- .../clean/thash_sha256_simple.c | 20 ++++----- .../sphincs-sha256-192f-simple/clean/utils.c | 30 ++++++------- .../sphincs-sha256-192f-simple/clean/utils.h | 12 +++--- .../sphincs-sha256-192f-simple/clean/wots.c | 26 ++++++------ .../sphincs-sha256-192f-simple/clean/wots.h | 8 ++-- .../sphincs-sha256-192s-robust/clean/fors.c | 32 +++++++------- .../sphincs-sha256-192s-robust/clean/fors.h | 6 +-- .../sphincs-sha256-192s-robust/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-192s-robust/clean/sha256.c | 8 ++-- .../sphincs-sha256-192s-robust/clean/sha256.h | 2 +- .../sphincs-sha256-192s-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-192s-robust/clean/thash.h | 10 ++--- .../clean/thash_sha256_robust.c | 20 ++++----- .../sphincs-sha256-192s-robust/clean/utils.c | 30 ++++++------- .../sphincs-sha256-192s-robust/clean/utils.h | 12 +++--- .../sphincs-sha256-192s-robust/clean/wots.c | 26 ++++++------ .../sphincs-sha256-192s-robust/clean/wots.h | 8 ++-- .../sphincs-sha256-192s-simple/clean/fors.c | 32 +++++++------- .../sphincs-sha256-192s-simple/clean/fors.h | 6 +-- .../sphincs-sha256-192s-simple/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-192s-simple/clean/sha256.c | 8 ++-- .../sphincs-sha256-192s-simple/clean/sha256.h | 2 +- .../sphincs-sha256-192s-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-192s-simple/clean/thash.h | 10 ++--- .../clean/thash_sha256_simple.c | 20 ++++----- .../sphincs-sha256-192s-simple/clean/utils.c | 30 ++++++------- .../sphincs-sha256-192s-simple/clean/utils.h | 12 +++--- .../sphincs-sha256-192s-simple/clean/wots.c | 26 ++++++------ .../sphincs-sha256-192s-simple/clean/wots.h | 8 ++-- .../sphincs-sha256-256f-robust/clean/fors.c | 32 +++++++------- .../sphincs-sha256-256f-robust/clean/fors.h | 6 +-- .../sphincs-sha256-256f-robust/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-256f-robust/clean/sha256.c | 8 ++-- .../sphincs-sha256-256f-robust/clean/sha256.h | 2 +- .../sphincs-sha256-256f-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-256f-robust/clean/thash.h | 10 ++--- .../clean/thash_sha256_robust.c | 20 ++++----- .../sphincs-sha256-256f-robust/clean/utils.c | 30 ++++++------- .../sphincs-sha256-256f-robust/clean/utils.h | 12 +++--- .../sphincs-sha256-256f-robust/clean/wots.c | 26 ++++++------ .../sphincs-sha256-256f-robust/clean/wots.h | 8 ++-- .../sphincs-sha256-256f-simple/clean/fors.c | 32 +++++++------- .../sphincs-sha256-256f-simple/clean/fors.h | 6 +-- .../sphincs-sha256-256f-simple/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-256f-simple/clean/sha256.c | 8 ++-- .../sphincs-sha256-256f-simple/clean/sha256.h | 2 +- .../sphincs-sha256-256f-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-256f-simple/clean/thash.h | 10 ++--- .../clean/thash_sha256_simple.c | 20 ++++----- .../sphincs-sha256-256f-simple/clean/utils.c | 30 ++++++------- .../sphincs-sha256-256f-simple/clean/utils.h | 12 +++--- .../sphincs-sha256-256f-simple/clean/wots.c | 26 ++++++------ .../sphincs-sha256-256f-simple/clean/wots.h | 8 ++-- .../sphincs-sha256-256s-robust/clean/fors.c | 32 +++++++------- .../sphincs-sha256-256s-robust/clean/fors.h | 6 +-- .../sphincs-sha256-256s-robust/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-256s-robust/clean/sha256.c | 8 ++-- .../sphincs-sha256-256s-robust/clean/sha256.h | 2 +- .../sphincs-sha256-256s-robust/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-256s-robust/clean/thash.h | 10 ++--- .../clean/thash_sha256_robust.c | 20 ++++----- .../sphincs-sha256-256s-robust/clean/utils.c | 30 ++++++------- .../sphincs-sha256-256s-robust/clean/utils.h | 12 +++--- .../sphincs-sha256-256s-robust/clean/wots.c | 26 ++++++------ .../sphincs-sha256-256s-robust/clean/wots.h | 8 ++-- .../sphincs-sha256-256s-simple/clean/fors.c | 32 +++++++------- .../sphincs-sha256-256s-simple/clean/fors.h | 6 +-- .../sphincs-sha256-256s-simple/clean/hash.h | 10 ++--- .../clean/hash_sha256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-sha256-256s-simple/clean/sha256.c | 8 ++-- .../sphincs-sha256-256s-simple/clean/sha256.h | 2 +- .../sphincs-sha256-256s-simple/clean/sign.c | 42 +++++++++---------- .../sphincs-sha256-256s-simple/clean/thash.h | 10 ++--- .../clean/thash_sha256_simple.c | 20 ++++----- .../sphincs-sha256-256s-simple/clean/utils.c | 30 ++++++------- .../sphincs-sha256-256s-simple/clean/utils.h | 12 +++--- .../sphincs-sha256-256s-simple/clean/wots.c | 26 ++++++------ .../sphincs-sha256-256s-simple/clean/wots.h | 8 ++-- .../sphincs-shake256-128f-robust/clean/fors.c | 32 +++++++------- .../sphincs-shake256-128f-robust/clean/fors.h | 6 +-- .../sphincs-shake256-128f-robust/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-128f-robust/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_robust.c | 21 ++++++---- .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-128f-robust/clean/wots.c | 26 ++++++------ .../sphincs-shake256-128f-robust/clean/wots.h | 8 ++-- .../sphincs-shake256-128f-simple/clean/fors.c | 32 +++++++------- .../sphincs-shake256-128f-simple/clean/fors.h | 6 +-- .../sphincs-shake256-128f-simple/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-128f-simple/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_simple.c | 30 +++++++------ .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-128f-simple/clean/wots.c | 26 ++++++------ .../sphincs-shake256-128f-simple/clean/wots.h | 8 ++-- .../sphincs-shake256-128s-robust/clean/fors.c | 32 +++++++------- .../sphincs-shake256-128s-robust/clean/fors.h | 6 +-- .../sphincs-shake256-128s-robust/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-128s-robust/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_robust.c | 21 ++++++---- .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-128s-robust/clean/wots.c | 26 ++++++------ .../sphincs-shake256-128s-robust/clean/wots.h | 8 ++-- .../sphincs-shake256-128s-simple/clean/fors.c | 32 +++++++------- .../sphincs-shake256-128s-simple/clean/fors.h | 6 +-- .../sphincs-shake256-128s-simple/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-128s-simple/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_simple.c | 30 +++++++------ .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-128s-simple/clean/wots.c | 26 ++++++------ .../sphincs-shake256-128s-simple/clean/wots.h | 8 ++-- .../sphincs-shake256-192f-robust/clean/fors.c | 32 +++++++------- .../sphincs-shake256-192f-robust/clean/fors.h | 6 +-- .../sphincs-shake256-192f-robust/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-192f-robust/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_robust.c | 21 ++++++---- .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-192f-robust/clean/wots.c | 26 ++++++------ .../sphincs-shake256-192f-robust/clean/wots.h | 8 ++-- .../sphincs-shake256-192f-simple/clean/fors.c | 32 +++++++------- .../sphincs-shake256-192f-simple/clean/fors.h | 6 +-- .../sphincs-shake256-192f-simple/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-192f-simple/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_simple.c | 30 +++++++------ .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-192f-simple/clean/wots.c | 26 ++++++------ .../sphincs-shake256-192f-simple/clean/wots.h | 8 ++-- .../sphincs-shake256-192s-robust/clean/fors.c | 32 +++++++------- .../sphincs-shake256-192s-robust/clean/fors.h | 6 +-- .../sphincs-shake256-192s-robust/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-192s-robust/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_robust.c | 21 ++++++---- .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-192s-robust/clean/wots.c | 26 ++++++------ .../sphincs-shake256-192s-robust/clean/wots.h | 8 ++-- .../sphincs-shake256-192s-simple/clean/fors.c | 32 +++++++------- .../sphincs-shake256-192s-simple/clean/fors.h | 6 +-- .../sphincs-shake256-192s-simple/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-192s-simple/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_simple.c | 30 +++++++------ .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-192s-simple/clean/wots.c | 26 ++++++------ .../sphincs-shake256-192s-simple/clean/wots.h | 8 ++-- .../sphincs-shake256-256f-robust/clean/fors.c | 32 +++++++------- .../sphincs-shake256-256f-robust/clean/fors.h | 6 +-- .../sphincs-shake256-256f-robust/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-256f-robust/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_robust.c | 21 ++++++---- .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-256f-robust/clean/wots.c | 26 ++++++------ .../sphincs-shake256-256f-robust/clean/wots.h | 8 ++-- .../sphincs-shake256-256f-simple/clean/fors.c | 32 +++++++------- .../sphincs-shake256-256f-simple/clean/fors.h | 6 +-- .../sphincs-shake256-256f-simple/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-256f-simple/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_simple.c | 30 +++++++------ .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-256f-simple/clean/wots.c | 26 ++++++------ .../sphincs-shake256-256f-simple/clean/wots.h | 8 ++-- .../sphincs-shake256-256s-robust/clean/fors.c | 32 +++++++------- .../sphincs-shake256-256s-robust/clean/fors.h | 6 +-- .../sphincs-shake256-256s-robust/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-256s-robust/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_robust.c | 21 ++++++---- .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-256s-robust/clean/wots.c | 26 ++++++------ .../sphincs-shake256-256s-robust/clean/wots.h | 8 ++-- .../sphincs-shake256-256s-simple/clean/fors.c | 32 +++++++------- .../sphincs-shake256-256s-simple/clean/fors.h | 6 +-- .../sphincs-shake256-256s-simple/clean/hash.h | 10 ++--- .../clean/hash_shake256.c | 16 +++---- .../clean/{primitive.h => hash_state.h} | 0 .../sphincs-shake256-256s-simple/clean/sign.c | 42 +++++++++---------- .../clean/thash.h | 10 ++--- .../clean/thash_shake256_simple.c | 30 +++++++------ .../clean/utils.c | 30 ++++++------- .../clean/utils.h | 12 +++--- .../sphincs-shake256-256s-simple/clean/wots.c | 26 ++++++------ .../sphincs-shake256-256s-simple/clean/wots.h | 8 ++-- 456 files changed, 4038 insertions(+), 3996 deletions(-) rename crypto_sign/sphincs-haraka-128f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-128f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-128s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-128s-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-192f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-192f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-192s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-192s-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-256f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-256f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-256s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-haraka-256s-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-128f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-128f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-128s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-128s-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-192f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-192f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-192s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-192s-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-256f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-256f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-256s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-sha256-256s-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-128f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-128f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-128s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-128s-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-192f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-192f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-192s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-192s-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-256f-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-256f-simple/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-256s-robust/clean/{primitive.h => hash_state.h} (100%) rename crypto_sign/sphincs-shake256-256s-simple/clean/{primitive.h => hash_state.h} (100%) diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/fors.c b/crypto_sign/sphincs-haraka-128f-robust/clean/fors.c index 69dff475..de69f025 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/fors.c +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/fors.h b/crypto_sign/sphincs-haraka-128f-robust/clean/fors.h index 0a63f188..d667d4e3 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/fors.h +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/hash.h b/crypto_sign/sphincs-haraka-128f-robust/clean/hash.h index 5ffba5f7..2458d78c 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/hash.h +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-128f-robust/clean/hash_haraka.c index 5f6652c4..2c8c1fe8 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/primitive.h b/crypto_sign/sphincs-haraka-128f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-128f-robust/clean/primitive.h rename to crypto_sign/sphincs-haraka-128f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/sign.c b/crypto_sign/sphincs-haraka-128f-robust/clean/sign.c index 913f8f84..89d3c57e 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/sign.c +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/thash.h b/crypto_sign/sphincs-haraka-128f-robust/clean/thash.h index 9d06cbed..b9d39930 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/thash.h +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/thash_haraka_robust.c b/crypto_sign/sphincs-haraka-128f-robust/clean/thash_haraka_robust.c index e86c892c..c6662e06 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/thash_haraka_robust.c +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/thash_haraka_robust.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "haraka.h" @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char *bitmask = buf + SPX_ADDR_BYTES; unsigned char outbuf[32]; @@ -23,7 +23,6 @@ static void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash( unsigned int i; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; /* TODO this should be fed into haraka */ if (inblocks == 1) { /* F function */ @@ -31,24 +30,24 @@ static void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash( memset(buf_tmp, 0, 64); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_addr_to_bytes(buf_tmp, addr); - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka256(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka256(outbuf, buf_tmp, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf_tmp[SPX_ADDR_BYTES + i] = in[i] ^ outbuf[i]; } - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_addr_to_bytes(buf, addr); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S( - bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, state_seeded); + bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i]; } PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -57,39 +56,39 @@ static void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/utils.c b/crypto_sign/sphincs-haraka-128f-robust/clean/utils.c index 3abf8f48..9ee7333b 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/utils.c +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/utils.h b/crypto_sign/sphincs-haraka-128f-robust/clean/utils.h index 553bcb04..1f3b61f8 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/utils.h +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/wots.c b/crypto_sign/sphincs-haraka-128f-robust/clean/wots.c index d109cfd1..ba4bc6b6 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/wots.c +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-128f-robust/clean/wots.h b/crypto_sign/sphincs-haraka-128f-robust/clean/wots.h index b9a55246..3dae74a4 100644 --- a/crypto_sign/sphincs-haraka-128f-robust/clean/wots.h +++ b/crypto_sign/sphincs-haraka-128f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA128FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/fors.c b/crypto_sign/sphincs-haraka-128f-simple/clean/fors.c index df6e5748..2a8f4eca 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/fors.c +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/fors.h b/crypto_sign/sphincs-haraka-128f-simple/clean/fors.h index db79139e..77682193 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/fors.h +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/hash.h b/crypto_sign/sphincs-haraka-128f-simple/clean/hash.h index abe9f72b..99af1b64 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/hash.h +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-128f-simple/clean/hash_haraka.c index 36789685..4d8d11d3 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/primitive.h b/crypto_sign/sphincs-haraka-128f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-128f-simple/clean/primitive.h rename to crypto_sign/sphincs-haraka-128f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/sign.c b/crypto_sign/sphincs-haraka-128f-simple/clean/sign.c index f0457c7f..b9d6f3bb 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/sign.c +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/thash.h b/crypto_sign/sphincs-haraka-128f-simple/clean/thash.h index 6a3db490..9fea6e6c 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/thash.h +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/thash_haraka_simple.c b/crypto_sign/sphincs-haraka-128f-simple/clean/thash_haraka_simple.c index 03e26b2a..d5b864b6 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/thash_haraka_simple.c +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/thash_haraka_simple.c @@ -14,13 +14,12 @@ static void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char outbuf[32]; unsigned char buf_tmp[64]; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; if (inblocks == 1) { /* F function */ @@ -29,7 +28,7 @@ static void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash( PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_addr_to_bytes(buf_tmp, addr); memcpy(buf_tmp + SPX_ADDR_BYTES, in, SPX_N); - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ @@ -37,7 +36,7 @@ static void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash( memcpy(buf + SPX_ADDR_BYTES, in, inblocks * SPX_N); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -46,39 +45,39 @@ static void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/utils.c b/crypto_sign/sphincs-haraka-128f-simple/clean/utils.c index e1acb46e..4af67a38 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/utils.c +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/utils.h b/crypto_sign/sphincs-haraka-128f-simple/clean/utils.h index 5794fbaf..535a7fde 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/utils.h +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/wots.c b/crypto_sign/sphincs-haraka-128f-simple/clean/wots.c index bec9f8fb..8e439b3a 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/wots.c +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-128f-simple/clean/wots.h b/crypto_sign/sphincs-haraka-128f-simple/clean/wots.h index 3f834e40..2468508b 100644 --- a/crypto_sign/sphincs-haraka-128f-simple/clean/wots.h +++ b/crypto_sign/sphincs-haraka-128f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA128FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/fors.c b/crypto_sign/sphincs-haraka-128s-robust/clean/fors.c index b4b825b3..c7e8b49a 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/fors.c +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/fors.h b/crypto_sign/sphincs-haraka-128s-robust/clean/fors.h index 06fdb0fe..e38d947d 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/fors.h +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/hash.h b/crypto_sign/sphincs-haraka-128s-robust/clean/hash.h index d8780da7..062c4029 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/hash.h +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-128s-robust/clean/hash_haraka.c index c0b44e7a..a5907a4d 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/primitive.h b/crypto_sign/sphincs-haraka-128s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-128s-robust/clean/primitive.h rename to crypto_sign/sphincs-haraka-128s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/sign.c b/crypto_sign/sphincs-haraka-128s-robust/clean/sign.c index 3d872e75..fe237fa4 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/sign.c +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/thash.h b/crypto_sign/sphincs-haraka-128s-robust/clean/thash.h index 4045d7f7..cc607eac 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/thash.h +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/thash_haraka_robust.c b/crypto_sign/sphincs-haraka-128s-robust/clean/thash_haraka_robust.c index 9132636c..96fd8fe7 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/thash_haraka_robust.c +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/thash_haraka_robust.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "haraka.h" @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char *bitmask = buf + SPX_ADDR_BYTES; unsigned char outbuf[32]; @@ -23,7 +23,6 @@ static void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash( unsigned int i; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; /* TODO this should be fed into haraka */ if (inblocks == 1) { /* F function */ @@ -31,24 +30,24 @@ static void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash( memset(buf_tmp, 0, 64); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_addr_to_bytes(buf_tmp, addr); - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka256(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka256(outbuf, buf_tmp, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf_tmp[SPX_ADDR_BYTES + i] = in[i] ^ outbuf[i]; } - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_addr_to_bytes(buf, addr); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S( - bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, state_seeded); + bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i]; } PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -57,39 +56,39 @@ static void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/utils.c b/crypto_sign/sphincs-haraka-128s-robust/clean/utils.c index ff86e3fc..7df7e601 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/utils.c +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/utils.h b/crypto_sign/sphincs-haraka-128s-robust/clean/utils.h index cc39738f..fff722fa 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/utils.h +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/wots.c b/crypto_sign/sphincs-haraka-128s-robust/clean/wots.c index aaf5939e..60fd9a71 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/wots.c +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-128s-robust/clean/wots.h b/crypto_sign/sphincs-haraka-128s-robust/clean/wots.h index d662942c..8e0f8159 100644 --- a/crypto_sign/sphincs-haraka-128s-robust/clean/wots.h +++ b/crypto_sign/sphincs-haraka-128s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA128SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/fors.c b/crypto_sign/sphincs-haraka-128s-simple/clean/fors.c index dea331a8..11f7982f 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/fors.c +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/fors.h b/crypto_sign/sphincs-haraka-128s-simple/clean/fors.h index 35548c25..de1a1fd8 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/fors.h +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/hash.h b/crypto_sign/sphincs-haraka-128s-simple/clean/hash.h index 9705e10d..9e399767 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/hash.h +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-128s-simple/clean/hash_haraka.c index be88c912..6889a862 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/primitive.h b/crypto_sign/sphincs-haraka-128s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-128s-simple/clean/primitive.h rename to crypto_sign/sphincs-haraka-128s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/sign.c b/crypto_sign/sphincs-haraka-128s-simple/clean/sign.c index ffb528e3..b1311491 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/sign.c +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/thash.h b/crypto_sign/sphincs-haraka-128s-simple/clean/thash.h index 37b1b2af..61ae862c 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/thash.h +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/thash_haraka_simple.c b/crypto_sign/sphincs-haraka-128s-simple/clean/thash_haraka_simple.c index ca31be61..44a10f83 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/thash_haraka_simple.c +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/thash_haraka_simple.c @@ -14,13 +14,12 @@ static void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char outbuf[32]; unsigned char buf_tmp[64]; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; if (inblocks == 1) { /* F function */ @@ -29,7 +28,7 @@ static void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash( PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_addr_to_bytes(buf_tmp, addr); memcpy(buf_tmp + SPX_ADDR_BYTES, in, SPX_N); - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ @@ -37,7 +36,7 @@ static void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash( memcpy(buf + SPX_ADDR_BYTES, in, inblocks * SPX_N); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -46,39 +45,39 @@ static void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/utils.c b/crypto_sign/sphincs-haraka-128s-simple/clean/utils.c index e6a7cfb5..6e37e4d3 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/utils.c +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/utils.h b/crypto_sign/sphincs-haraka-128s-simple/clean/utils.h index 10274a5c..1cafed00 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/utils.h +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/wots.c b/crypto_sign/sphincs-haraka-128s-simple/clean/wots.c index 89abd4df..1a5a017f 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/wots.c +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-128s-simple/clean/wots.h b/crypto_sign/sphincs-haraka-128s-simple/clean/wots.h index 6c477b5c..373ed1cd 100644 --- a/crypto_sign/sphincs-haraka-128s-simple/clean/wots.h +++ b/crypto_sign/sphincs-haraka-128s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA128SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/fors.c b/crypto_sign/sphincs-haraka-192f-robust/clean/fors.c index 6958a819..2d4d5519 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/fors.c +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/fors.h b/crypto_sign/sphincs-haraka-192f-robust/clean/fors.h index 4e373fce..301e00e1 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/fors.h +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/hash.h b/crypto_sign/sphincs-haraka-192f-robust/clean/hash.h index 5b6fe324..d126f00a 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/hash.h +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-192f-robust/clean/hash_haraka.c index 2fe3c86c..81cc19fe 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/primitive.h b/crypto_sign/sphincs-haraka-192f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-192f-robust/clean/primitive.h rename to crypto_sign/sphincs-haraka-192f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/sign.c b/crypto_sign/sphincs-haraka-192f-robust/clean/sign.c index 9e5d20c2..41822a12 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/sign.c +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/thash.h b/crypto_sign/sphincs-haraka-192f-robust/clean/thash.h index 7b7e9a97..f79e81bd 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/thash.h +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/thash_haraka_robust.c b/crypto_sign/sphincs-haraka-192f-robust/clean/thash_haraka_robust.c index e84415dd..a3c23c77 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/thash_haraka_robust.c +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/thash_haraka_robust.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "haraka.h" @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char *bitmask = buf + SPX_ADDR_BYTES; unsigned char outbuf[32]; @@ -23,7 +23,6 @@ static void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash( unsigned int i; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; /* TODO this should be fed into haraka */ if (inblocks == 1) { /* F function */ @@ -31,24 +30,24 @@ static void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash( memset(buf_tmp, 0, 64); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_addr_to_bytes(buf_tmp, addr); - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka256(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka256(outbuf, buf_tmp, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf_tmp[SPX_ADDR_BYTES + i] = in[i] ^ outbuf[i]; } - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_addr_to_bytes(buf, addr); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S( - bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, state_seeded); + bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i]; } PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -57,39 +56,39 @@ static void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/utils.c b/crypto_sign/sphincs-haraka-192f-robust/clean/utils.c index 746c0b7a..a191444c 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/utils.c +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/utils.h b/crypto_sign/sphincs-haraka-192f-robust/clean/utils.h index 875189a5..cc22e96e 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/utils.h +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/wots.c b/crypto_sign/sphincs-haraka-192f-robust/clean/wots.c index a718fcbe..5585892d 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/wots.c +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-192f-robust/clean/wots.h b/crypto_sign/sphincs-haraka-192f-robust/clean/wots.h index 7c1b8b2d..6584ed5c 100644 --- a/crypto_sign/sphincs-haraka-192f-robust/clean/wots.h +++ b/crypto_sign/sphincs-haraka-192f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA192FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/fors.c b/crypto_sign/sphincs-haraka-192f-simple/clean/fors.c index c0b8e20e..70895969 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/fors.c +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/fors.h b/crypto_sign/sphincs-haraka-192f-simple/clean/fors.h index de9f0e4f..e3cb9339 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/fors.h +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/hash.h b/crypto_sign/sphincs-haraka-192f-simple/clean/hash.h index 32f3278a..84b4fe4a 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/hash.h +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-192f-simple/clean/hash_haraka.c index d2a1bf0d..9ea0a397 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/primitive.h b/crypto_sign/sphincs-haraka-192f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-192f-simple/clean/primitive.h rename to crypto_sign/sphincs-haraka-192f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/sign.c b/crypto_sign/sphincs-haraka-192f-simple/clean/sign.c index 9cc0537d..694b0377 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/sign.c +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/thash.h b/crypto_sign/sphincs-haraka-192f-simple/clean/thash.h index 1290c55b..14113497 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/thash.h +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/thash_haraka_simple.c b/crypto_sign/sphincs-haraka-192f-simple/clean/thash_haraka_simple.c index 72c9fbc3..9611c2ef 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/thash_haraka_simple.c +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/thash_haraka_simple.c @@ -14,13 +14,12 @@ static void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char outbuf[32]; unsigned char buf_tmp[64]; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; if (inblocks == 1) { /* F function */ @@ -29,7 +28,7 @@ static void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash( PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_addr_to_bytes(buf_tmp, addr); memcpy(buf_tmp + SPX_ADDR_BYTES, in, SPX_N); - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ @@ -37,7 +36,7 @@ static void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash( memcpy(buf + SPX_ADDR_BYTES, in, inblocks * SPX_N); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -46,39 +45,39 @@ static void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/utils.c b/crypto_sign/sphincs-haraka-192f-simple/clean/utils.c index 0bc3e317..59df1fa1 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/utils.c +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/utils.h b/crypto_sign/sphincs-haraka-192f-simple/clean/utils.h index f09f225d..8521e848 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/utils.h +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/wots.c b/crypto_sign/sphincs-haraka-192f-simple/clean/wots.c index 6c4b64db..7a5abbf6 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/wots.c +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-192f-simple/clean/wots.h b/crypto_sign/sphincs-haraka-192f-simple/clean/wots.h index e175d41f..62b0d2f5 100644 --- a/crypto_sign/sphincs-haraka-192f-simple/clean/wots.h +++ b/crypto_sign/sphincs-haraka-192f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA192FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/fors.c b/crypto_sign/sphincs-haraka-192s-robust/clean/fors.c index 81048fb5..7f159f1e 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/fors.c +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/fors.h b/crypto_sign/sphincs-haraka-192s-robust/clean/fors.h index c7b73d5c..e65d37c0 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/fors.h +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/hash.h b/crypto_sign/sphincs-haraka-192s-robust/clean/hash.h index e4549582..b3131e72 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/hash.h +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-192s-robust/clean/hash_haraka.c index 0a168f52..62dbe732 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/primitive.h b/crypto_sign/sphincs-haraka-192s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-192s-robust/clean/primitive.h rename to crypto_sign/sphincs-haraka-192s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/sign.c b/crypto_sign/sphincs-haraka-192s-robust/clean/sign.c index 7c3b2d2d..84ed13f3 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/sign.c +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/thash.h b/crypto_sign/sphincs-haraka-192s-robust/clean/thash.h index da55f250..a97ae013 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/thash.h +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/thash_haraka_robust.c b/crypto_sign/sphincs-haraka-192s-robust/clean/thash_haraka_robust.c index de4e0759..25839194 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/thash_haraka_robust.c +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/thash_haraka_robust.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "haraka.h" @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char *bitmask = buf + SPX_ADDR_BYTES; unsigned char outbuf[32]; @@ -23,7 +23,6 @@ static void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash( unsigned int i; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; /* TODO this should be fed into haraka */ if (inblocks == 1) { /* F function */ @@ -31,24 +30,24 @@ static void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash( memset(buf_tmp, 0, 64); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_addr_to_bytes(buf_tmp, addr); - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka256(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka256(outbuf, buf_tmp, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf_tmp[SPX_ADDR_BYTES + i] = in[i] ^ outbuf[i]; } - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_addr_to_bytes(buf, addr); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S( - bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, state_seeded); + bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i]; } PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -57,39 +56,39 @@ static void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/utils.c b/crypto_sign/sphincs-haraka-192s-robust/clean/utils.c index 5f92af7e..e5b0845b 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/utils.c +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/utils.h b/crypto_sign/sphincs-haraka-192s-robust/clean/utils.h index d5755cd8..b1e124a1 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/utils.h +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/wots.c b/crypto_sign/sphincs-haraka-192s-robust/clean/wots.c index d865d918..124436eb 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/wots.c +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-192s-robust/clean/wots.h b/crypto_sign/sphincs-haraka-192s-robust/clean/wots.h index 4a606c5a..fe36086d 100644 --- a/crypto_sign/sphincs-haraka-192s-robust/clean/wots.h +++ b/crypto_sign/sphincs-haraka-192s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA192SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/fors.c b/crypto_sign/sphincs-haraka-192s-simple/clean/fors.c index 159802bd..d7c08114 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/fors.c +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/fors.h b/crypto_sign/sphincs-haraka-192s-simple/clean/fors.h index 5bd1beaa..e0b6b79e 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/fors.h +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/hash.h b/crypto_sign/sphincs-haraka-192s-simple/clean/hash.h index 0978e275..5353c46e 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/hash.h +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-192s-simple/clean/hash_haraka.c index 34e3012d..2b7aac0b 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/primitive.h b/crypto_sign/sphincs-haraka-192s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-192s-simple/clean/primitive.h rename to crypto_sign/sphincs-haraka-192s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/sign.c b/crypto_sign/sphincs-haraka-192s-simple/clean/sign.c index 0abe43e9..84934655 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/sign.c +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/thash.h b/crypto_sign/sphincs-haraka-192s-simple/clean/thash.h index 39d608d5..db20d7e9 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/thash.h +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/thash_haraka_simple.c b/crypto_sign/sphincs-haraka-192s-simple/clean/thash_haraka_simple.c index 8750c19b..09c3f1d7 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/thash_haraka_simple.c +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/thash_haraka_simple.c @@ -14,13 +14,12 @@ static void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char outbuf[32]; unsigned char buf_tmp[64]; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; if (inblocks == 1) { /* F function */ @@ -29,7 +28,7 @@ static void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash( PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_addr_to_bytes(buf_tmp, addr); memcpy(buf_tmp + SPX_ADDR_BYTES, in, SPX_N); - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ @@ -37,7 +36,7 @@ static void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash( memcpy(buf + SPX_ADDR_BYTES, in, inblocks * SPX_N); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -46,39 +45,39 @@ static void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/utils.c b/crypto_sign/sphincs-haraka-192s-simple/clean/utils.c index 26bf699c..41cc3993 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/utils.c +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/utils.h b/crypto_sign/sphincs-haraka-192s-simple/clean/utils.h index 35d130c0..bcecd426 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/utils.h +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/wots.c b/crypto_sign/sphincs-haraka-192s-simple/clean/wots.c index 36a63350..a0230543 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/wots.c +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-192s-simple/clean/wots.h b/crypto_sign/sphincs-haraka-192s-simple/clean/wots.h index 009c1093..662c3631 100644 --- a/crypto_sign/sphincs-haraka-192s-simple/clean/wots.h +++ b/crypto_sign/sphincs-haraka-192s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA192SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/fors.c b/crypto_sign/sphincs-haraka-256f-robust/clean/fors.c index 9f9033f4..36781683 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/fors.c +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/fors.h b/crypto_sign/sphincs-haraka-256f-robust/clean/fors.h index c42ff70f..ba449177 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/fors.h +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/hash.h b/crypto_sign/sphincs-haraka-256f-robust/clean/hash.h index c4fb4bef..b8183ada 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/hash.h +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-256f-robust/clean/hash_haraka.c index 5b903d8e..c52ee796 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/primitive.h b/crypto_sign/sphincs-haraka-256f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-256f-robust/clean/primitive.h rename to crypto_sign/sphincs-haraka-256f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/sign.c b/crypto_sign/sphincs-haraka-256f-robust/clean/sign.c index ebfad79d..446a235e 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/sign.c +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/thash.h b/crypto_sign/sphincs-haraka-256f-robust/clean/thash.h index 0e8df996..de2e70d1 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/thash.h +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/thash_haraka_robust.c b/crypto_sign/sphincs-haraka-256f-robust/clean/thash_haraka_robust.c index ebf2741a..49dd352b 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/thash_haraka_robust.c +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/thash_haraka_robust.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "haraka.h" @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char *bitmask = buf + SPX_ADDR_BYTES; unsigned char outbuf[32]; @@ -23,7 +23,6 @@ static void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash( unsigned int i; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; /* TODO this should be fed into haraka */ if (inblocks == 1) { /* F function */ @@ -31,24 +30,24 @@ static void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash( memset(buf_tmp, 0, 64); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_addr_to_bytes(buf_tmp, addr); - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka256(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka256(outbuf, buf_tmp, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf_tmp[SPX_ADDR_BYTES + i] = in[i] ^ outbuf[i]; } - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_addr_to_bytes(buf, addr); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S( - bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, state_seeded); + bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i]; } PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -57,39 +56,39 @@ static void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/utils.c b/crypto_sign/sphincs-haraka-256f-robust/clean/utils.c index d53b3dc4..73457b1f 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/utils.c +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/utils.h b/crypto_sign/sphincs-haraka-256f-robust/clean/utils.h index b62b44df..03cecee9 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/utils.h +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/wots.c b/crypto_sign/sphincs-haraka-256f-robust/clean/wots.c index 077d0fcb..12df5d74 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/wots.c +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-256f-robust/clean/wots.h b/crypto_sign/sphincs-haraka-256f-robust/clean/wots.h index 318d45df..55eff1b6 100644 --- a/crypto_sign/sphincs-haraka-256f-robust/clean/wots.h +++ b/crypto_sign/sphincs-haraka-256f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA256FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/fors.c b/crypto_sign/sphincs-haraka-256f-simple/clean/fors.c index 0f3407d5..c72bd8ce 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/fors.c +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/fors.h b/crypto_sign/sphincs-haraka-256f-simple/clean/fors.h index 37a241b1..87d58787 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/fors.h +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/hash.h b/crypto_sign/sphincs-haraka-256f-simple/clean/hash.h index ef63f23e..5cf9ad01 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/hash.h +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-256f-simple/clean/hash_haraka.c index 107f9197..0d5121f1 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/primitive.h b/crypto_sign/sphincs-haraka-256f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-256f-simple/clean/primitive.h rename to crypto_sign/sphincs-haraka-256f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/sign.c b/crypto_sign/sphincs-haraka-256f-simple/clean/sign.c index f35b5e10..ff14b7e2 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/sign.c +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/thash.h b/crypto_sign/sphincs-haraka-256f-simple/clean/thash.h index cf935bbb..33b538dd 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/thash.h +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/thash_haraka_simple.c b/crypto_sign/sphincs-haraka-256f-simple/clean/thash_haraka_simple.c index 6e27f0bd..493cbdef 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/thash_haraka_simple.c +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/thash_haraka_simple.c @@ -14,13 +14,12 @@ static void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char outbuf[32]; unsigned char buf_tmp[64]; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; if (inblocks == 1) { /* F function */ @@ -29,7 +28,7 @@ static void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash( PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_addr_to_bytes(buf_tmp, addr); memcpy(buf_tmp + SPX_ADDR_BYTES, in, SPX_N); - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ @@ -37,7 +36,7 @@ static void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash( memcpy(buf + SPX_ADDR_BYTES, in, inblocks * SPX_N); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -46,39 +45,39 @@ static void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/utils.c b/crypto_sign/sphincs-haraka-256f-simple/clean/utils.c index db3a8f61..7b07312d 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/utils.c +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/utils.h b/crypto_sign/sphincs-haraka-256f-simple/clean/utils.h index fbf5fa99..d4cca6b7 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/utils.h +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/wots.c b/crypto_sign/sphincs-haraka-256f-simple/clean/wots.c index 4dec7443..0fe86208 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/wots.c +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-256f-simple/clean/wots.h b/crypto_sign/sphincs-haraka-256f-simple/clean/wots.h index 9673b246..323c895e 100644 --- a/crypto_sign/sphincs-haraka-256f-simple/clean/wots.h +++ b/crypto_sign/sphincs-haraka-256f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA256FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/fors.c b/crypto_sign/sphincs-haraka-256s-robust/clean/fors.c index 55882543..59305ba2 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/fors.c +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/fors.h b/crypto_sign/sphincs-haraka-256s-robust/clean/fors.h index e37618ab..eb7b7a0d 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/fors.h +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/hash.h b/crypto_sign/sphincs-haraka-256s-robust/clean/hash.h index f2ff41f6..9d91e4d4 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/hash.h +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-256s-robust/clean/hash_haraka.c index 77d1e23c..32a2391e 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/primitive.h b/crypto_sign/sphincs-haraka-256s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-256s-robust/clean/primitive.h rename to crypto_sign/sphincs-haraka-256s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/sign.c b/crypto_sign/sphincs-haraka-256s-robust/clean/sign.c index 2cbbde4c..06d2ba91 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/sign.c +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/thash.h b/crypto_sign/sphincs-haraka-256s-robust/clean/thash.h index 91fdee79..77b883c8 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/thash.h +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/thash_haraka_robust.c b/crypto_sign/sphincs-haraka-256s-robust/clean/thash_haraka_robust.c index 52a76b01..1de55d79 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/thash_haraka_robust.c +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/thash_haraka_robust.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "haraka.h" @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char *bitmask = buf + SPX_ADDR_BYTES; unsigned char outbuf[32]; @@ -23,7 +23,6 @@ static void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash( unsigned int i; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; /* TODO this should be fed into haraka */ if (inblocks == 1) { /* F function */ @@ -31,24 +30,24 @@ static void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash( memset(buf_tmp, 0, 64); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_addr_to_bytes(buf_tmp, addr); - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka256(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka256(outbuf, buf_tmp, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf_tmp[SPX_ADDR_BYTES + i] = in[i] ^ outbuf[i]; } - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_addr_to_bytes(buf, addr); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S( - bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, state_seeded); + bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, hash_state_seeded); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i]; } PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -57,39 +56,39 @@ static void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/utils.c b/crypto_sign/sphincs-haraka-256s-robust/clean/utils.c index 748b0ace..3fe4802d 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/utils.c +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/utils.h b/crypto_sign/sphincs-haraka-256s-robust/clean/utils.h index 8d98495f..cf661339 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/utils.h +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/wots.c b/crypto_sign/sphincs-haraka-256s-robust/clean/wots.c index 1c821fe3..1bb1ca68 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/wots.c +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-256s-robust/clean/wots.h b/crypto_sign/sphincs-haraka-256s-robust/clean/wots.h index 19010464..efa5fdd3 100644 --- a/crypto_sign/sphincs-haraka-256s-robust/clean/wots.h +++ b/crypto_sign/sphincs-haraka-256s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA256SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/fors.c b/crypto_sign/sphincs-haraka-256s-simple/clean/fors.c index af334b61..f7eb1113 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/fors.c +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/fors.h b/crypto_sign/sphincs-haraka-256s-simple/clean/fors.h index 521aba0a..6e0edad4 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/fors.h +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/hash.h b/crypto_sign/sphincs-haraka-256s-simple/clean/hash.h index 108a0ce7..0d2a5218 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/hash.h +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/hash_haraka.c b/crypto_sign/sphincs-haraka-256s-simple/clean/hash_haraka.c index a15d5cad..a96d5114 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/hash_haraka.c +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/hash_haraka.c @@ -9,9 +9,9 @@ #include "haraka.h" void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_tweak_constants(state_seeded, pub_seed, sk_seed, SPX_N); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_tweak_constants(hash_state_seeded, pub_seed, sk_seed, SPX_N); } /* @@ -19,7 +19,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES]; /* Since SPX_N may be smaller than 32, we need a temporary buffer. */ unsigned char outbuf[32]; @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_prf_addr( (void)key; /* Suppress an 'unused parameter' warning. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_addr_to_bytes(buf, addr); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka256_sk(outbuf, buf, state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka256_sk(outbuf, buf, hash_state_seeded); memcpy(out, outbuf, SPX_N); } @@ -39,15 +39,15 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, optrand, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_squeeze(R, SPX_N, s_inc, hash_state_seeded); } /** @@ -59,7 +59,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -71,11 +71,11 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_hash_message( uint8_t s_inc[65]; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_init(s_inc); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, state_seeded); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, state_seeded); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, R, SPX_N, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, pk, SPX_PK_BYTES, hash_state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_absorb(s_inc, m, mlen, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_finalize(s_inc); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, hash_state_seeded); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/primitive.h b/crypto_sign/sphincs-haraka-256s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-haraka-256s-simple/clean/primitive.h rename to crypto_sign/sphincs-haraka-256s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/sign.c b/crypto_sign/sphincs-haraka-256s-simple/clean/sign.c index 5e6b63b7..2d87c88a 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/sign.c +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/thash.h b/crypto_sign/sphincs-haraka-256s-simple/clean/thash.h index d1bb6453..2aa62eb5 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/thash.h +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/thash_haraka_simple.c b/crypto_sign/sphincs-haraka-256s-simple/clean/thash_haraka_simple.c index e6dd589c..c75f9d01 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/thash_haraka_simple.c +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/thash_haraka_simple.c @@ -14,13 +14,12 @@ static void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char outbuf[32]; unsigned char buf_tmp[64]; (void)pub_seed; /* Suppress an 'unused parameter' warning. */ - (void)state_seeded; if (inblocks == 1) { /* F function */ @@ -29,7 +28,7 @@ static void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash( PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_addr_to_bytes(buf_tmp, addr); memcpy(buf_tmp + SPX_ADDR_BYTES, in, SPX_N); - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka512(outbuf, buf_tmp, hash_state_seeded); memcpy(out, outbuf, SPX_N); } else { /* All other tweakable hashes*/ @@ -37,7 +36,7 @@ static void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash( memcpy(buf + SPX_ADDR_BYTES, in, inblocks * SPX_N); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_haraka_S( - out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, state_seeded); + out, SPX_N, buf, SPX_ADDR_BYTES + inblocks * SPX_N, hash_state_seeded); } } @@ -46,39 +45,39 @@ static void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/utils.c b/crypto_sign/sphincs-haraka-256s-simple/clean/utils.c index e6c46254..3197ea2f 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/utils.c +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/utils.h b/crypto_sign/sphincs-haraka-256s-simple/clean/utils.h index 2e8a3ecc..946c8b1b 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/utils.h +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/wots.c b/crypto_sign/sphincs-haraka-256s-simple/clean/wots.c index 27bc2999..68388ebc 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/wots.c +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-haraka-256s-simple/clean/wots.h b/crypto_sign/sphincs-haraka-256s-simple/clean/wots.h index f7860b7b..662ee9b2 100644 --- a/crypto_sign/sphincs-haraka-256s-simple/clean/wots.h +++ b/crypto_sign/sphincs-haraka-256s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSHARAKA256SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/fors.c b/crypto_sign/sphincs-sha256-128f-robust/clean/fors.c index 36f13d16..502a164f 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/fors.c +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/fors.h b/crypto_sign/sphincs-sha256-128f-robust/clean/fors.h index 1035d1a4..dab7d3ea 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/fors.h +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/hash.h b/crypto_sign/sphincs-sha256-128f-robust/clean/hash.h index aa7d7db8..c5351f94 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/hash.h +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-128f-robust/clean/hash_sha256.c index 5a7e1b6b..15e0024c 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/primitive.h b/crypto_sign/sphincs-sha256-128f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-128f-robust/clean/primitive.h rename to crypto_sign/sphincs-sha256-128f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/sha256.c b/crypto_sign/sphincs-sha256-128f-robust/clean/sha256.c index 9e144dda..f8e1ae1e 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/sha256.h b/crypto_sign/sphincs-sha256-128f-robust/clean/sha256.h index e0837665..a1fb3d55 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/sign.c b/crypto_sign/sphincs-sha256-128f-robust/clean/sign.c index 24063221..aba2bece 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/sign.c +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/thash.h b/crypto_sign/sphincs-sha256-128f-robust/clean/thash.h index 86932c38..e6d3f973 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/thash.h +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-128f-robust/clean/thash_sha256_robust.c index 5fd4337c..ceea98dd 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/thash_sha256_robust.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; @@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; @@ -44,39 +44,39 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/utils.c b/crypto_sign/sphincs-sha256-128f-robust/clean/utils.c index fa148c87..78770ce5 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/utils.c +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/utils.h b/crypto_sign/sphincs-sha256-128f-robust/clean/utils.h index 91f459cd..bcc82b9b 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/utils.h +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/wots.c b/crypto_sign/sphincs-sha256-128f-robust/clean/wots.c index 06462e27..47aabc55 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/wots.c +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/wots.h b/crypto_sign/sphincs-sha256-128f-robust/clean/wots.h index dcc90717..e51fc73e 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/wots.h +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/fors.c b/crypto_sign/sphincs-sha256-128f-simple/clean/fors.c index 043d1110..40c314fa 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/fors.c +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/fors.h b/crypto_sign/sphincs-sha256-128f-simple/clean/fors.h index 338a5b7a..f38dae6a 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/fors.h +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/hash.h b/crypto_sign/sphincs-sha256-128f-simple/clean/hash.h index f592a23f..ea25c857 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/hash.h +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-128f-simple/clean/hash_sha256.c index 32af7ca0..36985dcf 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/primitive.h b/crypto_sign/sphincs-sha256-128f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-128f-simple/clean/primitive.h rename to crypto_sign/sphincs-sha256-128f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/sha256.c b/crypto_sign/sphincs-sha256-128f-simple/clean/sha256.c index f8654f1c..d9303bb6 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/sha256.h b/crypto_sign/sphincs-sha256-128f-simple/clean/sha256.h index 94b267e1..145ea57f 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/sign.c b/crypto_sign/sphincs-sha256-128f-simple/clean/sign.c index df7086fa..0af6ca79 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/sign.c +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/thash.h b/crypto_sign/sphincs-sha256-128f-simple/clean/thash.h index 6a8fcb34..35c873f5 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/thash.h +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/thash_sha256_simple.c b/crypto_sign/sphincs-sha256-128f-simple/clean/thash_sha256_simple.c index e5550dba..757017f8 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/thash_sha256_simple.c +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/thash_sha256_simple.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; sha256ctx sha2_state; @@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash( (void)pub_seed; /* Suppress an 'unused parameter' warning. */ /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compress_address(buf, addr); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); @@ -37,39 +37,39 @@ static void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/utils.c b/crypto_sign/sphincs-sha256-128f-simple/clean/utils.c index 72947081..f36d3004 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/utils.c +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/utils.h b/crypto_sign/sphincs-sha256-128f-simple/clean/utils.h index 8d8897a6..bec68157 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/utils.h +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/wots.c b/crypto_sign/sphincs-sha256-128f-simple/clean/wots.c index d34a5e17..62c7c36b 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/wots.c +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-128f-simple/clean/wots.h b/crypto_sign/sphincs-sha256-128f-simple/clean/wots.h index 677812db..33539db2 100644 --- a/crypto_sign/sphincs-sha256-128f-simple/clean/wots.h +++ b/crypto_sign/sphincs-sha256-128f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/fors.c b/crypto_sign/sphincs-sha256-128s-robust/clean/fors.c index 4225620c..e92343bf 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/fors.c +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/fors.h b/crypto_sign/sphincs-sha256-128s-robust/clean/fors.h index a488420b..34193b87 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/fors.h +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/hash.h b/crypto_sign/sphincs-sha256-128s-robust/clean/hash.h index fcfe3a9b..7997b70e 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/hash.h +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-128s-robust/clean/hash_sha256.c index 74dbd0bc..f69b211d 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/primitive.h b/crypto_sign/sphincs-sha256-128s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-128s-robust/clean/primitive.h rename to crypto_sign/sphincs-sha256-128s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/sha256.c b/crypto_sign/sphincs-sha256-128s-robust/clean/sha256.c index 65e15b5f..fbaac27d 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/sha256.h b/crypto_sign/sphincs-sha256-128s-robust/clean/sha256.h index 1522f9ff..3e36adde 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/sign.c b/crypto_sign/sphincs-sha256-128s-robust/clean/sign.c index f754244b..5acc1d6e 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/sign.c +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/thash.h b/crypto_sign/sphincs-sha256-128s-robust/clean/thash.h index 86b6f96d..1ed87fc3 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/thash.h +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-128s-robust/clean/thash_sha256_robust.c index 5aac5159..eeea86cb 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/thash_sha256_robust.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; @@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; @@ -44,39 +44,39 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/utils.c b/crypto_sign/sphincs-sha256-128s-robust/clean/utils.c index ed074496..b54d5737 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/utils.c +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/utils.h b/crypto_sign/sphincs-sha256-128s-robust/clean/utils.h index 9bc5b122..59e8f899 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/utils.h +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/wots.c b/crypto_sign/sphincs-sha256-128s-robust/clean/wots.c index 36b37dc4..43010369 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/wots.c +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/wots.h b/crypto_sign/sphincs-sha256-128s-robust/clean/wots.h index 702afe38..1341368c 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/wots.h +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/fors.c b/crypto_sign/sphincs-sha256-128s-simple/clean/fors.c index ea6f5e11..a6d22b86 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/fors.c +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/fors.h b/crypto_sign/sphincs-sha256-128s-simple/clean/fors.h index 1ac2e726..4be5f09b 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/fors.h +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/hash.h b/crypto_sign/sphincs-sha256-128s-simple/clean/hash.h index 077113f9..8f6be6b9 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/hash.h +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-128s-simple/clean/hash_sha256.c index b10c6075..4fd3dd47 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/primitive.h b/crypto_sign/sphincs-sha256-128s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-128s-simple/clean/primitive.h rename to crypto_sign/sphincs-sha256-128s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/sha256.c b/crypto_sign/sphincs-sha256-128s-simple/clean/sha256.c index 3159f51c..f9821c72 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/sha256.h b/crypto_sign/sphincs-sha256-128s-simple/clean/sha256.h index 095734f2..a6248d8a 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/sign.c b/crypto_sign/sphincs-sha256-128s-simple/clean/sign.c index 94afb488..5e7e014c 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/sign.c +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/thash.h b/crypto_sign/sphincs-sha256-128s-simple/clean/thash.h index ec2e1c75..f0528a70 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/thash.h +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/thash_sha256_simple.c b/crypto_sign/sphincs-sha256-128s-simple/clean/thash_sha256_simple.c index db238ce2..17bf47c2 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/thash_sha256_simple.c +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/thash_sha256_simple.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; sha256ctx sha2_state; @@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash( (void)pub_seed; /* Suppress an 'unused parameter' warning. */ /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compress_address(buf, addr); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); @@ -37,39 +37,39 @@ static void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/utils.c b/crypto_sign/sphincs-sha256-128s-simple/clean/utils.c index f630d71a..ac65026a 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/utils.c +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/utils.h b/crypto_sign/sphincs-sha256-128s-simple/clean/utils.h index 824f1b7a..e3c5bf2a 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/utils.h +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/wots.c b/crypto_sign/sphincs-sha256-128s-simple/clean/wots.c index ba82d363..9f46cf0d 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/wots.c +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-128s-simple/clean/wots.h b/crypto_sign/sphincs-sha256-128s-simple/clean/wots.h index 89662ff8..8eaa20ee 100644 --- a/crypto_sign/sphincs-sha256-128s-simple/clean/wots.h +++ b/crypto_sign/sphincs-sha256-128s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/fors.c b/crypto_sign/sphincs-sha256-192f-robust/clean/fors.c index de0edb46..5f06115f 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/fors.c +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/fors.h b/crypto_sign/sphincs-sha256-192f-robust/clean/fors.h index 496f9553..db071c23 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/fors.h +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/hash.h b/crypto_sign/sphincs-sha256-192f-robust/clean/hash.h index 49d4d570..564125d6 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/hash.h +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-192f-robust/clean/hash_sha256.c index 81f42966..e93b7b89 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/primitive.h b/crypto_sign/sphincs-sha256-192f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-192f-robust/clean/primitive.h rename to crypto_sign/sphincs-sha256-192f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/sha256.c b/crypto_sign/sphincs-sha256-192f-robust/clean/sha256.c index ae312eea..ff085bcf 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/sha256.h b/crypto_sign/sphincs-sha256-192f-robust/clean/sha256.h index 6775411d..6723b5de 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/sign.c b/crypto_sign/sphincs-sha256-192f-robust/clean/sign.c index 19c20b78..a952889c 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/sign.c +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/thash.h b/crypto_sign/sphincs-sha256-192f-robust/clean/thash.h index 9badf350..62183b53 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/thash.h +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-192f-robust/clean/thash_sha256_robust.c index 02679f35..fab005e0 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/thash_sha256_robust.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; @@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; @@ -44,39 +44,39 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/utils.c b/crypto_sign/sphincs-sha256-192f-robust/clean/utils.c index 107f4cc0..7e9555e9 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/utils.c +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/utils.h b/crypto_sign/sphincs-sha256-192f-robust/clean/utils.h index 08d75fa5..4fd7c315 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/utils.h +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/wots.c b/crypto_sign/sphincs-sha256-192f-robust/clean/wots.c index f21997a0..c5e70830 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/wots.c +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/wots.h b/crypto_sign/sphincs-sha256-192f-robust/clean/wots.h index 8dbe4160..f2b729e6 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/wots.h +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/fors.c b/crypto_sign/sphincs-sha256-192f-simple/clean/fors.c index bbc9bc75..237ddf93 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/fors.c +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/fors.h b/crypto_sign/sphincs-sha256-192f-simple/clean/fors.h index 593a68e5..fa776f59 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/fors.h +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/hash.h b/crypto_sign/sphincs-sha256-192f-simple/clean/hash.h index d10a6440..ecf8b897 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/hash.h +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-192f-simple/clean/hash_sha256.c index 31d83154..ce550d77 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/primitive.h b/crypto_sign/sphincs-sha256-192f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-192f-simple/clean/primitive.h rename to crypto_sign/sphincs-sha256-192f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/sha256.c b/crypto_sign/sphincs-sha256-192f-simple/clean/sha256.c index 85e0e1b1..64a46d5c 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/sha256.h b/crypto_sign/sphincs-sha256-192f-simple/clean/sha256.h index bdce2f75..02c9ec01 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/sign.c b/crypto_sign/sphincs-sha256-192f-simple/clean/sign.c index df4aba9c..caf5fb31 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/sign.c +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/thash.h b/crypto_sign/sphincs-sha256-192f-simple/clean/thash.h index d2d8d72d..2c33bac9 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/thash.h +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/thash_sha256_simple.c b/crypto_sign/sphincs-sha256-192f-simple/clean/thash_sha256_simple.c index 658c0d1e..f45671e6 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/thash_sha256_simple.c +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/thash_sha256_simple.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; sha256ctx sha2_state; @@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash( (void)pub_seed; /* Suppress an 'unused parameter' warning. */ /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compress_address(buf, addr); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); @@ -37,39 +37,39 @@ static void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/utils.c b/crypto_sign/sphincs-sha256-192f-simple/clean/utils.c index 4644b19b..c45d24c3 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/utils.c +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/utils.h b/crypto_sign/sphincs-sha256-192f-simple/clean/utils.h index dde5af88..8ddb883b 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/utils.h +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/wots.c b/crypto_sign/sphincs-sha256-192f-simple/clean/wots.c index c2940f8b..75c88faf 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/wots.c +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-192f-simple/clean/wots.h b/crypto_sign/sphincs-sha256-192f-simple/clean/wots.h index 53f93232..8c7de8fc 100644 --- a/crypto_sign/sphincs-sha256-192f-simple/clean/wots.h +++ b/crypto_sign/sphincs-sha256-192f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/fors.c b/crypto_sign/sphincs-sha256-192s-robust/clean/fors.c index 4e48400c..a9c5e714 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/fors.c +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/fors.h b/crypto_sign/sphincs-sha256-192s-robust/clean/fors.h index 9adddeac..1f089da0 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/fors.h +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/hash.h b/crypto_sign/sphincs-sha256-192s-robust/clean/hash.h index 25ebdb1b..d68519c2 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/hash.h +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-192s-robust/clean/hash_sha256.c index 9ef52e19..a888a802 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/primitive.h b/crypto_sign/sphincs-sha256-192s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-192s-robust/clean/primitive.h rename to crypto_sign/sphincs-sha256-192s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/sha256.c b/crypto_sign/sphincs-sha256-192s-robust/clean/sha256.c index 48746e2c..dee5d9b7 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/sha256.h b/crypto_sign/sphincs-sha256-192s-robust/clean/sha256.h index 9ac3c19a..ac466a26 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/sign.c b/crypto_sign/sphincs-sha256-192s-robust/clean/sign.c index c9fbc454..24ac5a6a 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/sign.c +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/thash.h b/crypto_sign/sphincs-sha256-192s-robust/clean/thash.h index 2569ddec..0e731183 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/thash.h +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-192s-robust/clean/thash_sha256_robust.c index a7907bb2..3478bb7a 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/thash_sha256_robust.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; @@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; @@ -44,39 +44,39 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/utils.c b/crypto_sign/sphincs-sha256-192s-robust/clean/utils.c index 60edf32f..e677f630 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/utils.c +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/utils.h b/crypto_sign/sphincs-sha256-192s-robust/clean/utils.h index e372e960..abee6946 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/utils.h +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/wots.c b/crypto_sign/sphincs-sha256-192s-robust/clean/wots.c index 74ae60a7..ec7231c7 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/wots.c +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/wots.h b/crypto_sign/sphincs-sha256-192s-robust/clean/wots.h index 2e1bdd2b..082761b2 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/wots.h +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/fors.c b/crypto_sign/sphincs-sha256-192s-simple/clean/fors.c index 17d417c9..94796c11 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/fors.c +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/fors.h b/crypto_sign/sphincs-sha256-192s-simple/clean/fors.h index 01754490..df82ee2e 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/fors.h +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/hash.h b/crypto_sign/sphincs-sha256-192s-simple/clean/hash.h index ba371053..4cdf1b55 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/hash.h +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-192s-simple/clean/hash_sha256.c index ceed84a6..b09ba8a4 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/primitive.h b/crypto_sign/sphincs-sha256-192s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-192s-simple/clean/primitive.h rename to crypto_sign/sphincs-sha256-192s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/sha256.c b/crypto_sign/sphincs-sha256-192s-simple/clean/sha256.c index 73875dfd..246ccac6 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/sha256.h b/crypto_sign/sphincs-sha256-192s-simple/clean/sha256.h index 9edd6c17..8e7eca6f 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/sign.c b/crypto_sign/sphincs-sha256-192s-simple/clean/sign.c index 042eb6da..6fed698d 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/sign.c +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/thash.h b/crypto_sign/sphincs-sha256-192s-simple/clean/thash.h index 7d041cd7..32ed14fd 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/thash.h +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/thash_sha256_simple.c b/crypto_sign/sphincs-sha256-192s-simple/clean/thash_sha256_simple.c index cfcd284b..89735cc0 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/thash_sha256_simple.c +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/thash_sha256_simple.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; sha256ctx sha2_state; @@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash( (void)pub_seed; /* Suppress an 'unused parameter' warning. */ /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compress_address(buf, addr); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); @@ -37,39 +37,39 @@ static void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/utils.c b/crypto_sign/sphincs-sha256-192s-simple/clean/utils.c index cb541bc0..9900cdd9 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/utils.c +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/utils.h b/crypto_sign/sphincs-sha256-192s-simple/clean/utils.h index ea070848..108951d0 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/utils.h +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/wots.c b/crypto_sign/sphincs-sha256-192s-simple/clean/wots.c index 7770aa04..640e773d 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/wots.c +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-192s-simple/clean/wots.h b/crypto_sign/sphincs-sha256-192s-simple/clean/wots.h index d0f43015..db6dd927 100644 --- a/crypto_sign/sphincs-sha256-192s-simple/clean/wots.h +++ b/crypto_sign/sphincs-sha256-192s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/fors.c b/crypto_sign/sphincs-sha256-256f-robust/clean/fors.c index c3e0b34b..a77f9873 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/fors.c +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/fors.h b/crypto_sign/sphincs-sha256-256f-robust/clean/fors.h index 481f2063..8cab02c0 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/fors.h +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/hash.h b/crypto_sign/sphincs-sha256-256f-robust/clean/hash.h index ba69fd09..feeaf282 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/hash.h +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-256f-robust/clean/hash_sha256.c index d06511e6..8c427f81 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/primitive.h b/crypto_sign/sphincs-sha256-256f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-256f-robust/clean/primitive.h rename to crypto_sign/sphincs-sha256-256f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/sha256.c b/crypto_sign/sphincs-sha256-256f-robust/clean/sha256.c index cba5f6ad..f4ce32bb 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/sha256.h b/crypto_sign/sphincs-sha256-256f-robust/clean/sha256.h index 78595703..1d72a22a 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/sign.c b/crypto_sign/sphincs-sha256-256f-robust/clean/sign.c index 2f32f484..8b7ffc9c 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/sign.c +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/thash.h b/crypto_sign/sphincs-sha256-256f-robust/clean/thash.h index 1c30011e..dc5955c2 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/thash.h +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-256f-robust/clean/thash_sha256_robust.c index 63174245..04dc532b 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/thash_sha256_robust.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; @@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; @@ -44,39 +44,39 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/utils.c b/crypto_sign/sphincs-sha256-256f-robust/clean/utils.c index aa4e59d0..b9e9bc77 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/utils.c +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/utils.h b/crypto_sign/sphincs-sha256-256f-robust/clean/utils.h index 931ca675..4eb00678 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/utils.h +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/wots.c b/crypto_sign/sphincs-sha256-256f-robust/clean/wots.c index 70de0314..f29a16b8 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/wots.c +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/wots.h b/crypto_sign/sphincs-sha256-256f-robust/clean/wots.h index 42b931c5..1b9f2bf9 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/wots.h +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/fors.c b/crypto_sign/sphincs-sha256-256f-simple/clean/fors.c index 2239a369..65b301f9 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/fors.c +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/fors.h b/crypto_sign/sphincs-sha256-256f-simple/clean/fors.h index 95fae024..7c8b8680 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/fors.h +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/hash.h b/crypto_sign/sphincs-sha256-256f-simple/clean/hash.h index ceb79604..9b438dc2 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/hash.h +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-256f-simple/clean/hash_sha256.c index 828d3034..a1af41bb 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/primitive.h b/crypto_sign/sphincs-sha256-256f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-256f-simple/clean/primitive.h rename to crypto_sign/sphincs-sha256-256f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/sha256.c b/crypto_sign/sphincs-sha256-256f-simple/clean/sha256.c index a9e4e581..e75e740b 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/sha256.h b/crypto_sign/sphincs-sha256-256f-simple/clean/sha256.h index 38579f43..9babd89d 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/sign.c b/crypto_sign/sphincs-sha256-256f-simple/clean/sign.c index dd5a28cd..d3179951 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/sign.c +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/thash.h b/crypto_sign/sphincs-sha256-256f-simple/clean/thash.h index ab817467..3478f528 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/thash.h +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/thash_sha256_simple.c b/crypto_sign/sphincs-sha256-256f-simple/clean/thash_sha256_simple.c index 0d866575..250308f1 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/thash_sha256_simple.c +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/thash_sha256_simple.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; sha256ctx sha2_state; @@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash( (void)pub_seed; /* Suppress an 'unused parameter' warning. */ /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compress_address(buf, addr); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); @@ -37,39 +37,39 @@ static void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/utils.c b/crypto_sign/sphincs-sha256-256f-simple/clean/utils.c index 619a20af..f13b0551 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/utils.c +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/utils.h b/crypto_sign/sphincs-sha256-256f-simple/clean/utils.h index 4be8c470..747c021c 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/utils.h +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/wots.c b/crypto_sign/sphincs-sha256-256f-simple/clean/wots.c index dd765c11..72a9d659 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/wots.c +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-256f-simple/clean/wots.h b/crypto_sign/sphincs-sha256-256f-simple/clean/wots.h index f7eabaaa..7dc350de 100644 --- a/crypto_sign/sphincs-sha256-256f-simple/clean/wots.h +++ b/crypto_sign/sphincs-sha256-256f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/fors.c b/crypto_sign/sphincs-sha256-256s-robust/clean/fors.c index b28db875..f6b100f8 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/fors.c +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/fors.h b/crypto_sign/sphincs-sha256-256s-robust/clean/fors.h index 72510be9..10d76064 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/fors.h +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/hash.h b/crypto_sign/sphincs-sha256-256s-robust/clean/hash.h index 74a3bf73..8ec0b1d0 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/hash.h +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-256s-robust/clean/hash_sha256.c index 14c3184e..6dcdad0b 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/primitive.h b/crypto_sign/sphincs-sha256-256s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-256s-robust/clean/primitive.h rename to crypto_sign/sphincs-sha256-256s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/sha256.c b/crypto_sign/sphincs-sha256-256s-robust/clean/sha256.c index 0217665f..7e2adb37 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/sha256.h b/crypto_sign/sphincs-sha256-256s-robust/clean/sha256.h index 419b7c59..73365a18 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/sign.c b/crypto_sign/sphincs-sha256-256s-robust/clean/sign.c index a322df27..2b2d669d 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/sign.c +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/thash.h b/crypto_sign/sphincs-sha256-256s-robust/clean/thash.h index 3057d2f1..869b49d1 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/thash.h +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-256s-robust/clean/thash_sha256_robust.c index 7038cb77..9601ee62 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/thash_sha256_robust.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; @@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); for (i = 0; i < inblocks * SPX_N; i++) { buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; @@ -44,39 +44,39 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/utils.c b/crypto_sign/sphincs-sha256-256s-robust/clean/utils.c index 76f992b7..ea0c5851 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/utils.c +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/utils.h b/crypto_sign/sphincs-sha256-256s-robust/clean/utils.h index 11df59da..e28aff94 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/utils.h +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/wots.c b/crypto_sign/sphincs-sha256-256s-robust/clean/wots.c index 68a4bb3b..e285fb83 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/wots.c +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/wots.h b/crypto_sign/sphincs-sha256-256s-robust/clean/wots.h index 78c09e0d..8c9ca9c6 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/wots.h +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/fors.c b/crypto_sign/sphincs-sha256-256s-simple/clean/fors.c index 7cf89af5..1971bca6 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/fors.c +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/fors.h b/crypto_sign/sphincs-sha256-256s-simple/clean/fors.h index 6e982832..1f34467a 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/fors.h +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/hash.h b/crypto_sign/sphincs-sha256-256s-simple/clean/hash.h index d8eb78be..da9f5f3f 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/hash.h +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/hash_sha256.c b/crypto_sign/sphincs-sha256-256s-simple/clean/hash_sha256.c index 4d591d04..2bca40e5 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/hash_sha256.c +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/hash_sha256.c @@ -12,9 +12,9 @@ /* For SHA256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_seed_state(state_seeded, pub_seed); + PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_seed_state(hash_state_seeded, pub_seed); (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES]; unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; @@ -33,7 +33,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_prf_addr( sha256(outbuf, buf, SPX_N + SPX_SHA256_ADDR_BYTES); memcpy(out, outbuf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -47,7 +47,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_prf_addr( void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, - const unsigned char *m, size_t mlen, const hash_state *state_seeded) { + const unsigned char *m, size_t mlen, const hash_state *hash_state_seeded) { unsigned char buf[SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES]; sha256ctx state; int i; @@ -87,7 +87,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_gen_message_random( sha256(buf, buf, SPX_SHA256_BLOCK_BYTES + SPX_SHA256_OUTPUT_BYTES); memcpy(R, buf, SPX_N); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -99,7 +99,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -153,5 +153,5 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/primitive.h b/crypto_sign/sphincs-sha256-256s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-sha256-256s-simple/clean/primitive.h rename to crypto_sign/sphincs-sha256-256s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/sha256.c b/crypto_sign/sphincs-sha256-256s-simple/clean/sha256.c index 6e5d98c0..6ce718a4 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/sha256.c +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/sha256.c @@ -53,9 +53,9 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_mgf1( /** * Absorb the constant pub_seed using one round of the compression function - * This initializes state_seeded, which can then be reused in thash + * This initializes hash_state_seeded, which can then be reused in thash **/ -void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed) { +void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { uint8_t block[SPX_SHA256_BLOCK_BYTES]; size_t i; @@ -66,6 +66,6 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, c block[i] = 0; } - sha256_inc_init(state_seeded); - sha256_inc_blocks(state_seeded, block, 1); + sha256_inc_init(hash_state_seeded); + sha256_inc_blocks(hash_state_seeded, block, 1); } diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/sha256.h b/crypto_sign/sphincs-sha256-256s-simple/clean/sha256.h index c98d2cd5..49908e5f 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/sha256.h +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/sha256.h @@ -16,6 +16,6 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_mgf1( unsigned char *out, unsigned long outlen, unsigned char *input_plus_four_bytes, unsigned long inlen); -void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_seed_state(sha256ctx *state_seeded, const unsigned char *pub_seed); +void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed); #endif diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/sign.c b/crypto_sign/sphincs-sha256-256s-simple/clean/sign.c index 2f98bec9..90d7a33b 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/sign.c +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/thash.h b/crypto_sign/sphincs-sha256-256s-simple/clean/thash.h index 4d88b082..326de993 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/thash.h +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/thash_sha256_simple.c b/crypto_sign/sphincs-sha256-256s-simple/clean/thash_sha256_simple.c index 351677f4..9a20129b 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/thash_sha256_simple.c +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/thash_sha256_simple.c @@ -15,7 +15,7 @@ static void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; sha256ctx sha2_state; @@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash( (void)pub_seed; /* Suppress an 'unused parameter' warning. */ /* Retrieve precomputed state containing pub_seed */ - memcpy(&sha2_state, state_seeded, sizeof(sha256ctx)); + memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compress_address(buf, addr); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); @@ -37,39 +37,39 @@ static void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - sha256ctx *state_seeded) { + const sha256ctx *hash_state_seeded) { unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/utils.c b/crypto_sign/sphincs-sha256-256s-simple/clean/utils.c index 763d3e52..c42156b8 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/utils.c +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/utils.h b/crypto_sign/sphincs-sha256-256s-simple/clean/utils.h index 8769ffd9..760f2e46 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/utils.h +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/wots.c b/crypto_sign/sphincs-sha256-256s-simple/clean/wots.c index 52006107..c77d4d44 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/wots.c +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-sha256-256s-simple/clean/wots.h b/crypto_sign/sphincs-sha256-256s-simple/clean/wots.h index 4ec726ec..99ffbe2c 100644 --- a/crypto_sign/sphincs-sha256-256s-simple/clean/wots.h +++ b/crypto_sign/sphincs-sha256-256s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/fors.c b/crypto_sign/sphincs-shake256-128f-robust/clean/fors.c index f433c155..0aa139be 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/fors.c +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/fors.h b/crypto_sign/sphincs-shake256-128f-robust/clean/fors.h index 7fed9f42..7e0f5bc5 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/fors.h +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/hash.h b/crypto_sign/sphincs-shake256-128f-robust/clean/hash.h index b56ccc72..51783e33 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/hash.h +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-128f-robust/clean/hash_shake256.c index 9d7d535b..c5cf64cb 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/primitive.h b/crypto_sign/sphincs-shake256-128f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-128f-robust/clean/primitive.h rename to crypto_sign/sphincs-shake256-128f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/sign.c b/crypto_sign/sphincs-shake256-128f-robust/clean/sign.c index 2af7fa56..b3a157ec 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/sign.c +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/thash.h b/crypto_sign/sphincs-shake256-128f-robust/clean/thash.h index b4514b14..a2369fce 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/thash.h +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/thash_shake256_robust.c b/crypto_sign/sphincs-shake256-128f-robust/clean/thash_shake256_robust.c index 8a824d2f..a9077c28 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/thash_shake256_robust.c +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/thash_shake256_robust.c @@ -28,7 +28,6 @@ static void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash( } shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -36,43 +35,47 @@ static void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/utils.c b/crypto_sign/sphincs-shake256-128f-robust/clean/utils.c index 6cc24b25..095322e4 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/utils.c +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/utils.h b/crypto_sign/sphincs-shake256-128f-robust/clean/utils.h index 66417261..2e5fe527 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/utils.h +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/wots.c b/crypto_sign/sphincs-shake256-128f-robust/clean/wots.c index 28cde861..5175fe6d 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/wots.c +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/wots.h b/crypto_sign/sphincs-shake256-128f-robust/clean/wots.h index 7f4e1b01..9fa1b4c4 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/wots.h +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/fors.c b/crypto_sign/sphincs-shake256-128f-simple/clean/fors.c index d4bf757c..43d2695d 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/fors.c +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/fors.h b/crypto_sign/sphincs-shake256-128f-simple/clean/fors.h index daf89caa..684e216f 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/fors.h +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/hash.h b/crypto_sign/sphincs-shake256-128f-simple/clean/hash.h index c41a2f5d..1f79b456 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/hash.h +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-128f-simple/clean/hash_shake256.c index b88c000f..29acba83 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/primitive.h b/crypto_sign/sphincs-shake256-128f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-128f-simple/clean/primitive.h rename to crypto_sign/sphincs-shake256-128f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/sign.c b/crypto_sign/sphincs-shake256-128f-simple/clean/sign.c index 0b3bf31d..eff8eba2 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/sign.c +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/thash.h b/crypto_sign/sphincs-shake256-128f-simple/clean/thash.h index afcdb4bd..f85e4790 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/thash.h +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/thash_shake256_simple.c b/crypto_sign/sphincs-shake256-128f-simple/clean/thash_shake256_simple.c index 0e898912..0fd17825 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/thash_shake256_simple.c +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/thash_shake256_simple.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "fips202.h" @@ -14,15 +14,13 @@ static void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, - const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const unsigned char *pub_seed, uint32_t addr[8]) { memcpy(buf, pub_seed, SPX_N); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_addr_to_bytes(buf + SPX_N, addr); memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N); shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - (void)state_seeded; } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -30,39 +28,47 @@ static void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/utils.c b/crypto_sign/sphincs-shake256-128f-simple/clean/utils.c index 24e9519e..c3475fd1 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/utils.c +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/utils.h b/crypto_sign/sphincs-shake256-128f-simple/clean/utils.h index 4397c300..224d5752 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/utils.h +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/wots.c b/crypto_sign/sphincs-shake256-128f-simple/clean/wots.c index 1e8e9b72..7f937405 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/wots.c +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/wots.h b/crypto_sign/sphincs-shake256-128f-simple/clean/wots.h index 05dd2c9c..8de37291 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/wots.h +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/fors.c b/crypto_sign/sphincs-shake256-128s-robust/clean/fors.c index dcdbd06b..52180bd0 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/fors.c +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/fors.h b/crypto_sign/sphincs-shake256-128s-robust/clean/fors.h index 91554b09..c94862ad 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/fors.h +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/hash.h b/crypto_sign/sphincs-shake256-128s-robust/clean/hash.h index acfb882a..97cd6e0d 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/hash.h +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-128s-robust/clean/hash_shake256.c index 96b25d64..a50f3c6d 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/primitive.h b/crypto_sign/sphincs-shake256-128s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-128s-robust/clean/primitive.h rename to crypto_sign/sphincs-shake256-128s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/sign.c b/crypto_sign/sphincs-shake256-128s-robust/clean/sign.c index 70596d7f..0aff35c3 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/sign.c +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/thash.h b/crypto_sign/sphincs-shake256-128s-robust/clean/thash.h index 85dc7378..f9999571 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/thash.h +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/thash_shake256_robust.c b/crypto_sign/sphincs-shake256-128s-robust/clean/thash_shake256_robust.c index 7e0476fb..7f9e795b 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/thash_shake256_robust.c +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/thash_shake256_robust.c @@ -28,7 +28,6 @@ static void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash( } shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -36,43 +35,47 @@ static void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/utils.c b/crypto_sign/sphincs-shake256-128s-robust/clean/utils.c index 6a4f1e27..06faabd0 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/utils.c +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/utils.h b/crypto_sign/sphincs-shake256-128s-robust/clean/utils.h index db555591..804bcab2 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/utils.h +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/wots.c b/crypto_sign/sphincs-shake256-128s-robust/clean/wots.c index 36ee5ba9..445ee1d9 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/wots.c +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/wots.h b/crypto_sign/sphincs-shake256-128s-robust/clean/wots.h index 23ad643d..db996b27 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/wots.h +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/fors.c b/crypto_sign/sphincs-shake256-128s-simple/clean/fors.c index 51007769..7c4c7276 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/fors.c +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/fors.h b/crypto_sign/sphincs-shake256-128s-simple/clean/fors.h index c210a6f1..9f2ac8a2 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/fors.h +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/hash.h b/crypto_sign/sphincs-shake256-128s-simple/clean/hash.h index 8aa07766..e7170967 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/hash.h +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-128s-simple/clean/hash_shake256.c index 5970d926..250685f0 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/primitive.h b/crypto_sign/sphincs-shake256-128s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-128s-simple/clean/primitive.h rename to crypto_sign/sphincs-shake256-128s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/sign.c b/crypto_sign/sphincs-shake256-128s-simple/clean/sign.c index 6216b7a0..6a05e9c8 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/sign.c +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/thash.h b/crypto_sign/sphincs-shake256-128s-simple/clean/thash.h index 75149ea5..53c61dab 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/thash.h +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/thash_shake256_simple.c b/crypto_sign/sphincs-shake256-128s-simple/clean/thash_shake256_simple.c index ece38525..b5d3ecb9 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/thash_shake256_simple.c +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/thash_shake256_simple.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "fips202.h" @@ -14,15 +14,13 @@ static void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, - const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const unsigned char *pub_seed, uint32_t addr[8]) { memcpy(buf, pub_seed, SPX_N); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_addr_to_bytes(buf + SPX_N, addr); memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N); shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - (void)state_seeded; } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -30,39 +28,47 @@ static void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/utils.c b/crypto_sign/sphincs-shake256-128s-simple/clean/utils.c index 555db491..a4fe67ce 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/utils.c +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/utils.h b/crypto_sign/sphincs-shake256-128s-simple/clean/utils.h index 0f22f798..ee392ae4 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/utils.h +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/wots.c b/crypto_sign/sphincs-shake256-128s-simple/clean/wots.c index 85780964..178a708a 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/wots.c +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/wots.h b/crypto_sign/sphincs-shake256-128s-simple/clean/wots.h index 9d25e53b..9db42c4e 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/wots.h +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/fors.c b/crypto_sign/sphincs-shake256-192f-robust/clean/fors.c index d42e0b8a..ea26b08d 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/fors.c +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/fors.h b/crypto_sign/sphincs-shake256-192f-robust/clean/fors.h index 2161284f..bf41a26b 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/fors.h +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/hash.h b/crypto_sign/sphincs-shake256-192f-robust/clean/hash.h index 42f169d8..b2b73318 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/hash.h +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-192f-robust/clean/hash_shake256.c index a7db0bb7..120eca41 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/primitive.h b/crypto_sign/sphincs-shake256-192f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-192f-robust/clean/primitive.h rename to crypto_sign/sphincs-shake256-192f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/sign.c b/crypto_sign/sphincs-shake256-192f-robust/clean/sign.c index 54e8d01b..b308e39f 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/sign.c +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/thash.h b/crypto_sign/sphincs-shake256-192f-robust/clean/thash.h index 3951e256..608b6131 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/thash.h +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/thash_shake256_robust.c b/crypto_sign/sphincs-shake256-192f-robust/clean/thash_shake256_robust.c index 86e01407..612862d4 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/thash_shake256_robust.c +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/thash_shake256_robust.c @@ -28,7 +28,6 @@ static void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash( } shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -36,43 +35,47 @@ static void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/utils.c b/crypto_sign/sphincs-shake256-192f-robust/clean/utils.c index 8196a3b6..e115a9a7 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/utils.c +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/utils.h b/crypto_sign/sphincs-shake256-192f-robust/clean/utils.h index d682be04..190086c9 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/utils.h +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/wots.c b/crypto_sign/sphincs-shake256-192f-robust/clean/wots.c index dabd1603..ae7fc71a 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/wots.c +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/wots.h b/crypto_sign/sphincs-shake256-192f-robust/clean/wots.h index 7eafcb7a..2d523882 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/wots.h +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/fors.c b/crypto_sign/sphincs-shake256-192f-simple/clean/fors.c index bfb9f98f..df9e98d6 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/fors.c +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/fors.h b/crypto_sign/sphincs-shake256-192f-simple/clean/fors.h index fd18827e..d06ba531 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/fors.h +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/hash.h b/crypto_sign/sphincs-shake256-192f-simple/clean/hash.h index ef6e08fd..4713d1e5 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/hash.h +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-192f-simple/clean/hash_shake256.c index 150ff074..94b3fc68 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/primitive.h b/crypto_sign/sphincs-shake256-192f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-192f-simple/clean/primitive.h rename to crypto_sign/sphincs-shake256-192f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/sign.c b/crypto_sign/sphincs-shake256-192f-simple/clean/sign.c index 46827624..731d561f 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/sign.c +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/thash.h b/crypto_sign/sphincs-shake256-192f-simple/clean/thash.h index 882522b2..c736a36b 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/thash.h +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/thash_shake256_simple.c b/crypto_sign/sphincs-shake256-192f-simple/clean/thash_shake256_simple.c index 6d645074..cdcb0916 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/thash_shake256_simple.c +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/thash_shake256_simple.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "fips202.h" @@ -14,15 +14,13 @@ static void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, - const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const unsigned char *pub_seed, uint32_t addr[8]) { memcpy(buf, pub_seed, SPX_N); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_addr_to_bytes(buf + SPX_N, addr); memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N); shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - (void)state_seeded; } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -30,39 +28,47 @@ static void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/utils.c b/crypto_sign/sphincs-shake256-192f-simple/clean/utils.c index dd271760..5d17a3e1 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/utils.c +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/utils.h b/crypto_sign/sphincs-shake256-192f-simple/clean/utils.h index 34a109d7..9451a109 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/utils.h +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/wots.c b/crypto_sign/sphincs-shake256-192f-simple/clean/wots.c index b6633857..6672f221 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/wots.c +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/wots.h b/crypto_sign/sphincs-shake256-192f-simple/clean/wots.h index fbc6869a..71382dfb 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/wots.h +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/fors.c b/crypto_sign/sphincs-shake256-192s-robust/clean/fors.c index 5efaf0f3..3518e3fa 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/fors.c +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/fors.h b/crypto_sign/sphincs-shake256-192s-robust/clean/fors.h index 21cf0bea..e40a356a 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/fors.h +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/hash.h b/crypto_sign/sphincs-shake256-192s-robust/clean/hash.h index b8d86966..ea8bfb90 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/hash.h +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-192s-robust/clean/hash_shake256.c index 5461e737..459a23c4 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/primitive.h b/crypto_sign/sphincs-shake256-192s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-192s-robust/clean/primitive.h rename to crypto_sign/sphincs-shake256-192s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/sign.c b/crypto_sign/sphincs-shake256-192s-robust/clean/sign.c index 31859d3e..853426ec 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/sign.c +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/thash.h b/crypto_sign/sphincs-shake256-192s-robust/clean/thash.h index 8b07227c..4f55ad12 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/thash.h +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/thash_shake256_robust.c b/crypto_sign/sphincs-shake256-192s-robust/clean/thash_shake256_robust.c index a986d224..3c60eed1 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/thash_shake256_robust.c +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/thash_shake256_robust.c @@ -28,7 +28,6 @@ static void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash( } shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -36,43 +35,47 @@ static void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/utils.c b/crypto_sign/sphincs-shake256-192s-robust/clean/utils.c index 9477d33d..c8c30882 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/utils.c +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/utils.h b/crypto_sign/sphincs-shake256-192s-robust/clean/utils.h index 93ebda68..93defa6b 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/utils.h +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/wots.c b/crypto_sign/sphincs-shake256-192s-robust/clean/wots.c index b76536e1..c2dde52f 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/wots.c +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/wots.h b/crypto_sign/sphincs-shake256-192s-robust/clean/wots.h index 971b65a7..d7db39ad 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/wots.h +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/fors.c b/crypto_sign/sphincs-shake256-192s-simple/clean/fors.c index 042e0510..490f65cf 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/fors.c +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/fors.h b/crypto_sign/sphincs-shake256-192s-simple/clean/fors.h index 02ea838b..5be024d4 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/fors.h +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/hash.h b/crypto_sign/sphincs-shake256-192s-simple/clean/hash.h index d37bf2c5..4cce1129 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/hash.h +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-192s-simple/clean/hash_shake256.c index 41e1bf68..fd218f98 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/primitive.h b/crypto_sign/sphincs-shake256-192s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-192s-simple/clean/primitive.h rename to crypto_sign/sphincs-shake256-192s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/sign.c b/crypto_sign/sphincs-shake256-192s-simple/clean/sign.c index 3a23fdac..5f1d6c7f 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/sign.c +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/thash.h b/crypto_sign/sphincs-shake256-192s-simple/clean/thash.h index f668ddd9..d542860d 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/thash.h +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/thash_shake256_simple.c b/crypto_sign/sphincs-shake256-192s-simple/clean/thash_shake256_simple.c index 6bfb0f26..2297bba3 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/thash_shake256_simple.c +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/thash_shake256_simple.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "fips202.h" @@ -14,15 +14,13 @@ static void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, - const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const unsigned char *pub_seed, uint32_t addr[8]) { memcpy(buf, pub_seed, SPX_N); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_addr_to_bytes(buf + SPX_N, addr); memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N); shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - (void)state_seeded; } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -30,39 +28,47 @@ static void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/utils.c b/crypto_sign/sphincs-shake256-192s-simple/clean/utils.c index 99a98ae6..a0f4e32a 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/utils.c +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/utils.h b/crypto_sign/sphincs-shake256-192s-simple/clean/utils.h index cc504638..805411fd 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/utils.h +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/wots.c b/crypto_sign/sphincs-shake256-192s-simple/clean/wots.c index 5186fe90..576c98b3 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/wots.c +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/wots.h b/crypto_sign/sphincs-shake256-192s-simple/clean/wots.h index 1faae2a7..2a028c7d 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/wots.h +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/fors.c b/crypto_sign/sphincs-shake256-256f-robust/clean/fors.c index c8757493..cfc49ce9 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/fors.c +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/fors.h b/crypto_sign/sphincs-shake256-256f-robust/clean/fors.h index 41d869b3..5b8db7a7 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/fors.h +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/hash.h b/crypto_sign/sphincs-shake256-256f-robust/clean/hash.h index eb43011c..52895ac2 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/hash.h +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-256f-robust/clean/hash_shake256.c index c5d289b6..d44dc559 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/primitive.h b/crypto_sign/sphincs-shake256-256f-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-256f-robust/clean/primitive.h rename to crypto_sign/sphincs-shake256-256f-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/sign.c b/crypto_sign/sphincs-shake256-256f-robust/clean/sign.c index b30e3e37..b6bd1f93 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/sign.c +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/thash.h b/crypto_sign/sphincs-shake256-256f-robust/clean/thash.h index 1ea720d6..2f7dc7ef 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/thash.h +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/thash_shake256_robust.c b/crypto_sign/sphincs-shake256-256f-robust/clean/thash_shake256_robust.c index e14d1d42..4c06920f 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/thash_shake256_robust.c +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/thash_shake256_robust.c @@ -28,7 +28,6 @@ static void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash( } shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -36,43 +35,47 @@ static void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/utils.c b/crypto_sign/sphincs-shake256-256f-robust/clean/utils.c index e79113cd..0820542e 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/utils.c +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/utils.h b/crypto_sign/sphincs-shake256-256f-robust/clean/utils.h index 9c0e955f..06dc81cf 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/utils.h +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/wots.c b/crypto_sign/sphincs-shake256-256f-robust/clean/wots.c index bd510877..9ce362e5 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/wots.c +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/wots.h b/crypto_sign/sphincs-shake256-256f-robust/clean/wots.h index 7dd8d068..386524fe 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/wots.h +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/fors.c b/crypto_sign/sphincs-shake256-256f-simple/clean/fors.c index b511a31c..202628b9 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/fors.c +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/fors.h b/crypto_sign/sphincs-shake256-256f-simple/clean/fors.h index bd39515e..99a5c7a2 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/fors.h +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/hash.h b/crypto_sign/sphincs-shake256-256f-simple/clean/hash.h index 72b79fc6..f9f6ea02 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/hash.h +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-256f-simple/clean/hash_shake256.c index deddb43d..b3805352 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/primitive.h b/crypto_sign/sphincs-shake256-256f-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-256f-simple/clean/primitive.h rename to crypto_sign/sphincs-shake256-256f-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/sign.c b/crypto_sign/sphincs-shake256-256f-simple/clean/sign.c index fc961808..2adafda4 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/sign.c +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/thash.h b/crypto_sign/sphincs-shake256-256f-simple/clean/thash.h index c65a0f39..8057767c 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/thash.h +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/thash_shake256_simple.c b/crypto_sign/sphincs-shake256-256f-simple/clean/thash_shake256_simple.c index 379f4238..6d23c3b2 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/thash_shake256_simple.c +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/thash_shake256_simple.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "fips202.h" @@ -14,15 +14,13 @@ static void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, - const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const unsigned char *pub_seed, uint32_t addr[8]) { memcpy(buf, pub_seed, SPX_N); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_addr_to_bytes(buf + SPX_N, addr); memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N); shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - (void)state_seeded; } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -30,39 +28,47 @@ static void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/utils.c b/crypto_sign/sphincs-shake256-256f-simple/clean/utils.c index adaa9de2..4eb9409d 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/utils.c +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/utils.h b/crypto_sign/sphincs-shake256-256f-simple/clean/utils.h index 5637d482..a328412f 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/utils.h +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/wots.c b/crypto_sign/sphincs-shake256-256f-simple/clean/wots.c index c5bc0215..b4b99f10 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/wots.c +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/wots.h b/crypto_sign/sphincs-shake256-256f-simple/clean/wots.h index 3fb3ebab..eb90b651 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/wots.h +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/fors.c b/crypto_sign/sphincs-shake256-256s-robust/clean/fors.c index 5ca6c844..e866f4f6 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/fors.c +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/fors.h b/crypto_sign/sphincs-shake256-256s-robust/clean/fors.h index e8480594..b9561e5a 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/fors.h +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/hash.h b/crypto_sign/sphincs-shake256-256s-robust/clean/hash.h index 6a4120f7..0082c01d 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/hash.h +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-256s-robust/clean/hash_shake256.c index 3bf28123..ddc428ea 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/primitive.h b/crypto_sign/sphincs-shake256-256s-robust/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-256s-robust/clean/primitive.h rename to crypto_sign/sphincs-shake256-256s-robust/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/sign.c b/crypto_sign/sphincs-shake256-256s-robust/clean/sign.c index c97fcaf8..957f61a7 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/sign.c +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/thash.h b/crypto_sign/sphincs-shake256-256s-robust/clean/thash.h index 89416388..c87346b5 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/thash.h +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/thash_shake256_robust.c b/crypto_sign/sphincs-shake256-256s-robust/clean/thash_shake256_robust.c index 64759b8b..20987658 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/thash_shake256_robust.c +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/thash_shake256_robust.c @@ -28,7 +28,6 @@ static void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash( } shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -36,43 +35,47 @@ static void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); - (void)state_seeded; + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/utils.c b/crypto_sign/sphincs-shake256-256s-robust/clean/utils.c index 076fad06..be33011e 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/utils.c +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/utils.h b/crypto_sign/sphincs-shake256-256s-robust/clean/utils.h index a6b93ab8..7b2af54e 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/utils.h +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/wots.c b/crypto_sign/sphincs-shake256-256s-robust/clean/wots.c index d06e703d..5e7ac05e 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/wots.c +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/wots.h b/crypto_sign/sphincs-shake256-256s-robust/clean/wots.h index e79a2390..ef32deea 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/wots.h +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/fors.c b/crypto_sign/sphincs-shake256-256s-simple/clean/fors.c index 650e83a3..36992a3e 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/fors.c +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/fors.c @@ -5,28 +5,28 @@ #include "address.h" #include "fors.h" #include "hash.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" static void fors_gen_sk(unsigned char *sk, const unsigned char *sk_seed, - uint32_t fors_leaf_addr[8], const hash_state *state_seeded) { + uint32_t fors_leaf_addr[8], const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_prf_addr( - sk, sk_seed, fors_leaf_addr, state_seeded); + sk, sk_seed, fors_leaf_addr, hash_state_seeded); } static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk, const unsigned char *pub_seed, uint32_t fors_leaf_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_1( - leaf, sk, pub_seed, fors_leaf_addr, state_seeded); + leaf, sk, pub_seed, fors_leaf_addr, hash_state_seeded); } static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t fors_tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t fors_leaf_addr[8] = {0}; /* Only copy the parts that must be kept in fors_leaf_addr. */ @@ -37,8 +37,8 @@ static void fors_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_tree_index( fors_leaf_addr, addr_idx); - fors_gen_sk(leaf, sk_seed, fors_leaf_addr, state_seeded); - fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, state_seeded); + fors_gen_sk(leaf, sk_seed, fors_leaf_addr, hash_state_seeded); + fors_sk_to_leaf(leaf, leaf, pub_seed, fors_leaf_addr, hash_state_seeded); } /** @@ -67,7 +67,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded) { + const uint32_t fors_addr[8], const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; uint32_t fors_tree_addr[8] = {0}; @@ -96,20 +96,20 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_fors_sign( fors_tree_addr, indices[i] + idx_offset); /* Include the secret key part that produces the selected leaf node. */ - fors_gen_sk(sig, sk_seed, fors_tree_addr, state_seeded); + fors_gen_sk(sig, sk_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Compute the authentication path for this leaf node. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( roots + i * SPX_N, sig, sk_seed, pub_seed, indices[i], idx_offset, fors_gen_leaf, fors_tree_addr, - state_seeded); + hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } /** @@ -123,7 +123,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t indices[SPX_FORS_TREES]; unsigned char roots[SPX_FORS_TREES * SPX_N]; unsigned char leaf[SPX_N]; @@ -153,17 +153,17 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_fors_pk_from_sig( fors_tree_addr, indices[i] + idx_offset); /* Derive the leaf from the included secret key part. */ - fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, state_seeded); + fors_sk_to_leaf(leaf, sig, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N; /* Derive the corresponding root node of this tree. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_compute_root( roots + i * SPX_N, leaf, indices[i], idx_offset, sig, - SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, state_seeded); + SPX_FORS_HEIGHT, pub_seed, fors_tree_addr, hash_state_seeded); sig += SPX_N * SPX_FORS_HEIGHT; } /* Hash horizontally across all tree roots to derive the public key. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_FORS_TREES( - pk, roots, pub_seed, fors_pk_addr, state_seeded); + pk, roots, pub_seed, fors_pk_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/fors.h b/crypto_sign/sphincs-shake256-256s-simple/clean/fors.h index 46852b79..37574fff 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/fors.h +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/fors.h @@ -4,7 +4,7 @@ #include #include "params.h" -#include "primitive.h" +#include "hash_state.h" /** * Signs a message m, deriving the secret key from sk_seed and the FTS address. @@ -14,7 +14,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_fors_sign( unsigned char *sig, unsigned char *pk, const unsigned char *m, const unsigned char *sk_seed, const unsigned char *pub_seed, - const uint32_t fors_addr[8], hash_state *state_seeded); + const uint32_t fors_addr[8], const hash_state *hash_state_seeded); /** * Derives the FORS public key from a signature. @@ -27,6 +27,6 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_fors_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *m, const unsigned char *pub_seed, const uint32_t fors_addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/hash.h b/crypto_sign/sphincs-shake256-256s-simple/clean/hash.h index 99edd202..7e7aba9f 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/hash.h +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/hash.h @@ -1,29 +1,29 @@ #ifndef SPX_HASH_H #define SPX_HASH_H -#include "primitive.h" +#include "hash_state.h" #include #include void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed); void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-256s-simple/clean/hash_shake256.c index 76494bb3..47f967e7 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/hash_shake256.c @@ -11,9 +11,9 @@ /* For SHAKE256, there is no immediate reason to initialize at the start, so this function is an empty operation. */ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_initialize_hash_function( - hash_state *state_seeded, + hash_state *hash_state_seeded, const unsigned char *pub_seed, const unsigned char *sk_seed) { - (void)state_seeded; /* Suppress an 'unused parameter' warning. */ + (void)hash_state_seeded; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)sk_seed; /* Suppress an 'unused parameter' warning. */ } @@ -23,7 +23,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_initialize_hash_function( */ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_prf_addr( unsigned char *out, const unsigned char *key, const uint32_t addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES]; memcpy(buf, key, SPX_N); @@ -31,7 +31,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_prf_addr( shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -42,7 +42,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { shake256incctx state; shake256_inc_init(&state); @@ -52,7 +52,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_gen_message_random( shake256_inc_finalize(&state); shake256_inc_squeeze(R, SPX_N, &state); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } /** @@ -64,7 +64,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_hash_message( unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx, const unsigned char *R, const unsigned char *pk, const unsigned char *m, size_t mlen, - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { #define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1)) #define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8) #define SPX_LEAF_BITS SPX_TREE_HEIGHT @@ -94,5 +94,5 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_hash_message( bufp, SPX_LEAF_BYTES); *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS); - (void)state_seeded; /* Prevent unused parameter warning. */ + (void)hash_state_seeded; /* Prevent unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/primitive.h b/crypto_sign/sphincs-shake256-256s-simple/clean/hash_state.h similarity index 100% rename from crypto_sign/sphincs-shake256-256s-simple/clean/primitive.h rename to crypto_sign/sphincs-shake256-256s-simple/clean/hash_state.h diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/sign.c b/crypto_sign/sphincs-shake256-256s-simple/clean/sign.c index 31e46ab0..1781fb6c 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/sign.c +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/sign.c @@ -7,7 +7,7 @@ #include "fors.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "randombytes.h" #include "thash.h" #include "utils.h" @@ -20,7 +20,7 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr_idx, const uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char pk[SPX_WOTS_BYTES]; uint32_t wots_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; @@ -35,12 +35,12 @@ static void wots_gen_leaf(unsigned char *leaf, const unsigned char *sk_seed, PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_keypair_addr( wots_addr, addr_idx); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_gen_pk( - pk, sk_seed, pub_seed, wots_addr, state_seeded); + pk, sk_seed, pub_seed, wots_addr, hash_state_seeded); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_copy_keypair_addr( wots_pk_addr, wots_addr); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, pk, pub_seed, wots_pk_addr, state_seeded); + leaf, pk, pub_seed, wots_pk_addr, hash_state_seeded); } /* @@ -83,7 +83,7 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_seed_keypair( in one function. */ unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N]; uint32_t top_tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_layer_addr( top_tree_addr, SPX_D - 1); @@ -97,12 +97,12 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_seed_keypair( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ - PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_initialize_hash_function(&state_seeded, pk, sk); + PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_initialize_hash_function(&hash_state_seeded, pk, sk); /* Compute root node of the top-most subtree. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( sk + 3 * SPX_N, auth_path, sk, sk + 2 * SPX_N, 0, 0, - wots_gen_leaf, top_tree_addr, &state_seeded); + wots_gen_leaf, top_tree_addr, &hash_state_seeded); memcpy(pk + SPX_N, sk + 3 * SPX_N, SPX_N); @@ -144,12 +144,12 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_signature( uint32_t wots_addr[8] = {0}; uint32_t tree_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, sk_seed); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_type( @@ -163,11 +163,11 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_signature( randombytes(optrand, SPX_N); /* Compute the digest randomization value. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_gen_message_random( - sig, sk_prf, optrand, m, mlen, &state_seeded); + sig, sk_prf, optrand, m, mlen, &hash_state_seeded); /* Derive the message digest and leaf index from R, PK and M. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_tree_addr(wots_addr, tree); @@ -176,7 +176,7 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_signature( /* Sign the message hash using FORS. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_fors_sign( - sig, root, mhash, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, mhash, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; for (i = 0; i < SPX_D; i++) { @@ -190,13 +190,13 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_signature( /* Compute a WOTS signature. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_sign( - sig, root, sk_seed, pub_seed, wots_addr, &state_seeded); + sig, root, sk_seed, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the authentication path for the used WOTS leaf. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( root, sig, sk_seed, pub_seed, idx_leaf, 0, - wots_gen_leaf, tree_addr, &state_seeded); + wots_gen_leaf, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ @@ -228,7 +228,7 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_verify( uint32_t tree_addr[8] = {0}; uint32_t wots_pk_addr[8] = {0}; - hash_state state_seeded; + hash_state hash_state_seeded; if (siglen != SPX_BYTES) { return -1; @@ -237,7 +237,7 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_verify( /* This hook allows the hash function instantiation to do whatever preparation or computation it needs, based on the public seed. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_initialize_hash_function( - &state_seeded, + &hash_state_seeded, pub_seed, NULL); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_type( @@ -250,7 +250,7 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_verify( /* Derive the message digest and leaf index from R || PK || M. */ /* The additional SPX_N is a result of the hash domain separator. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_hash_message( - mhash, &tree, &idx_leaf, sig, pk, m, mlen, &state_seeded); + mhash, &tree, &idx_leaf, sig, pk, m, mlen, &hash_state_seeded); sig += SPX_N; /* Layer correctly defaults to 0, so no need to set_layer_addr */ @@ -259,7 +259,7 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_verify( wots_addr, idx_leaf); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_fors_pk_from_sig( - root, sig, mhash, pub_seed, wots_addr, &state_seeded); + root, sig, mhash, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_FORS_BYTES; /* For each subtree.. */ @@ -279,17 +279,17 @@ int PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_crypto_sign_verify( /* Initially, root is the FORS pk, but on subsequent iterations it is the root of the subtree below the currently processed subtree. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_pk_from_sig( - wots_pk, sig, root, pub_seed, wots_addr, &state_seeded); + wots_pk, sig, root, pub_seed, wots_addr, &hash_state_seeded); sig += SPX_WOTS_BYTES; /* Compute the leaf node using the WOTS public key. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_WOTS_LEN( - leaf, wots_pk, pub_seed, wots_pk_addr, &state_seeded); + leaf, wots_pk, pub_seed, wots_pk_addr, &hash_state_seeded); /* Compute the root node of this subtree. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_compute_root( root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT, - pub_seed, tree_addr, &state_seeded); + pub_seed, tree_addr, &hash_state_seeded); sig += SPX_TREE_HEIGHT * SPX_N; /* Update the indices for the next layer. */ diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/thash.h b/crypto_sign/sphincs-shake256-256s-simple/clean/thash.h index c6bb110f..2e891429 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/thash.h +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/thash.h @@ -2,26 +2,26 @@ #define SPX_THASH_H #include -#include "primitive.h" +#include "hash_state.h" void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/thash_shake256_simple.c b/crypto_sign/sphincs-shake256-256s-simple/clean/thash_shake256_simple.c index 0231e639..902c4eb9 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/thash_shake256_simple.c +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/thash_shake256_simple.c @@ -3,7 +3,7 @@ #include "address.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "fips202.h" @@ -14,15 +14,13 @@ static void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash( unsigned char *out, unsigned char *buf, const unsigned char *in, unsigned int inblocks, - const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const unsigned char *pub_seed, uint32_t addr[8]) { memcpy(buf, pub_seed, SPX_N); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_addr_to_bytes(buf + SPX_N, addr); memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N); shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks * SPX_N); - (void)state_seeded; } /* The wrappers below ensure that we use fixed-size buffers on the stack */ @@ -30,39 +28,47 @@ static void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash( void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 1 * SPX_N]; PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash( - out, buf, in, 1, pub_seed, addr, state_seeded); + out, buf, in, 1, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + 2 * SPX_N]; PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash( - out, buf, in, 2, pub_seed, addr, state_seeded); + out, buf, in, 2, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash( - out, buf, in, SPX_WOTS_LEN, pub_seed, addr, state_seeded); + out, buf, in, SPX_WOTS_LEN, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned char buf[SPX_N + SPX_ADDR_BYTES + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash( - out, buf, in, SPX_FORS_TREES, pub_seed, addr, state_seeded); + out, buf, in, SPX_FORS_TREES, pub_seed, addr); + + (void)hash_state_seeded; /* Avoid unused parameter warning. */ } diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/utils.c b/crypto_sign/sphincs-shake256-256s-simple/clean/utils.c index 4ce1c90d..57d6be50 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/utils.c +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/utils.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" @@ -43,7 +43,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; unsigned char buffer[2 * SPX_N]; @@ -69,11 +69,11 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_compute_root( /* Pick the right or left neighbor, depending on parity of the node. */ if (leaf_idx & 1) { PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_2( - buffer + SPX_N, buffer, pub_seed, addr, state_seeded); + buffer + SPX_N, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer, auth_path, SPX_N); } else { PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_2( - buffer, buffer, pub_seed, addr, state_seeded); + buffer, buffer, pub_seed, addr, hash_state_seeded); memcpy(buffer + SPX_N, auth_path, SPX_N); } auth_path += SPX_N; @@ -86,7 +86,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_compute_root( PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_tree_index( addr, leaf_idx + idx_offset); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_2( - root, buffer, pub_seed, addr, state_seeded); + root, buffer, pub_seed, addr, hash_state_seeded); } /** @@ -107,9 +107,9 @@ static void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), + const hash_state * /* hash_state_seeded */), uint32_t tree_addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int offset = 0; uint32_t idx; @@ -119,7 +119,7 @@ static void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash( /* Add the next leaf node to the stack. */ gen_leaf(stack + offset * SPX_N, sk_seed, pub_seed, idx + idx_offset, tree_addr, - state_seeded); + hash_state_seeded); offset++; heights[offset - 1] = 0; @@ -141,7 +141,7 @@ static void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash( /* Hash the top-most nodes from the stack together. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_2( stack + (offset - 2)*SPX_N, stack + (offset - 2)*SPX_N, - pub_seed, tree_addr, state_seeded); + pub_seed, tree_addr, hash_state_seeded); offset--; /* Note that the top-most node is now one layer higher. */ heights[offset - 1]++; @@ -167,15 +167,15 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_FORS_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_FORS_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_FORS_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( @@ -187,13 +187,13 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded) { + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded) { unsigned char stack[(SPX_TREE_HEIGHT + 1)*SPX_N]; unsigned int heights[SPX_TREE_HEIGHT + 1]; PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash( root, auth_path, stack, heights, sk_seed, pub_seed, - leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, state_seeded); + leaf_idx, idx_offset, SPX_TREE_HEIGHT, gen_leaf, tree_addr, hash_state_seeded); } diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/utils.h b/crypto_sign/sphincs-shake256-256s-simple/clean/utils.h index b0d034db..05b0c62f 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/utils.h +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/utils.h @@ -2,7 +2,7 @@ #define SPX_UTILS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include #include @@ -27,7 +27,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_compute_root( uint32_t leaf_idx, uint32_t idx_offset, const unsigned char *auth_path, uint32_t tree_height, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * For a given leaf index, computes the authentication path and the resulting @@ -46,8 +46,8 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_FORS_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( unsigned char *root, unsigned char *auth_path, @@ -58,7 +58,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_treehash_TREE_HEIGHT( const unsigned char * /* sk_seed */, const unsigned char * /* pub_seed */, uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */, - hash_state * /* state_seeded */), - uint32_t tree_addr[8], hash_state *state_seeded); + const hash_state * /* hash_state_seeded */), + uint32_t tree_addr[8], const hash_state *hash_state_seeded); #endif diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/wots.c b/crypto_sign/sphincs-shake256-256s-simple/clean/wots.c index 6c5b56f9..a4db34f0 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/wots.c +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/wots.c @@ -4,7 +4,7 @@ #include "address.h" #include "hash.h" #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include "thash.h" #include "utils.h" #include "wots.h" @@ -19,12 +19,12 @@ */ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, uint32_t wots_addr[8], - const hash_state *state_seeded) { + const hash_state *hash_state_seeded) { /* Make sure that the hash address is actually zeroed. */ PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_hash_addr(wots_addr, 0); /* Generate sk element. */ - PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, state_seeded); + PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_prf_addr(sk, sk_seed, wots_addr, hash_state_seeded); } /** @@ -37,7 +37,7 @@ static void wots_gen_sk(unsigned char *sk, const unsigned char *sk_seed, static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; /* Initialize out with the value at position 'start'. */ @@ -47,7 +47,7 @@ static void gen_chain(unsigned char *out, const unsigned char *in, for (i = start; i < (start + steps) && i < SPX_WOTS_W; i++) { PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_hash_addr(addr, i); PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_thash_1( - out, out, pub_seed, addr, state_seeded); + out, out, pub_seed, addr, hash_state_seeded); } } @@ -113,14 +113,14 @@ static void chain_lengths(unsigned int *lengths, const unsigned char *msg) { void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { uint32_t i; for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(pk + i * SPX_N, sk_seed, addr, state_seeded); + wots_gen_sk(pk + i * SPX_N, sk_seed, addr, hash_state_seeded); gen_chain(pk + i * SPX_N, pk + i * SPX_N, - 0, SPX_WOTS_W - 1, pub_seed, addr, state_seeded); + 0, SPX_WOTS_W - 1, pub_seed, addr, hash_state_seeded); } } @@ -130,7 +130,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded) { + uint32_t addr[8], const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -138,8 +138,8 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_sign( for (i = 0; i < SPX_WOTS_LEN; i++) { PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_chain_addr(addr, i); - wots_gen_sk(sig + i * SPX_N, sk_seed, addr, state_seeded); - gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, state_seeded); + wots_gen_sk(sig + i * SPX_N, sk_seed, addr, hash_state_seeded); + gen_chain(sig + i * SPX_N, sig + i * SPX_N, 0, lengths[i], pub_seed, addr, hash_state_seeded); } } @@ -152,7 +152,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded) { + const hash_state *hash_state_seeded) { unsigned int lengths[SPX_WOTS_LEN]; uint32_t i; @@ -162,6 +162,6 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_pk_from_sig( PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_set_chain_addr(addr, i); gen_chain(pk + i * SPX_N, sig + i * SPX_N, lengths[i], SPX_WOTS_W - 1 - lengths[i], pub_seed, addr, - state_seeded); + hash_state_seeded); } } diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/wots.h b/crypto_sign/sphincs-shake256-256s-simple/clean/wots.h index 5d2deb18..6ecd8cf4 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/wots.h +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/wots.h @@ -2,7 +2,7 @@ #define SPX_WOTS_H #include "params.h" -#include "primitive.h" +#include "hash_state.h" #include /** @@ -16,7 +16,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_gen_pk( unsigned char *pk, const unsigned char *sk_seed, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); /** * Takes a n-byte message and the 32-byte seed for the private key to compute a @@ -25,7 +25,7 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_gen_pk( void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_sign( unsigned char *sig, const unsigned char *msg, const unsigned char *sk_seed, const unsigned char *pub_seed, - uint32_t addr[8], hash_state *state_seeded); + uint32_t addr[8], const hash_state *hash_state_seeded); /** * Takes a WOTS signature and an n-byte message, computes a WOTS public key. @@ -36,6 +36,6 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_wots_pk_from_sig( unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const unsigned char *pub_seed, uint32_t addr[8], - hash_state *state_seeded); + const hash_state *hash_state_seeded); #endif