選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。

xmss_determinism.c 1.5 KiB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657
  1. #include <stdio.h>
  2. #include <stdint.h>
  3. #include <string.h>
  4. #include "../params.h"
  5. #include "../xmss.h"
  6. #include "../randombytes.h"
  7. #define MLEN 32
  8. int main()
  9. {
  10. xmss_params params;
  11. char *oidstr = "XMSS-SHA2_10_256";
  12. uint32_t oid;
  13. unsigned int i;
  14. fprintf(stderr, "Testing if XMSS-SHA2_10_256 signing is deterministic.. ");
  15. xmss_str_to_oid(&oid, oidstr);
  16. xmss_parse_oid(&params, oid);
  17. unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
  18. unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
  19. unsigned char sk2[XMSS_OID_LEN + params.sk_bytes];
  20. unsigned char m[MLEN];
  21. unsigned char sm[params.sig_bytes + MLEN];
  22. unsigned char sm2[params.sig_bytes + MLEN];
  23. unsigned long long smlen;
  24. xmss_keypair(pk, sk, oid);
  25. /* Duplicate the key, because the original will be modified. */
  26. memcpy(sk2, sk, XMSS_OID_LEN + params.sk_bytes);
  27. /* Sign a random message (but twice the same one). */
  28. randombytes(m, MLEN);
  29. xmss_sign(sk, sm, &smlen, m, MLEN);
  30. xmss_sign(sk2, sm2, &smlen, m, MLEN);
  31. /* Compare signature, and, if applicable, print the differences. */
  32. if (memcmp(sm, sm2, params.sig_bytes + MLEN)) {
  33. fprintf(stderr, "signatures differ!\n");
  34. for (i = 0; i < params.sig_bytes + MLEN; i++) {
  35. fprintf(stderr, (sm[i] != sm2[i] ? "x" : "."));
  36. }
  37. fprintf(stderr, "\n");
  38. return -1;
  39. }
  40. else {
  41. fprintf(stderr, "signatures are identical.\n");
  42. }
  43. return 0;
  44. }