From 05dac989c40349ad5f4dfee3b563b85131b95332 Mon Sep 17 00:00:00 2001
From: Joost Rijneveld <joost@joostrijneveld.nl>
Date: Tue, 30 Jan 2018 08:42:22 +0000
Subject: [PATCH] Store OID in bigendian notation in pk and sk

---
 xmss.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/xmss.c b/xmss.c
index 0638f3e..9030f6e 100644
--- a/xmss.c
+++ b/xmss.c
@@ -16,11 +16,11 @@ int xmss_keypair(unsigned char *pk, unsigned char *sk, const uint32_t oid)
         return -1;
     }
     for (i = 0; i < XMSS_OID_LEN; i++) {
-        pk[i] = (oid >> (8 * i)) & 0xFF;
+        pk[XMSS_OID_LEN - i - 1] = (oid >> (8 * i)) & 0xFF;
         /* For an implementation that uses runtime parameters, it is crucial
         that the OID is part of the secret key as well;
         i.e. not just for interoperability, but also for internal use. */
-        sk[i] = (oid >> (8 * i)) & 0xFF;
+        sk[XMSS_OID_LEN - i - 1] = (oid >> (8 * i)) & 0xFF;
     }
     return xmss_core_keypair(&params, pk + XMSS_OID_LEN, sk + XMSS_OID_LEN);
 }
@@ -34,7 +34,7 @@ int xmss_sign(unsigned char *sk,
     unsigned int i;
 
     for (i = 0; i < XMSS_OID_LEN; i++) {
-        oid |= sk[i] << (i * 8);
+        oid |= sk[XMSS_OID_LEN - i - 1] << (i * 8);
     }
     if (xmss_parse_oid(&params, oid)) {
         return -1;
@@ -51,7 +51,7 @@ int xmss_sign_open(unsigned char *m, unsigned long long *mlen,
     unsigned int i;
 
     for (i = 0; i < XMSS_OID_LEN; i++) {
-        oid |= pk[i] << (i * 8);
+        oid |= pk[XMSS_OID_LEN - i - 1] << (i * 8);
     }
     if (xmss_parse_oid(&params, oid)) {
         return -1;
@@ -68,8 +68,8 @@ int xmssmt_keypair(unsigned char *pk, unsigned char *sk, const uint32_t oid)
         return -1;
     }
     for (i = 0; i < XMSS_OID_LEN; i++) {
-        pk[i] = (oid >> (8 * i)) & 0xFF;
-        sk[i] = (oid >> (8 * i)) & 0xFF;
+        pk[XMSS_OID_LEN - i - 1] = (oid >> (8 * i)) & 0xFF;
+        sk[XMSS_OID_LEN - i - 1] = (oid >> (8 * i)) & 0xFF;
     }
     return xmssmt_core_keypair(&params, pk + XMSS_OID_LEN, sk + XMSS_OID_LEN);
 }
@@ -83,7 +83,7 @@ int xmssmt_sign(unsigned char *sk,
     unsigned int i;
 
     for (i = 0; i < XMSS_OID_LEN; i++) {
-        oid |= sk[i] << (i * 8);
+        oid |= sk[XMSS_OID_LEN - i - 1] << (i * 8);
     }
     if (xmssmt_parse_oid(&params, oid)) {
         return -1;
@@ -100,7 +100,7 @@ int xmssmt_sign_open(unsigned char *m, unsigned long long *mlen,
     unsigned int i;
 
     for (i = 0; i < XMSS_OID_LEN; i++) {
-        oid |= pk[i] << (i * 8);
+        oid |= pk[XMSS_OID_LEN - i - 1] << (i * 8);
     }
     if (xmssmt_parse_oid(&params, oid)) {
         return -1;