kris
/
xmss-KAT-generator
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

fixed two minor points in handling the maximum signature value

master
Andreas 3 years ago
parent
f56dc0e8a7
commit
171ccbd26f
3 changed files with 26 additions and 34 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +20
    -19
      test/xmss_max_signatures.c
  2. +2
    -5
      xmss_core.c
  3. +4
    -10
      xmss_core_fast.c

+ 20
- 19
test/xmss_max_signatures.c View File

@@ -21,7 +21,7 @@
#define XMSS_SIGN xmssmt_sign #define XMSS_SIGN xmssmt_sign
#define XMSS_SIGN_OPEN xmssmt_sign_open #define XMSS_SIGN_OPEN xmssmt_sign_open
#define XMSS_VARIANT "XMSSMT-SHA2_20/2_256" #define XMSS_VARIANT "XMSSMT-SHA2_20/2_256"
#define XMSS_SIGNATURES 1 << 20
#define XMSS_SIGNATURES (1 << 20)
#else #else
#define XMSS_PARSE_OID xmss_parse_oid #define XMSS_PARSE_OID xmss_parse_oid
#define XMSS_STR_TO_OID xmss_str_to_oid #define XMSS_STR_TO_OID xmss_str_to_oid
@@ -29,7 +29,7 @@
#define XMSS_SIGN xmss_sign #define XMSS_SIGN xmss_sign
#define XMSS_SIGN_OPEN xmss_sign_open #define XMSS_SIGN_OPEN xmss_sign_open
#define XMSS_VARIANT "XMSS-SHA2_10_256" #define XMSS_VARIANT "XMSS-SHA2_10_256"
#define XMSS_SIGNATURES 1 << 10
#define XMSS_SIGNATURES (1 << 10)
#endif #endif


int main() int main()
@@ -72,27 +72,28 @@ int main()
} }
if(ret == 0) if(ret == 0)
printf("As expected, return code was 0\n"); printf("As expected, return code was 0\n");
i++;
printf(" - iteration #%d:\n", i);
for (; i < (XMSS_SIGNATURES) + 2; i++) {
printf(" - iteration #%d:\n", i);


return_code = XMSS_SIGN(sk, sm, &smlen, m, XMSS_MLEN);
return_code = XMSS_SIGN(sk, sm, &smlen, m, XMSS_MLEN);


if (return_code == 0) {
printf(" Error! Return code was %d\n",return_code);
ret = -1;
}
else {
printf("Return code as expected [%d].\n", return_code);
if (return_code == 0) {
printf(" Error! Return code was %d\n",return_code);
ret = -1;
}
else {
printf("Return code as expected [%d].\n", return_code);
}
idx = (unsigned long)bytes_to_ull(sk, params.index_bytes);
printf("Index: %llu\n", idx);
printf("Secret key: %llu\n", idx);
for (j = 0; j < XMSS_OID_LEN + params.sk_bytes;j++)
printf("%d ", sk[j]);
printf("\n");
} }
idx = (unsigned long)bytes_to_ull(sk, params.index_bytes);
printf("Index: %llu\n", idx);
printf("Secret key: %llu\n", idx);
for (j = 0; j < XMSS_OID_LEN + params.sk_bytes;j++)
printf("%d ", sk[j]);
printf("\n");
free(m); free(m);
free(sm); free(sm);
free(mout); free(mout);


+ 2
- 5
xmss_core.c View File

@@ -222,14 +222,11 @@ int xmssmt_core_sign(const xmss_params *params,
if (idx >= ((1ULL << params->full_height) - 1)) { if (idx >= ((1ULL << params->full_height) - 1)) {
// Delete secret key here. We only do this in memory, production code // Delete secret key here. We only do this in memory, production code
// has to make sure that this happens on disk. // has to make sure that this happens on disk.
sk[0] = 255;
sk[1] = 255;
sk[2] = 255;
sk[3] = 255;
memset(sk, 0xFF, params->index_bytes);
memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes)); memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
if (idx > ((1ULL << params->full_height) - 1)) if (idx > ((1ULL << params->full_height) - 1))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1)))
if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1)))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
} }


+ 4
- 10
xmss_core_fast.c View File

@@ -615,14 +615,11 @@ int xmss_core_sign(const xmss_params *params,
if (idx >= ((1ULL << params->full_height) - 1)) { if (idx >= ((1ULL << params->full_height) - 1)) {
// Delete secret key here. We only do this in memory, production code // Delete secret key here. We only do this in memory, production code
// has to make sure that this happens on disk. // has to make sure that this happens on disk.
sk[0] = 255;
sk[1] = 255;
sk[2] = 255;
sk[3] = 255;
memset(sk, 0xFF, params->index_bytes);
memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes)); memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
if (idx > ((1ULL << params->full_height) - 1)) if (idx > ((1ULL << params->full_height) - 1))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1)))
if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1)))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
} }
@@ -839,14 +836,11 @@ int xmssmt_core_sign(const xmss_params *params,
if (idx >= ((1ULL << params->full_height) - 1)) { if (idx >= ((1ULL << params->full_height) - 1)) {
// Delete secret key here. We only do this in memory, production code // Delete secret key here. We only do this in memory, production code
// has to make sure that this happens on disk. // has to make sure that this happens on disk.
sk[0] = 255;
sk[1] = 255;
sk[2] = 255;
sk[3] = 255;
memset(sk, 0xFF, params->index_bytes);
memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes)); memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
if (idx > ((1ULL << params->full_height) - 1)) if (idx > ((1ULL << params->full_height) - 1))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1)))
if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1)))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
} }


Write Preview
Loading…
Cancel
Save