kris/xmss-KAT-generator
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fixed two minor points in handling the maximum signature value

Browse Source
This commit is contained in:
Andreas 2021-03-16 09:23:17 +01:00
parent f56dc0e8a7
commit 171ccbd26f
3 changed files with 26 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
test/xmss_max_signatures.c
View File

@ -21,7 +21,7 @@
#define XMSS_SIGN xmssmt_sign #define XMSS_SIGN xmssmt_sign
#define XMSS_SIGN_OPEN xmssmt_sign_open #define XMSS_SIGN_OPEN xmssmt_sign_open
#define XMSS_VARIANT "XMSSMT-SHA2_20/2_256" #define XMSS_VARIANT "XMSSMT-SHA2_20/2_256"
#define XMSS_SIGNATURES 1 << 20 #define XMSS_SIGNATURES (1 << 20)
#else #else
#define XMSS_PARSE_OID xmss_parse_oid #define XMSS_PARSE_OID xmss_parse_oid
#define XMSS_STR_TO_OID xmss_str_to_oid #define XMSS_STR_TO_OID xmss_str_to_oid
@ -29,7 +29,7 @@
#define XMSS_SIGN xmss_sign #define XMSS_SIGN xmss_sign
#define XMSS_SIGN_OPEN xmss_sign_open #define XMSS_SIGN_OPEN xmss_sign_open
#define XMSS_VARIANT "XMSS-SHA2_10_256" #define XMSS_VARIANT "XMSS-SHA2_10_256"
#define XMSS_SIGNATURES 1 << 10 #define XMSS_SIGNATURES (1 << 10)
#endif #endif
int main() int main()
@ -72,7 +72,7 @@ int main()
} }
if(ret == 0) if(ret == 0)
printf("As expected, return code was 0\n"); printf("As expected, return code was 0\n");
i++; for (; i < (XMSS_SIGNATURES) + 2; i++) {
printf(" - iteration #%d:\n", i); printf(" - iteration #%d:\n", i);
return_code = XMSS_SIGN(sk, sm, &smlen, m, XMSS_MLEN); return_code = XMSS_SIGN(sk, sm, &smlen, m, XMSS_MLEN);
@ -92,6 +92,7 @@ int main()
printf("%d ", sk[j]); printf("%d ", sk[j]);
printf("\n"); printf("\n");
}
free(m); free(m);
free(sm); free(sm);

7
xmss_core.c
View File

@ -222,14 +222,11 @@ int xmssmt_core_sign(const xmss_params *params,
if (idx >= ((1ULL << params->full_height) - 1)) { if (idx >= ((1ULL << params->full_height) - 1)) {
// Delete secret key here. We only do this in memory, production code // Delete secret key here. We only do this in memory, production code
// has to make sure that this happens on disk. // has to make sure that this happens on disk.
sk[0] = 255; memset(sk, 0xFF, params->index_bytes);
sk[1] = 255;
sk[2] = 255;
sk[3] = 255;
memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes)); memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
if (idx > ((1ULL << params->full_height) - 1)) if (idx > ((1ULL << params->full_height) - 1))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1))) if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1)))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
} }

14
xmss_core_fast.c
View File

@ -615,14 +615,11 @@ int xmss_core_sign(const xmss_params *params,
if (idx >= ((1ULL << params->full_height) - 1)) { if (idx >= ((1ULL << params->full_height) - 1)) {
// Delete secret key here. We only do this in memory, production code // Delete secret key here. We only do this in memory, production code
// has to make sure that this happens on disk. // has to make sure that this happens on disk.
sk[0] = 255; memset(sk, 0xFF, params->index_bytes);
sk[1] = 255;
sk[2] = 255;
sk[3] = 255;
memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes)); memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
if (idx > ((1ULL << params->full_height) - 1)) if (idx > ((1ULL << params->full_height) - 1))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1))) if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1)))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
} }
@ -839,14 +836,11 @@ int xmssmt_core_sign(const xmss_params *params,
if (idx >= ((1ULL << params->full_height) - 1)) { if (idx >= ((1ULL << params->full_height) - 1)) {
// Delete secret key here. We only do this in memory, production code // Delete secret key here. We only do this in memory, production code
// has to make sure that this happens on disk. // has to make sure that this happens on disk.
sk[0] = 255; memset(sk, 0xFF, params->index_bytes);
sk[1] = 255;
sk[2] = 255;
sk[3] = 255;
memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes)); memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
if (idx > ((1ULL << params->full_height) - 1)) if (idx > ((1ULL << params->full_height) - 1))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1))) if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1)))
return -2; // We already used all one-time keys return -2; // We already used all one-time keys
} }