fixed two minor points in handling the maximum signature value

2021-03-16 09:23:17 +01:00 · 2021-03-16 09:23:17 +01:00 · 171ccbd26f
commit 171ccbd26f
parent f56dc0e8a7
3 changed files with 26 additions and 34 deletions
--- a/test/xmss_max_signatures.c
+++ b/test/xmss_max_signatures.c
@ -21,7 +21,7 @@
    #define XMSS_SIGN xmssmt_sign
    #define XMSS_SIGN_OPEN xmssmt_sign_open
    #define XMSS_VARIANT "XMSSMT-SHA2_20/2_256"
-    #define XMSS_SIGNATURES 1 << 20
+    #define XMSS_SIGNATURES (1 << 20)
 #else
    #define XMSS_PARSE_OID xmss_parse_oid
    #define XMSS_STR_TO_OID xmss_str_to_oid
@ -29,7 +29,7 @@
    #define XMSS_SIGN xmss_sign
    #define XMSS_SIGN_OPEN xmss_sign_open
    #define XMSS_VARIANT "XMSS-SHA2_10_256"
-    #define XMSS_SIGNATURES 1 << 10
+    #define XMSS_SIGNATURES (1 << 10)
 #endif
 int main()
@ -72,26 +72,27 @@ int main()
    }
    if(ret == 0)
            printf("As expected, return code was 0\n");
-    i++;
+    for (; i < (XMSS_SIGNATURES) + 2; i++) {
-    printf("  - iteration #%d:\n", i);
+        printf("  - iteration #%d:\n", i);
-    return_code = XMSS_SIGN(sk, sm, &smlen, m, XMSS_MLEN);
+        return_code = XMSS_SIGN(sk, sm, &smlen, m, XMSS_MLEN);
-    if (return_code == 0) {
+        if (return_code == 0) {
-        printf("  Error! Return code was %d\n",return_code);
+                printf("  Error! Return code was %d\n",return_code);
-        ret = -1;
+                ret = -1;
        }
        else {
                printf("Return code as expected [%d].\n", return_code);
        }
        idx = (unsigned long)bytes_to_ull(sk, params.index_bytes);
        printf("Index: %llu\n", idx);
        printf("Secret key: %llu\n", idx);
        for (j = 0; j < XMSS_OID_LEN + params.sk_bytes;j++)
                printf("%d ", sk[j]);
        printf("\n");
    }
    else {
        printf("Return code as expected [%d].\n", return_code);
    }
    idx = (unsigned long)bytes_to_ull(sk, params.index_bytes);
    printf("Index: %llu\n", idx);
    printf("Secret key: %llu\n", idx);
    for (j = 0; j < XMSS_OID_LEN + params.sk_bytes;j++)
            printf("%d ", sk[j]);
    printf("\n");
    free(m);
    free(sm);
--- a/xmss_core.c
+++ b/xmss_core.c
@ -222,14 +222,11 @@ int xmssmt_core_sign(const xmss_params *params,
    if (idx >= ((1ULL << params->full_height) - 1)) {
        // Delete secret key here. We only do this in memory, production code
        // has to make sure that this happens on disk.
-        sk[0] = 255;
+        memset(sk, 0xFF, params->index_bytes);
        sk[1] = 255;
        sk[2] = 255;
        sk[3] = 255;
        memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
        if (idx > ((1ULL << params->full_height) - 1))
            return -2; // We already used all one-time keys
-        if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1))) 
+        if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1))) 
                return -2; // We already used all one-time keys
    }
--- a/xmss_core_fast.c
+++ b/xmss_core_fast.c
@ -615,14 +615,11 @@ int xmss_core_sign(const xmss_params *params,
    if (idx >= ((1ULL << params->full_height) - 1)) {
        // Delete secret key here. We only do this in memory, production code
        // has to make sure that this happens on disk.
-        sk[0] = 255;
+        memset(sk, 0xFF, params->index_bytes);
        sk[1] = 255;
        sk[2] = 255;
        sk[3] = 255;
        memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
        if (idx > ((1ULL << params->full_height) - 1))
            return -2; // We already used all one-time keys
-        if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1))) 
+        if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1))) 
                return -2; // We already used all one-time keys
    }
@ -839,14 +836,11 @@ int xmssmt_core_sign(const xmss_params *params,
    if (idx >= ((1ULL << params->full_height) - 1)) {
        // Delete secret key here. We only do this in memory, production code
        // has to make sure that this happens on disk.
-        sk[0] = 255;
+        memset(sk, 0xFF, params->index_bytes);
        sk[1] = 255;
        sk[2] = 255;
        sk[3] = 255;
        memset(sk + params->index_bytes, 0, (params->sk_bytes - params->index_bytes));
        if (idx > ((1ULL << params->full_height) - 1))
            return -2; // We already used all one-time keys
-        if ((params->full_height == 64) && (idx = ((1ULL << params->full_height) - 1))) 
+        if ((params->full_height == 64) && (idx == ((1ULL << params->full_height) - 1))) 
                return -2; // We already used all one-time keys
    }