kris/xmss-KAT-generator
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix prefix space for hash_message wrt padding_len

Browse Source 
Padding_len was introduced in 7793c40c07,
but not fixed in the calls hash_message.

Resolves #12
This commit is contained in:
Joost Rijneveld 2020-05-25 20:36:50 +02:00
parent e6b20992a2
commit 4ae726a82b
No known key found for this signature in database
GPG Key ID: A4FE39CF49CBC553
4 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
hash.c
View File

@ -91,9 +91,10 @@ int prf_keygen(const xmss_params *params,
/* /*
* Computes the message hash using R, the public root, the index of the leaf * Computes the message hash using R, the public root, the index of the leaf
* node, and the message. Notably, it requires m_with_prefix to have 4*n bytes * node, and the message. Notably, it requires m_with_prefix to have 3*n plus
* of space before the message, to use for the prefix. This is necessary to * the length of the padding as free space available before the message,
* prevent having to move the message around (and thus allocate memory for it). * to use for the prefix. This is necessary to prevent having to move the
* message around (and thus allocate memory for it).
*/ */
int hash_message(const xmss_params *params, unsigned char *out, int hash_message(const xmss_params *params, unsigned char *out,
const unsigned char *R, const unsigned char *root, const unsigned char *R, const unsigned char *root,

3
xmss_commons.c
View File

@ -167,7 +167,8 @@ int xmssmt_core_sign_open(const xmss_params *params,
/* Compute the message hash. */ /* Compute the message hash. */
hash_message(params, mhash, sm + params->index_bytes, pk, idx, hash_message(params, mhash, sm + params->index_bytes, pk, idx,
m + params->sig_bytes - 4*params->n, *mlen); m + params->sig_bytes - params->padding_len - 3*params->n,
*mlen);
sm += params->index_bytes + params->n; sm += params->index_bytes + params->n;
/* For each subtree.. */ /* For each subtree.. */

3
xmss_core.c
View File

@ -221,7 +221,8 @@ int xmssmt_core_sign(const xmss_params *params,
/* Compute the message hash. */ /* Compute the message hash. */
hash_message(params, mhash, sm + params->index_bytes, pub_root, idx, hash_message(params, mhash, sm + params->index_bytes, pub_root, idx,
sm + params->sig_bytes - 4*params->n, mlen); sm + params->sig_bytes - params->padding_len - 3*params->n,
mlen);
sm += params->index_bytes + params->n; sm += params->index_bytes + params->n;
set_type(ots_addr, XMSS_ADDR_TYPE_OTS); set_type(ots_addr, XMSS_ADDR_TYPE_OTS);

6
xmss_core_fast.c
View File

@ -639,7 +639,8 @@ int xmss_core_sign(const xmss_params *params,
/* Compute the message hash. */ /* Compute the message hash. */
hash_message(params, msg_h, R, pub_root, idx, hash_message(params, msg_h, R, pub_root, idx,
sm + params->sig_bytes - 4*params->n, mlen); sm + params->sig_bytes - params->padding_len - 3*params->n,
mlen);
// Start collecting signature // Start collecting signature
*smlen = 0; *smlen = 0;
@ -825,7 +826,8 @@ int xmssmt_core_sign(const xmss_params *params,
/* Compute the message hash. */ /* Compute the message hash. */
hash_message(params, msg_h, R, pub_root, idx, hash_message(params, msg_h, R, pub_root, idx,
sm + params->sig_bytes - 4*params->n, mlen); sm + params->sig_bytes - params->padding_len - 3*params->n,
mlen);
// Start collecting signature // Start collecting signature
*smlen = 0; *smlen = 0;