Rename parameters for readability and consistency

hash_address.c

@@ -59,12 +59,12 @@ void set_ltree_addr(uint32_t addr[8], uint32_t ltree)
 
 /* These functions are used for hash tree addresses. */
 
-void set_tree_height(uint32_t addr[8], uint32_t treeHeight)
+void set_tree_height(uint32_t addr[8], uint32_t tree_height)
 {
-    addr[5] = treeHeight;
+    addr[5] = tree_height;
 }
 
-void set_tree_index(uint32_t addr[8], uint32_t treeIndex)
+void set_tree_index(uint32_t addr[8], uint32_t tree_index)
 {
-    addr[6] = treeIndex;
+    addr[6] = tree_index;
 }

hash_address.h

@@ -32,8 +32,8 @@ void set_ltree_addr(uint32_t addr[8], uint32_t ltree);
 
 /* These functions are used for hash tree addresses. */
 
-void set_tree_height(uint32_t addr[8], uint32_t treeHeight);
+void set_tree_height(uint32_t addr[8], uint32_t tree_height);
 
-void set_tree_index(uint32_t addr[8], uint32_t treeIndex);
+void set_tree_index(uint32_t addr[8], uint32_t tree_index);
 
 #endif

params.c

@@ -227,20 +227,17 @@ int xmss_parse_oid(xmss_params *params, const uint32_t oid)
     params->tree_height = params->full_height  / params->d;
     params->wots_w = 16;
     params->wots_log_w = 4;
-    if (params->n == 32) {
-        params->wots_len1 = 64;
-    }
-    else {
-        params->wots_len1 = 128;
-    }
+    params->wots_len1 = 8 * params->n / params->wots_log_w;
+    /* len_2 = floor(log(len_1 * (w - 1)) / log(w)) + 1 */
     params->wots_len2 = 3;
     params->wots_len = params->wots_len1 + params->wots_len2;
-    params->wots_keysize = params->wots_len * params->n;
-    params->index_len = 4;
-    params->bytes = (params->index_len + params->n + params->d*params->wots_keysize
-                     + params->full_height *params->n);
-    params->publickey_bytes = 2*params->n;
-    params->privatekey_bytes = 4*params->n + params->index_len;
+    params->wots_sig_bytes = params->wots_len * params->n;
+    params->index_bytes = 4;
+    params->sig_bytes = (params->index_bytes + params->n
+                         + params->d * params->wots_sig_bytes
+                         + params->full_height * params->n);
+    params->pk_bytes = 2 * params->n;
+    params->sk_bytes = 4 * params->n + params->index_bytes;
 
     // TODO figure out sensible and legal values for this based on the above
     params->bds_k = 0;
@@ -447,21 +444,18 @@ int xmssmt_parse_oid(xmss_params *params, const uint32_t oid)
     params->tree_height = params->full_height  / params->d;
     params->wots_w = 16;
     params->wots_log_w = 4;
-    if (params->n == 32) {
-        params->wots_len1 = 64;
-    }
-    else {
-        params->wots_len1 = 128;
-    }
+    params->wots_len1 = 8 * params->n / params->wots_log_w;
+    /* len_2 = floor(log(len_1 * (w - 1)) / log(w)) + 1 */
     params->wots_len2 = 3;
     params->wots_len = params->wots_len1 + params->wots_len2;
-    params->wots_keysize = params->wots_len * params->n;
-    /* Round index_len up to nearest byte. */
-    params->index_len = (params->full_height + 7) / 8;
-    params->bytes = (params->index_len + params->n + params->d*params->wots_keysize
-                     + params->full_height *params->n);
-    params->publickey_bytes = 2*params->n;
-    params->privatekey_bytes = 4*params->n + params->index_len;
+    params->wots_sig_bytes = params->wots_len * params->n;
+    /* Round index_bytes up to nearest byte. */
+    params->index_bytes = (params->full_height + 7) / 8;
+    params->sig_bytes = (params->index_bytes + params->n
+                         + params->d * params->wots_sig_bytes
+                         + params->full_height * params->n);
+    params->pk_bytes = 2 * params->n;
+    params->sk_bytes = 4 * params->n + params->index_bytes;
 
     // TODO figure out sensible and legal values for this based on the above
     params->bds_k = 0;

params.h

@@ -19,14 +19,14 @@ typedef struct {
     unsigned int wots_len1;
     unsigned int wots_len2;
     unsigned int wots_len;
-    unsigned int wots_keysize;
+    unsigned int wots_sig_bytes;
     unsigned int full_height;
     unsigned int tree_height;
     unsigned int d;
-    unsigned int index_len;
-    unsigned int bytes;
-    unsigned int publickey_bytes;
-    unsigned int privatekey_bytes;
+    unsigned int index_bytes;
+    unsigned int sig_bytes;
+    unsigned int pk_bytes;
+    unsigned int sk_bytes;
     unsigned int bds_k;
 } xmss_params;
 

test/test_determinism.c

@@ -20,19 +20,19 @@ int main()
     xmss_str_to_oid(&oid, oidstr);
     xmss_parse_oid(&params, oid);
 
-    unsigned char pk[XMSS_OID_LEN + params.publickey_bytes];
-    unsigned char sk[XMSS_OID_LEN + params.privatekey_bytes];
-    unsigned char sk2[XMSS_OID_LEN + params.privatekey_bytes];
+    unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
+    unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
+    unsigned char sk2[XMSS_OID_LEN + params.sk_bytes];
 
     unsigned char m[MLEN];
-    unsigned char sm[params.bytes + MLEN];
-    unsigned char sm2[params.bytes + MLEN];
+    unsigned char sm[params.sig_bytes + MLEN];
+    unsigned char sm2[params.sig_bytes + MLEN];
     unsigned long long smlen;
 
     xmss_keypair(pk, sk, oid);
 
     /* Duplicate the key, because the original will be modified. */
-    memcpy(sk2, sk, XMSS_OID_LEN + params.privatekey_bytes);
+    memcpy(sk2, sk, XMSS_OID_LEN + params.sk_bytes);
 
     /* Sign a random message (but twice the same one). */
     randombytes(m, MLEN);
@@ -41,9 +41,9 @@ int main()
     xmss_sign(sk2, sm2, &smlen, m, MLEN);
 
     /* Compare signature, and, if applicable, print the differences. */
-    if (memcmp(sm, sm2, params.bytes + MLEN)) {
+    if (memcmp(sm, sm2, params.sig_bytes + MLEN)) {
         fprintf(stderr, "signatures differ!\n");
-        for (i = 0; i < params.bytes + MLEN; i++) {
+        for (i = 0; i < params.sig_bytes + MLEN; i++) {
             fprintf(stderr, (sm[i] != sm2[i] ? "x" : "."));
         }
         fprintf(stderr, "\n");

test/test_xmss.c

@@ -24,18 +24,18 @@ int main()
   unsigned long long i, j;
   unsigned long errors = 0;
 
-  unsigned char sk[XMSS_OID_LEN + params.privatekey_bytes];
-  unsigned char pk[XMSS_OID_LEN + params.publickey_bytes];
+  unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
+  unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
 
-  unsigned char mo[MLEN+params.bytes];
-  unsigned char sm[MLEN+params.bytes];
+  unsigned char mo[MLEN+params.sig_bytes];
+  unsigned char sm[MLEN+params.sig_bytes];
 
   printf("keypair\n");
   xmss_keypair(pk, sk, oid);
   // check pub_seed in SK
   for (i = 0; i < params.n; i++) {
-    if (pk[XMSS_OID_LEN+params.n+i] != sk[XMSS_OID_LEN+params.index_len+2*params.n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
-    if (pk[XMSS_OID_LEN+i] != sk[XMSS_OID_LEN+params.index_len+3*params.n+i]) printf("pk.root != sk.root %llu",i);
+    if (pk[XMSS_OID_LEN+params.n+i] != sk[XMSS_OID_LEN+params.index_bytes+2*params.n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
+    if (pk[XMSS_OID_LEN+i] != sk[XMSS_OID_LEN+params.index_bytes+3*params.n+i]) printf("pk.root != sk.root %llu",i);
   }
 
   // check index
@@ -55,7 +55,7 @@ int main()
     }
     printf("\n");
 
-    r = memcmp(mi, sm+params.bytes,MLEN);
+    r = memcmp(mi, sm+params.sig_bytes,MLEN);
     printf("%d\n", r);
 
     /* Test valid signature */
@@ -68,7 +68,7 @@ int main()
     printf("%llu\n", MLEN-mlen);
 
     /* Test with modified message */
-    sm[params.bytes+10] ^= 1;
+    sm[params.sig_bytes+10] ^= 1;
     r = xmss_sign_open(mo, &mlen, sm, smlen, pk);
     printf("%d\n", r+1);
     if (r == 0) errors++;
@@ -78,7 +78,7 @@ int main()
 
     /* Test with modified signature */
     /* Modified index */
-    sm[params.bytes+10] ^= 1;
+    sm[params.sig_bytes+10] ^= 1;
     sm[2] ^= 1;
     r = xmss_sign_open(mo, &mlen, sm, smlen, pk);
     printf("%d\n", r+1);
@@ -109,7 +109,7 @@ int main()
 
     /* Modified AUTH */
     sm[240] ^= 1;
-    sm[params.bytes - 10] ^= 1;
+    sm[params.sig_bytes - 10] ^= 1;
     r = xmss_sign_open(mo, &mlen, sm, smlen, pk);
     printf("%d\n", r+1);
     if (r == 0) errors++;

test/test_xmss_core.c

@@ -26,7 +26,7 @@ int main()
   unsigned char sk[4*params.n+4];
   unsigned char pk[2*params.n];
 
-  unsigned long long signature_length = 4+params.n+params.wots_keysize+params.tree_height*params.n;
+  unsigned long long signature_length = 4+params.n+params.wots_sig_bytes+params.tree_height*params.n;
   unsigned char mo[MLEN+signature_length];
   unsigned char sm[MLEN+signature_length];
 

test/test_xmss_core_fast.c

@@ -49,7 +49,7 @@ int main()
     treehash[i].node = &th_nodes[params.n*i];
   xmss_set_bds_state(state, stack, stackoffset, stacklevels, auth, keep, treehash, retain, 0);
 
-  unsigned long long signature_length = 4+params.n+params.wots_keysize+params.tree_height*params.n;
+  unsigned long long signature_length = 4+params.n+params.wots_sig_bytes+params.tree_height*params.n;
   unsigned char mi[MLEN];
   unsigned char mo[MLEN+signature_length];
   unsigned char sm[MLEN+signature_length];

test/test_xmssmt.c

@@ -23,26 +23,26 @@ int main()
   int r;
   unsigned long long i,j;
 
-  unsigned char sk[XMSS_OID_LEN + params.privatekey_bytes];
-  unsigned char pk[XMSS_OID_LEN + params.publickey_bytes];
+  unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
+  unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
 
-  unsigned char mo[MLEN+params.bytes];
-  unsigned char sm[MLEN+params.bytes];
+  unsigned char mo[MLEN+params.sig_bytes];
+  unsigned char sm[MLEN+params.sig_bytes];
 
   printf("keypair\n");
   xmssmt_keypair(pk, sk, oid);
   // check pub_seed in SK
   for (i = 0; i < params.n; i++) {
-    if (pk[XMSS_OID_LEN+params.n+i] != sk[XMSS_OID_LEN+params.index_len+2*params.n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
-    if (pk[XMSS_OID_LEN+i] != sk[XMSS_OID_LEN+params.index_len+3*params.n+i]) printf("pk.root != sk.root %llu",i);
+    if (pk[XMSS_OID_LEN+params.n+i] != sk[XMSS_OID_LEN+params.index_bytes+2*params.n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
+    if (pk[XMSS_OID_LEN+i] != sk[XMSS_OID_LEN+params.index_bytes+3*params.n+i]) printf("pk.root != sk.root %llu",i);
   }
 
   printf("pk checked\n");
 
   // check index
   unsigned long long idx = 0;
-  for (i = 0; i < params.index_len; i++) {
-    idx |= ((unsigned long long)sk[i + XMSS_OID_LEN]) << 8*(params.index_len - 1 - i);
+  for (i = 0; i < params.index_bytes; i++) {
+    idx |= ((unsigned long long)sk[i + XMSS_OID_LEN]) << 8*(params.index_bytes - 1 - i);
   }
 
   if (idx) printf("\nidx != 0: %llu\n",idx);
@@ -53,11 +53,11 @@ int main()
     printf("sign\n");
     xmssmt_sign(sk, sm, &smlen, mi, MLEN);
     idx = 0;
-    for (j = 0; j < params.index_len; j++) {
-      idx += ((unsigned long long)sm[j]) << 8*(params.index_len - 1 - j);
+    for (j = 0; j < params.index_bytes; j++) {
+      idx += ((unsigned long long)sm[j]) << 8*(params.index_bytes - 1 - j);
     }
     printf("\nidx = %llu\n",idx);
-    r = memcmp(mi, sm+params.bytes,MLEN);
+    r = memcmp(mi, sm+params.sig_bytes,MLEN);
     printf("%d\n", r);
 
     for (j = 0; j < smlen; j++) {

test/test_xmssmt_core.c

@@ -22,10 +22,10 @@ int main()
   int r;
   unsigned long long i,j;
 
-  unsigned char sk[(params.index_len+4*params.n)];
+  unsigned char sk[(params.index_bytes+4*params.n)];
   unsigned char pk[2*params.n];
 
-  unsigned long long signature_length = params.index_len + params.n + (params.d*params.wots_keysize) + params.full_height*params.n;
+  unsigned long long signature_length = params.index_bytes + params.n + (params.d*params.wots_sig_bytes) + params.full_height*params.n;
   unsigned char mo[MLEN+signature_length];
   unsigned char sm[MLEN+signature_length];
 
@@ -33,12 +33,12 @@ int main()
   xmssmt_core_keypair(&params, pk, sk);
   // check pub_seed in SK
   for (i = 0; i < params.n; i++) {
-    if (pk[params.n+i] != sk[params.index_len+2*params.n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
-    if (pk[i] != sk[params.index_len+3*params.n+i]) printf("pk.root != sk.root %llu",i);
+    if (pk[params.n+i] != sk[params.index_bytes+2*params.n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
+    if (pk[i] != sk[params.index_bytes+3*params.n+i]) printf("pk.root != sk.root %llu",i);
   }
   printf("pk checked\n");
 
-  unsigned int idx_len = params.index_len;
+  unsigned int idx_len = params.index_bytes;
   // check index
   unsigned long long idx = 0;
   for (i = 0; i < idx_len; i++) {

test/test_xmssmt_core_fast.c

@@ -45,7 +45,7 @@ int main()
   treehash_inst treehash[(2*d-1) * (tree_h-k)];
   unsigned char th_nodes[(2*d-1) * (tree_h-k)*n];
   unsigned char retain[(2*d-1) * ((1 << k) - k - 1)*n];
-  unsigned char wots_sigs[d * params.wots_keysize];
+  unsigned char wots_sigs[d * params.wots_sig_bytes];
   // first d are 'regular' states, second d are 'next'; top tree has no 'next'
   bds_state states[2*d-1];
 
@@ -62,10 +62,10 @@ int main()
     );
   }
 
-  unsigned char sk[(params.index_len+4*n)];
+  unsigned char sk[(params.index_bytes+4*n)];
   unsigned char pk[2*n];
 
-  unsigned long long signature_length = params.index_len + n + (d*params.wots_keysize) + h*n;
+  unsigned long long signature_length = params.index_bytes + n + (d*params.wots_sig_bytes) + h*n;
   unsigned char mo[MLEN+signature_length];
   unsigned char sm[MLEN+signature_length];
 
@@ -75,12 +75,12 @@ int main()
   xmssmt_core_keypair(&params, pk, sk, states, wots_sigs);
   // check pub_seed in SK
   for (i = 0; i < n; i++) {
-    if (pk[n+i] != sk[params.index_len+2*n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
-    if (pk[i] != sk[params.index_len+3*n+i]) printf("pk.root != sk.root %llu",i);
+    if (pk[n+i] != sk[params.index_bytes+2*n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
+    if (pk[i] != sk[params.index_bytes+3*n+i]) printf("pk.root != sk.root %llu",i);
   }
   printf("pk checked\n");
 
-  unsigned int idx_len = params.index_len;
+  unsigned int idx_len = params.index_bytes;
   // check index
   unsigned long long idx = 0;
   for (i = 0; i < idx_len; i++) {

test/xmss_keypair.c

@@ -18,13 +18,13 @@ int main(int argc, char **argv)
     xmss_str_to_oid(&oid, argv[1]);
     xmss_parse_oid(&params, oid);
 
-    unsigned char pk[XMSS_OID_LEN + params.publickey_bytes];
-    unsigned char sk[XMSS_OID_LEN + params.privatekey_bytes];
+    unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
+    unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
 
     xmss_keypair(pk, sk, oid);
 
-    fwrite(pk, 1, XMSS_OID_LEN + params.publickey_bytes, stdout);
-    fwrite(sk, 1, XMSS_OID_LEN + params.privatekey_bytes, stdout);
+    fwrite(pk, 1, XMSS_OID_LEN + params.pk_bytes, stdout);
+    fwrite(sk, 1, XMSS_OID_LEN + params.sk_bytes, stdout);
 
     fclose(stdout);
 }

test/xmss_open.c

@@ -26,15 +26,15 @@ int main(int argc, char **argv) {
     fread(&oid, 1, XMSS_OID_LEN, keypair);
     xmss_parse_oid(&params, oid);
 
-    unsigned char pk[params.publickey_bytes];
-    unsigned char sm[params.bytes + MLEN];
-    unsigned char m[params.bytes + MLEN];
+    unsigned char pk[params.pk_bytes];
+    unsigned char sm[params.sig_bytes + MLEN];
+    unsigned char m[params.sig_bytes + MLEN];
     unsigned long long mlen;
 
-    fread(pk, 1, params.publickey_bytes, keypair);
-    fread(sm, 1, params.bytes + MLEN, stdin);
+    fread(pk, 1, params.pk_bytes, keypair);
+    fread(sm, 1, params.sig_bytes + MLEN, stdin);
 
-    ret = xmss_core_sign_open(&params, m, &mlen, sm, params.bytes + MLEN, pk);
+    ret = xmss_core_sign_open(&params, m, &mlen, sm, params.sig_bytes + MLEN, pk);
 
     if (ret) {
         printf("Verification failed!\n");

test/xmss_sign.c

@@ -29,23 +29,23 @@ int main(int argc, char **argv) {
     xmss_parse_oid(&params, oid_pk);
 
     /* fseek past the public key */
-    fseek(keypair, params.publickey_bytes, SEEK_CUR);
+    fseek(keypair, params.pk_bytes, SEEK_CUR);
     /* This is the OID we're actually going to use. Likely the same, but still. */
     fread(&oid_sk, 1, XMSS_OID_LEN, keypair);
     xmss_parse_oid(&params, oid_sk);
 
-    unsigned char sk[params.privatekey_bytes];
+    unsigned char sk[params.sk_bytes];
     unsigned char m[MLEN];
-    unsigned char sm[params.bytes + MLEN];
+    unsigned char sm[params.sig_bytes + MLEN];
     unsigned long long smlen;
 
-    fread(sk, 1, params.privatekey_bytes, keypair);
+    fread(sk, 1, params.sk_bytes, keypair);
     fread(m, 1, MLEN, stdin);
     xmss_core_sign(&params, sk, sm, &smlen, m, MLEN);
 
-    fseek(keypair, -((long int)params.privatekey_bytes), SEEK_CUR);
-    fwrite(sk, 1, params.privatekey_bytes, keypair);
-    fwrite(sm, 1, params.bytes + MLEN, stdout);
+    fseek(keypair, -((long int)params.sk_bytes), SEEK_CUR);
+    fwrite(sk, 1, params.sk_bytes, keypair);
+    fwrite(sm, 1, params.sig_bytes + MLEN, stdout);
 
     fclose(keypair);
     fclose(stdout);

test/xmssmt_keypair.c

@@ -18,13 +18,13 @@ int main(int argc, char **argv)
     xmssmt_str_to_oid(&oid, argv[1]);
     xmssmt_parse_oid(&params, oid);
 
-    unsigned char pk[XMSS_OID_LEN + params.publickey_bytes];
-    unsigned char sk[XMSS_OID_LEN + params.privatekey_bytes];
+    unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
+    unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
 
     xmssmt_keypair(pk, sk, oid);
 
-    fwrite(pk, 1, XMSS_OID_LEN + params.publickey_bytes, stdout);
-    fwrite(sk, 1, XMSS_OID_LEN + params.privatekey_bytes, stdout);
+    fwrite(pk, 1, XMSS_OID_LEN + params.pk_bytes, stdout);
+    fwrite(sk, 1, XMSS_OID_LEN + params.sk_bytes, stdout);
 
     fclose(stdout);
 }

test/xmssmt_open.c

@@ -26,15 +26,15 @@ int main(int argc, char **argv) {
     fread(&oid, 1, XMSS_OID_LEN, keypair);
     xmssmt_parse_oid(&params, oid);
 
-    unsigned char pk[params.publickey_bytes];
-    unsigned char sm[params.bytes + MLEN];
-    unsigned char m[params.bytes + MLEN];
+    unsigned char pk[params.pk_bytes];
+    unsigned char sm[params.sig_bytes + MLEN];
+    unsigned char m[params.sig_bytes + MLEN];
     unsigned long long mlen;
 
-    fread(pk, 1, params.publickey_bytes, keypair);
-    fread(sm, 1, params.bytes + MLEN, stdin);
+    fread(pk, 1, params.pk_bytes, keypair);
+    fread(sm, 1, params.sig_bytes + MLEN, stdin);
 
-    ret = xmssmt_core_sign_open(&params, m, &mlen, sm, params.bytes + MLEN, pk);
+    ret = xmssmt_core_sign_open(&params, m, &mlen, sm, params.sig_bytes + MLEN, pk);
 
     if (ret) {
         printf("Verification failed!\n");

test/xmssmt_sign.c

@@ -29,23 +29,23 @@ int main(int argc, char **argv) {
     xmssmt_parse_oid(&params, oid_pk);
 
     /* fseek past the public key. */
-    fseek(keypair, params.publickey_bytes, SEEK_CUR);
+    fseek(keypair, params.pk_bytes, SEEK_CUR);
     /* This is the OID we're actually going to use. Likely the same, but still.. */
     fread(&oid_sk, 1, XMSS_OID_LEN, keypair);
     xmssmt_parse_oid(&params, oid_sk);
 
-    unsigned char sk[params.privatekey_bytes];
+    unsigned char sk[params.sk_bytes];
     unsigned char m[MLEN];
-    unsigned char sm[params.bytes + MLEN];
+    unsigned char sm[params.sig_bytes + MLEN];
     unsigned long long smlen;
 
-    fread(sk, 1, params.privatekey_bytes, keypair);
+    fread(sk, 1, params.sk_bytes, keypair);
     fread(m, 1, MLEN, stdin);
     xmssmt_core_sign(&params, sk, sm, &smlen, m, MLEN);
 
-    fseek(keypair, -((long int)params.privatekey_bytes), SEEK_CUR);
-    fwrite(sk, 1, params.privatekey_bytes, keypair);
-    fwrite(sm, 1, params.bytes + MLEN, stdout);
+    fseek(keypair, -((long int)params.sk_bytes), SEEK_CUR);
+    fwrite(sk, 1, params.sk_bytes, keypair);
+    fwrite(sm, 1, params.sig_bytes + MLEN, stdout);
 
     fclose(keypair);
     fclose(stdout);

xmss_commons.c

@@ -47,7 +47,7 @@ void gen_leaf_wots(const xmss_params *params, unsigned char *leaf,
                    uint32_t ltree_addr[8], uint32_t ots_addr[8])
 {
     unsigned char seed[params->n];
-    unsigned char pk[params->wots_keysize];
+    unsigned char pk[params->wots_sig_bytes];
 
     get_seed(params, seed, sk_seed, ots_addr);
     wots_pkgen(params, pk, seed, pub_seed, ots_addr);
@@ -191,7 +191,7 @@ int xmss_core_sign_open(const xmss_params *params,
                         const unsigned char *pk)
 {
     const unsigned char *pub_seed = pk + params->n;
-    unsigned char wots_pk[params->wots_keysize];
+    unsigned char wots_pk[params->wots_sig_bytes];
     unsigned char leaf[params->n];
     unsigned char root[params->n];
     unsigned char mhash[params->n];
@@ -205,20 +205,20 @@ int xmss_core_sign_open(const xmss_params *params,
     set_type(ltree_addr, XMSS_ADDR_TYPE_LTREE);
     set_type(node_addr, XMSS_ADDR_TYPE_HASHTREE);
 
-    *mlen = smlen - params->bytes;
+    *mlen = smlen - params->sig_bytes;
 
     /* Convert the index bytes from the signature to an integer. */
-    idx = (unsigned long)bytes_to_ull(sm, params->index_len);
+    idx = (unsigned long)bytes_to_ull(sm, params->index_bytes);
 
     /* Compute the message hash. */
-    hash_message(params, mhash, sm + params->index_len, pk, idx,
-                 sm + params->bytes, *mlen);
-    sm += params->index_len + params->n;
+    hash_message(params, mhash, sm + params->index_bytes, pk, idx,
+                 sm + params->sig_bytes, *mlen);
+    sm += params->index_bytes + params->n;
 
     /* The WOTS public key is only correct if the signature was correct. */
     set_ots_addr(ots_addr, idx);
     wots_pk_from_sig(params, wots_pk, sm, mhash, pub_seed, ots_addr);
-    sm += params->wots_keysize;
+    sm += params->wots_sig_bytes;
 
     /* Compute the leaf node using the WOTS public key. */
     set_ltree_addr(ltree_addr, idx);
@@ -252,7 +252,7 @@ int xmssmt_core_sign_open(const xmss_params *params,
                           const unsigned char *pk)
 {
     const unsigned char *pub_seed = pk + params->n;
-    unsigned char wots_pk[params->wots_keysize];
+    unsigned char wots_pk[params->wots_sig_bytes];
     unsigned char leaf[params->n];
     unsigned char root[params->n];
     unsigned char *mhash = root;
@@ -268,15 +268,15 @@ int xmssmt_core_sign_open(const xmss_params *params,
     set_type(ltree_addr, XMSS_ADDR_TYPE_LTREE);
     set_type(node_addr, XMSS_ADDR_TYPE_HASHTREE);
 
-    *mlen = smlen - params->bytes;
+    *mlen = smlen - params->sig_bytes;
 
     /* Convert the index bytes from the signature to an integer. */
-    idx = bytes_to_ull(sm, params->index_len);
+    idx = bytes_to_ull(sm, params->index_bytes);
 
     /* Compute the message hash. */
-    hash_message(params, mhash, sm + params->index_len, pk, idx,
-                 sm + params->bytes, *mlen);
-    sm += params->index_len + params->n;
+    hash_message(params, mhash, sm + params->index_bytes, pk, idx,
+                 sm + params->sig_bytes, *mlen);
+    sm += params->index_bytes + params->n;
 
     /* For each subtree.. */
     for (i = 0; i < params->d; i++) {
@@ -296,7 +296,7 @@ int xmssmt_core_sign_open(const xmss_params *params,
         /* Initially, root = mhash, but on subsequent iterations it is the root
            of the subtree below the currently processed subtree. */
         wots_pk_from_sig(params, wots_pk, sm, root, pub_seed, ots_addr);
-        sm += params->wots_keysize;
+        sm += params->wots_sig_bytes;
 
         /* Compute the leaf node using the WOTS public key. */
         set_ltree_addr(ltree_addr, idx_leaf);

xmss_core.c

@@ -107,10 +107,10 @@ int xmss_core_sign(const xmss_params *params,
                    unsigned char *sm, unsigned long long *smlen,
                    const unsigned char *m, unsigned long long mlen)
 {
-    const unsigned char *sk_seed = sk + params->index_len;
-    const unsigned char *sk_prf = sk + params->index_len + params->n;
-    const unsigned char *pub_seed = sk + params->index_len + 2*params->n;
-    const unsigned char *pub_root = sk + params->index_len + 3*params->n;
+    const unsigned char *sk_seed = sk + params->index_bytes;
+    const unsigned char *sk_prf = sk + params->index_bytes + params->n;
+    const unsigned char *pub_seed = sk + params->index_bytes + 2*params->n;
+    const unsigned char *pub_root = sk + params->index_bytes + 3*params->n;
 
     unsigned char root[params->n];
     unsigned char mhash[params->n];
@@ -122,15 +122,15 @@ int xmss_core_sign(const xmss_params *params,
     set_type(ots_addr, XMSS_ADDR_TYPE_OTS);
 
     /* Read and use the current index from the secret key. */
-    idx = (unsigned long)bytes_to_ull(sk, params->index_len);
-    memcpy(sm, sk, params->index_len);
-    sm += params->index_len;
+    idx = (unsigned long)bytes_to_ull(sk, params->index_bytes);
+    memcpy(sm, sk, params->index_bytes);
+    sm += params->index_bytes;
 
     /*************************************************************************
      * THIS IS WHERE PRODUCTION IMPLEMENTATIONS WOULD UPDATE THE SECRET KEY. *
      *************************************************************************/
     /* Increment the index in the secret key. */
-    ull_to_bytes(sk, params->index_len, idx + 1);
+    ull_to_bytes(sk, params->index_bytes, idx + 1);
 
     /* Compute the digest randomization value. */
     ull_to_bytes(idx_bytes_32, 32, idx);
@@ -147,14 +147,14 @@ int xmss_core_sign(const xmss_params *params,
 
     /* Compute a WOTS signature on the message hash. */
     wots_sign(params, sm, mhash, ots_seed, pub_seed, ots_addr);
-    sm += params->wots_keysize;
+    sm += params->wots_sig_bytes;
 
     /* Compute the authentication path for the used WOTS leaf. */
     treehash(params, root, sm, sk_seed, pub_seed, idx, ots_addr);
     sm += params->tree_height*params->n;
 
     memcpy(sm, m, mlen);
-    *smlen = params->bytes + mlen;
+    *smlen = params->sig_bytes + mlen;
 
     return 0;
 }
@@ -175,8 +175,8 @@ int xmssmt_core_keypair(const xmss_params *params,
     set_layer_addr(top_tree_addr, params->d - 1);
 
     /* Initialize index to 0. */
-    memset(sk, 0, params->index_len);
-    sk += params->index_len;
+    memset(sk, 0, params->index_bytes);
+    sk += params->index_bytes;
 
     /* Initialize SK_SEED, SK_PRF and PUB_SEED. */
     randombytes(sk, 3 * params->n);
@@ -198,10 +198,10 @@ int xmssmt_core_sign(const xmss_params *params,
                      unsigned char *sm, unsigned long long *smlen,
                      const unsigned char *m, unsigned long long mlen)
 {
-    const unsigned char *sk_seed = sk + params->index_len;
-    const unsigned char *sk_prf = sk + params->index_len + params->n;
-    const unsigned char *pub_seed = sk + params->index_len + 2*params->n;
-    const unsigned char *pub_root = sk + params->index_len + 3*params->n;
+    const unsigned char *sk_seed = sk + params->index_bytes;
+    const unsigned char *sk_prf = sk + params->index_bytes + params->n;
+    const unsigned char *pub_seed = sk + params->index_bytes + 2*params->n;
+    const unsigned char *pub_root = sk + params->index_bytes + 3*params->n;
 
     unsigned char root[params->n];
     unsigned char *mhash = root;
@@ -215,15 +215,15 @@ int xmssmt_core_sign(const xmss_params *params,
     set_type(ots_addr, XMSS_ADDR_TYPE_OTS);
 
     /* Read and use the current index from the secret key. */
-    idx = (unsigned long)bytes_to_ull(sk, params->index_len);
-    memcpy(sm, sk, params->index_len);
-    sm += params->index_len;
+    idx = (unsigned long)bytes_to_ull(sk, params->index_bytes);
+    memcpy(sm, sk, params->index_bytes);
+    sm += params->index_bytes;
 
     /*************************************************************************
      * THIS IS WHERE PRODUCTION IMPLEMENTATIONS WOULD UPDATE THE SECRET KEY. *
      *************************************************************************/
     /* Increment the index in the secret key. */
-    ull_to_bytes(sk, params->index_len, idx + 1);
+    ull_to_bytes(sk, params->index_bytes, idx + 1);
 
     /* Compute the digest randomization value. */
     ull_to_bytes(idx_bytes_32, 32, idx);
@@ -250,7 +250,7 @@ int xmssmt_core_sign(const xmss_params *params,
         /* Initially, root = mhash, but on subsequent iterations it is the root
            of the subtree below the currently processed subtree. */
         wots_sign(params, sm, root, ots_seed, pub_seed, ots_addr);
-        sm += params->wots_keysize;
+        sm += params->wots_sig_bytes;
 
         /* Compute the authentication path for the used WOTS leaf. */
         treehash(params, root, sm, sk_seed, pub_seed, idx_leaf, ots_addr);
@@ -258,7 +258,7 @@ int xmssmt_core_sign(const xmss_params *params,
     }
 
     memcpy(sm, m, mlen);
-    *smlen = params->bytes + mlen;
+    *smlen = params->sig_bytes + mlen;
 
     return 0;
 }

xmss_core_fast.c

@@ -360,14 +360,14 @@ int xmss_core_keypair(const xmss_params *params,
     sk[2] = 0;
     sk[3] = 0;
     // Init SK_SEED (n byte), SK_PRF (n byte), and PUB_SEED (n byte)
-    randombytes(sk + params->index_len, 3*params->n);
+    randombytes(sk + params->index_bytes, 3*params->n);
     // Copy PUB_SEED to public key
-    memcpy(pk + params->n, sk + params->index_len + 2*params->n, params->n);
+    memcpy(pk + params->n, sk + params->index_bytes + 2*params->n, params->n);
 
     // Compute root
-    treehash_init(params, pk, params->tree_height, 0, state, sk + params->index_len, sk + params->index_len + 2*params->n, addr);
+    treehash_init(params, pk, params->tree_height, 0, state, sk + params->index_bytes, sk + params->index_bytes + 2*params->n, addr);
     // copy root o sk
-    memcpy(sk + params->index_len + 3*params->n, pk, params->n);
+    memcpy(sk + params->index_bytes + 3*params->n, pk, params->n);
     return 0;
 }
 
@@ -388,11 +388,11 @@ int xmss_core_sign(const xmss_params *params,
     // Extract SK
     unsigned long idx = ((unsigned long)sk[0] << 24) | ((unsigned long)sk[1] << 16) | ((unsigned long)sk[2] << 8) | sk[3];
     unsigned char sk_seed[params->n];
-    memcpy(sk_seed, sk + params->index_len, params->n);
+    memcpy(sk_seed, sk + params->index_bytes, params->n);
     unsigned char sk_prf[params->n];
-    memcpy(sk_prf, sk + params->index_len + params->n, params->n);
+    memcpy(sk_prf, sk + params->index_bytes + params->n, params->n);
     unsigned char pub_seed[params->n];
-    memcpy(pub_seed, sk + params->index_len + 2*params->n, params->n);
+    memcpy(pub_seed, sk + params->index_bytes + 2*params->n, params->n);
 
     // index as 32 bytes string
     unsigned char idx_bytes_32[32];
@@ -463,8 +463,8 @@ int xmss_core_sign(const xmss_params *params,
     // Compute WOTS signature
     wots_sign(params, sm, msg_h, ots_seed, pub_seed, ots_addr);
 
-    sm += params->wots_keysize;
-    *smlen += params->wots_keysize;
+    sm += params->wots_sig_bytes;
+    *smlen += params->wots_sig_bytes;
 
     // the auth path was already computed during the previous round
     memcpy(sm, state->auth, params->tree_height*params->n);
@@ -497,27 +497,27 @@ int xmssmt_core_keypair(const xmss_params *params,
     unsigned int i;
 
     // Set idx = 0
-    for (i = 0; i < params->index_len; i++) {
+    for (i = 0; i < params->index_bytes; i++) {
         sk[i] = 0;
     }
     // Init SK_SEED (params->n byte), SK_PRF (params->n byte), and PUB_SEED (params->n byte)
-    randombytes(sk+params->index_len, 3*params->n);
+    randombytes(sk+params->index_bytes, 3*params->n);
     // Copy PUB_SEED to public key
-    memcpy(pk+params->n, sk+params->index_len+2*params->n, params->n);
+    memcpy(pk+params->n, sk+params->index_bytes+2*params->n, params->n);
 
     // Start with the bottom-most layer
     set_layer_addr(addr, 0);
     // Set up state and compute wots signatures for all but topmost tree root
     for (i = 0; i < params->d - 1; i++) {
         // Compute seed for OTS key pair
-        treehash_init(params, pk, params->tree_height, 0, states + i, sk+params->index_len, pk+params->n, addr);
+        treehash_init(params, pk, params->tree_height, 0, states + i, sk+params->index_bytes, pk+params->n, addr);
         set_layer_addr(addr, (i+1));
-        get_seed(params, ots_seed, sk + params->index_len, addr);
-        wots_sign(params, wots_sigs + i*params->wots_keysize, pk, ots_seed, pk+params->n, addr);
+        get_seed(params, ots_seed, sk + params->index_bytes, addr);
+        wots_sign(params, wots_sigs + i*params->wots_sig_bytes, pk, ots_seed, pk+params->n, addr);
     }
     // Address now points to the single tree on layer d-1
-    treehash_init(params, pk, params->tree_height, 0, states + i, sk+params->index_len, pk+params->n, addr);
-    memcpy(sk + params->index_len + 3*params->n, pk, params->n);
+    treehash_init(params, pk, params->tree_height, 0, states + i, sk+params->index_bytes, pk+params->n, addr);
+    memcpy(sk + params->index_bytes + 3*params->n, pk, params->n);
     return 0;
 }
 
@@ -555,17 +555,17 @@ int xmssmt_core_sign(const xmss_params *params,
 
     // Extract SK
     unsigned long long idx = 0;
-    for (i = 0; i < params->index_len; i++) {
-        idx |= ((unsigned long long)sk[i]) << 8*(params->index_len - 1 - i);
+    for (i = 0; i < params->index_bytes; i++) {
+        idx |= ((unsigned long long)sk[i]) << 8*(params->index_bytes - 1 - i);
     }
 
-    memcpy(sk_seed, sk+params->index_len, params->n);
-    memcpy(sk_prf, sk+params->index_len+params->n, params->n);
-    memcpy(pub_seed, sk+params->index_len+2*params->n, params->n);
+    memcpy(sk_seed, sk+params->index_bytes, params->n);
+    memcpy(sk_prf, sk+params->index_bytes+params->n, params->n);
+    memcpy(pub_seed, sk+params->index_bytes+2*params->n, params->n);
 
     // Update SK
-    for (i = 0; i < params->index_len; i++) {
-        sk[i] = ((idx + 1) >> 8*(params->index_len - 1 - i)) & 255;
+    for (i = 0; i < params->index_bytes; i++) {
+        sk[i] = ((idx + 1) >> 8*(params->index_bytes - 1 - i)) & 255;
     }
     // Secret key for this non-forward-secure version is now updated.
     // A production implementation should consider using a file handle instead,
@@ -581,7 +581,7 @@ int xmssmt_core_sign(const xmss_params *params,
     prf(params, R, idx_bytes_32, sk_prf, params->n);
     // Generate hash key (R || root || idx)
     memcpy(hash_key, R, params->n);
-    memcpy(hash_key+params->n, sk+params->index_len+3*params->n, params->n);
+    memcpy(hash_key+params->n, sk+params->index_bytes+3*params->n, params->n);
     ull_to_bytes(hash_key+2*params->n, params->n, idx);
 
     // Then use it for message digest
@@ -591,12 +591,12 @@ int xmssmt_core_sign(const xmss_params *params,
     *smlen = 0;
 
     // Copy index to signature
-    for (i = 0; i < params->index_len; i++) {
-        sm[i] = (idx >> 8*(params->index_len - 1 - i)) & 255;
+    for (i = 0; i < params->index_bytes; i++) {
+        sm[i] = (idx >> 8*(params->index_bytes - 1 - i)) & 255;
     }
 
-    sm += params->index_len;
-    *smlen += params->index_len;
+    sm += params->index_bytes;
+    *smlen += params->index_bytes;
 
     // Copy R to signature
     for (i = 0; i < params->n; i++) {
@@ -626,8 +626,8 @@ int xmssmt_core_sign(const xmss_params *params,
     // Compute WOTS signature
     wots_sign(params, sm, msg_h, ots_seed, pub_seed, ots_addr);
 
-    sm += params->wots_keysize;
-    *smlen += params->wots_keysize;
+    sm += params->wots_sig_bytes;
+    *smlen += params->wots_sig_bytes;
 
     memcpy(sm, states[0].auth, params->tree_height*params->n);
     sm += params->tree_height*params->n;
@@ -636,10 +636,10 @@ int xmssmt_core_sign(const xmss_params *params,
     // prepare signature of remaining layers
     for (i = 1; i < params->d; i++) {
         // put WOTS signature in place
-        memcpy(sm, wots_sigs + (i-1)*params->wots_keysize, params->wots_keysize);
+        memcpy(sm, wots_sigs + (i-1)*params->wots_sig_bytes, params->wots_sig_bytes);
 
-        sm += params->wots_keysize;
-        *smlen += params->wots_keysize;
+        sm += params->wots_sig_bytes;
+        *smlen += params->wots_sig_bytes;
 
         // put AUTH nodes in place
         memcpy(sm, states[i].auth, params->tree_height*params->n);
@@ -684,8 +684,8 @@ int xmssmt_core_sign(const xmss_params *params,
             set_tree_addr(ots_addr, ((idx + 1) >> ((i+2) * params->tree_height)));
             set_ots_addr(ots_addr, (((idx >> ((i+1) * params->tree_height)) + 1) & ((1 << params->tree_height)-1)));
 
-            get_seed(params, ots_seed, sk+params->index_len, ots_addr);
-            wots_sign(params, wots_sigs + i*params->wots_keysize, states[i].stack, ots_seed, pub_seed, ots_addr);
+            get_seed(params, ots_seed, sk+params->index_bytes, ots_addr);
+            wots_sign(params, wots_sigs + i*params->wots_sig_bytes, states[i].stack, ots_seed, pub_seed, ots_addr);
 
             states[params->d + i].stackoffset = 0;
             states[params->d + i].next_leaf = 0;