|
@@ -0,0 +1,57 @@ |
|
|
|
|
|
#include <stdio.h> |
|
|
|
|
|
#include <stdint.h> |
|
|
|
|
|
#include <string.h> |
|
|
|
|
|
|
|
|
|
|
|
#include "../params.h" |
|
|
|
|
|
#include "../xmss.h" |
|
|
|
|
|
#include "../randombytes.h" |
|
|
|
|
|
|
|
|
|
|
|
#define MLEN 32 |
|
|
|
|
|
|
|
|
|
|
|
int main() |
|
|
|
|
|
{ |
|
|
|
|
|
xmss_params params; |
|
|
|
|
|
char *oidstr = "XMSS-SHA2_10_256"; |
|
|
|
|
|
uint32_t oid = 0x01000001; |
|
|
|
|
|
unsigned int i; |
|
|
|
|
|
|
|
|
|
|
|
fprintf(stderr, "Testing if XMSS-SHA2_10_256 signing is deterministic.. "); |
|
|
|
|
|
|
|
|
|
|
|
xmss_str_to_oid(&oid, oidstr); |
|
|
|
|
|
xmss_parse_oid(¶ms, oid); |
|
|
|
|
|
|
|
|
|
|
|
unsigned char pk[XMSS_OID_LEN + params.publickey_bytes]; |
|
|
|
|
|
unsigned char sk[XMSS_OID_LEN + params.privatekey_bytes]; |
|
|
|
|
|
unsigned char sk2[XMSS_OID_LEN + params.privatekey_bytes]; |
|
|
|
|
|
|
|
|
|
|
|
unsigned char m[MLEN]; |
|
|
|
|
|
unsigned char sm[params.bytes + MLEN]; |
|
|
|
|
|
unsigned char sm2[params.bytes + MLEN]; |
|
|
|
|
|
unsigned long long smlen; |
|
|
|
|
|
|
|
|
|
|
|
xmss_keypair(pk, sk, oid); |
|
|
|
|
|
|
|
|
|
|
|
/* Duplicate the key, because the original will be modified. */ |
|
|
|
|
|
memcpy(sk2, sk, XMSS_OID_LEN + params.privatekey_bytes); |
|
|
|
|
|
|
|
|
|
|
|
/* Sign a random message (but twice the same one). */ |
|
|
|
|
|
randombytes(m, MLEN); |
|
|
|
|
|
|
|
|
|
|
|
xmss_sign(sk, sm, &smlen, m, MLEN); |
|
|
|
|
|
xmss_sign(sk2, sm2, &smlen, m, MLEN); |
|
|
|
|
|
|
|
|
|
|
|
/* Compare signature, and, if applicable, print the differences. */ |
|
|
|
|
|
if (memcmp(sm, sm2, params.bytes + MLEN)) { |
|
|
|
|
|
fprintf(stderr, "signatures differ!\n"); |
|
|
|
|
|
for (i = 0; i < params.bytes + MLEN; i++) { |
|
|
|
|
|
fprintf(stderr, (sm[i] != sm2[i] ? "x" : ".")); |
|
|
|
|
|
} |
|
|
|
|
|
fprintf(stderr, "\n"); |
|
|
|
|
|
return -1; |
|
|
|
|
|
} |
|
|
|
|
|
else { |
|
|
|
|
|
fprintf(stderr, "signatures are identical.\n"); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return 0; |
|
|
|
|
|
} |