kris/xmss-KAT-generator
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix bug in addressing during fast xmssmt key gen

Browse Source
This commit is contained in:
Joost Rijneveld 2017-05-31 16:43:12 +02:00
parent 9f512fa8dc
commit d4bc8656e3
No known key found for this signature in database
GPG Key ID: 307BC77F47D58EE2
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
test/test_xmssmt_fast.c
View File

@ -68,7 +68,7 @@ int main()
// check pub_seed in SK // check pub_seed in SK
for (i = 0; i < n; i++) { for (i = 0; i < n; i++) {
if (pk[n+i] != sk[params->index_len+2*n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i); if (pk[n+i] != sk[params->index_len+2*n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
if (pk[i] != sk[4+3*n+i]) printf("pk.root != sk.root %llu",i); if (pk[i] != sk[params->index_len+3*n+i]) printf("pk.root != sk.root %llu",i);
} }
printf("pk checked\n"); printf("pk checked\n");

5
xmss_fast.c
View File

@ -753,9 +753,9 @@ int xmssmt_keypair(unsigned char *pk, unsigned char *sk, bds_state *states, unsi
// Copy PUB_SEED to public key // Copy PUB_SEED to public key
memcpy(pk+n, sk+params->index_len+2*n, n); memcpy(pk+n, sk+params->index_len+2*n, n);
// Set address to point on the single tree on layer d-1
uint32_t addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; uint32_t addr[8] = {0, 0, 0, 0, 0, 0, 0, 0};
setLayerADRS(addr, (params->d-1)); // Start with the bottom-most layer
setLayerADRS(addr, 0);
// Set up state and compute wots signatures for all but topmost tree root // Set up state and compute wots signatures for all but topmost tree root
for (i = 0; i < params->d - 1; i++) { for (i = 0; i < params->d - 1; i++) {
// Compute seed for OTS key pair // Compute seed for OTS key pair
@ -764,6 +764,7 @@ int xmssmt_keypair(unsigned char *pk, unsigned char *sk, bds_state *states, unsi
get_seed(ots_seed, sk+params->index_len, n, addr); get_seed(ots_seed, sk+params->index_len, n, addr);
wots_sign(wots_sigs + i*params->xmss_par.wots_par.keysize, pk, ots_seed, &(params->xmss_par.wots_par), pk+n, addr); wots_sign(wots_sigs + i*params->xmss_par.wots_par.keysize, pk, ots_seed, &(params->xmss_par.wots_par), pk+n, addr);
} }
// Address now points to the single tree on layer d-1
treehash_setup(pk, params->xmss_par.h, 0, states + i, sk+params->index_len, &(params->xmss_par), pk+n, addr); treehash_setup(pk, params->xmss_par.h, 0, states + i, sk+params->index_len, &(params->xmss_par), pk+n, addr);
memcpy(sk+params->index_len+3*n, pk, n); memcpy(sk+params->index_len+3*n, pk, n);
return 0; return 0;