Selaa lähdekoodia

Merge branch 'master' of bitbucket.org:ahuelsing/xmss_ref

Conflicts:
	Makefile
	test/test_chacha
	test/test_wots
	test/test_xmss
master
Andreas 9 vuotta sitten
vanhempi
commit
ed18e56412
9 muutettua tiedostoa jossa 144 lisäystä ja 37 poistoa
  1. +7
    -0
      .gitignore
  2. +3
    -1
      Makefile
  3. +2
    -2
      prg.c
  4. +2
    -2
      prg.h
  5. +98
    -0
      test/test_xmssmt.c
  6. +5
    -5
      wots.c
  7. +25
    -25
      xmss.c
  8. +1
    -1
      xmss_commons.c
  9. +1
    -1
      xmss_commons.h

+ 7
- 0
.gitignore Näytä tiedosto

@@ -0,0 +1,7 @@
test/test_chacha
test/test_wots
test/test_horst
test/test_xmss
test/test_xmssmt
test/speed
test/gen_testvectors

+ 3
- 1
Makefile Näytä tiedosto

@@ -25,4 +25,6 @@ clean:
-rm test/test_chacha
-rm test/test_wots
-rm test/test_xmss
-rm test/test_xmssmt
-rm test/test_xmssmt



+ 2
- 2
prg.c Näytä tiedosto

@@ -13,7 +13,7 @@ const unsigned char zero_nonce[12] = {0};
/**
* Generates rlen output bytes using ChaCha20 with a zero nonce and counter = 0
*/
void prg(unsigned char *r, unsigned long long rlen, const unsigned char *key, uint key_len)
void prg(unsigned char *r, unsigned long long rlen, const unsigned char *key, unsigned int key_len)
{
CRYPTO_chacha_20_keystream(r, rlen, key, zero_nonce, 0);
}
@@ -22,7 +22,7 @@ void prg(unsigned char *r, unsigned long long rlen, const unsigned char *key, ui
* Generates rlen output bytes using ChaCha20.
* Nonce and counter are set depending on the address addr.
*/
void prg_with_counter(unsigned char *r, unsigned long long rlen, const unsigned char *key, uint key_len, const unsigned char addr[16])
void prg_with_counter(unsigned char *r, unsigned long long rlen, const unsigned char *key, unsigned int key_len, const unsigned char addr[16])
{
int i;
unsigned char nonce[12];


+ 2
- 2
prg.h Näytä tiedosto

@@ -12,11 +12,11 @@ Public domain.
* Generates rlen output bytes using key_len-byte key and places them in r.
*
*/
void prg(unsigned char *r, unsigned long long rlen, const unsigned char *key, uint key_len);
void prg(unsigned char *r, unsigned long long rlen, const unsigned char *key, unsigned int key_len);

/**
* Generates rlen output bytes using key_len-byte key and hash address addr and places them in r.
*
*/
void prg_with_counter(unsigned char *r, unsigned long long rlen, const unsigned char *key, uint key_len, const unsigned char addr[16]);
void prg_with_counter(unsigned char *r, unsigned long long rlen, const unsigned char *key, unsigned int key_len, const unsigned char addr[16]);
#endif

+ 98
- 0
test/test_xmssmt.c Näytä tiedosto

@@ -0,0 +1,98 @@
#include <stdio.h>
#include <string.h>

#include "../xmss.h"

#define MLEN 3491
#define SIGNATURES 1024


unsigned char mi[MLEN];
unsigned long long smlen;
unsigned long long mlen;

int main()
{
int r;
unsigned long long i,j;
int m = 32;
int n = 32;
int h = 10;
int d = 2;
int w = 16;
xmssmt_params p;
xmssmt_params *params = &p;
xmssmt_set_params(params, m, n, h, d, w);
unsigned char sk[(params->index_len+2*n+m)];
unsigned char pk[2*n];
unsigned long long signature_length = params->index_len + m + (d*params->xmss_par.wots_par.keysize) + h*n;
unsigned char mo[MLEN+signature_length];
unsigned char sm[MLEN+signature_length];

FILE *urandom = fopen("/dev/urandom", "r");
for(i=0;i<MLEN;i++) mi[i] = fgetc(urandom);

printf("keypair\n");
xmssmt_keypair(pk, sk, params);
// check pub_seed in SK
for(i=0;i<n;i++)
{
if(pk[n+i] != sk[params->index_len+m+n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);
}
printf("pk checked\n");

unsigned int idx_len = params->index_len;
// check index
unsigned long long idx = 0;
for(i = 0; i < idx_len; i++){
idx |= ((unsigned long long)sk[i]) << 8*(idx_len - 1 - i);
}

if(idx) printf("\nidx != 0: %llu\n",idx);
for(i=0;i<SIGNATURES;i++){
printf("sign\n");
xmssmt_sign(sk, sm, &smlen, mi, MLEN, params);
idx = 0;
for(j = 0; j < idx_len; j++){
idx += ((unsigned long long)sm[j]) << 8*(idx_len - 1 - j);
}
printf("\nidx = %llu\n",idx);
r = memcmp(mi, sm+signature_length,MLEN);
printf("%d\n", r);
/* Test valid signature */
printf("verify\n");
r = xmssmt_sign_open(mo, &mlen, sm, smlen, pk, params);
printf("%d\n", r);
r = memcmp(mi,mo,MLEN);
printf("%d\n", r);
printf("%llu\n", MLEN-mlen);

/* Test with modified message */
sm[52] ^= 1;
r = xmssmt_sign_open(mo, &mlen, sm, smlen, pk, params);
printf("%d\n", r+1);
r = memcmp(mi,mo,MLEN);
printf("%d\n", (r!=0) - 1);
printf("%llu\n", mlen+1);

/* Test with modified signature */
sm[260] ^= 1;
sm[52] ^= 1;
sm[2] ^= 1;
r = xmssmt_sign_open(mo, &mlen, sm, smlen, pk, params);
printf("%d\n", r+1);
r = memcmp(mi,mo,MLEN);
printf("%d\n", (r!=0) - 1);
printf("%llu\n", mlen+1);
}
fclose(urandom);
return 0;
}



+ 5
- 5
wots.c Näytä tiedosto

@@ -57,7 +57,7 @@ static void expand_seed(unsigned char *outseeds, const unsigned char *inseed, co
*/
static void gen_chain(unsigned char *out, const unsigned char *in, int start, int steps, const wots_params *params, const unsigned char *pub_seed, unsigned char addr[16])
{
uint i,j;
unsigned int i,j;
for(j=0;j<params->n;j++)
out[j] = in[j];

@@ -101,7 +101,7 @@ static void base_w(int *output, const unsigned char *input, int in_len, const wo
*/
static void base_w_alternative(int *output, unsigned char *input, int in_len, const wots_params *params)
{
uint i = 0;
unsigned int i = 0;
for(i = 0; i < in_len; i += 2)
{
output[i] = input[in_len - 1 - (i / 2)] >> 4;
@@ -111,7 +111,7 @@ static void base_w_alternative(int *output, unsigned char *input, int in_len, co

void wots_pkgen(unsigned char *pk, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, unsigned char addr[16])
{
uint i;
unsigned int i;
expand_seed(pk, sk, params);
for(i=0;i<params->len;i++){
SET_CHAIN_ADDRESS(addr,i);
@@ -127,7 +127,7 @@ void wots_sign(unsigned char *sig, const unsigned char *msg, const unsigned char
{
int basew[params->len];
int csum = 0;
uint i=0;
unsigned int i=0;

base_w(basew, msg, params->m, params);
@@ -166,7 +166,7 @@ void wots_pkFromSig(unsigned char *pk, const unsigned char *sig, const unsigned
{
int basew[params->len];
int csum = 0;
uint i=0;
unsigned int i=0;

base_w(basew, msg, params->m, params);


+ 25
- 25
xmss.c Näytä tiedosto

@@ -132,10 +132,10 @@ void xmssmt_set_params(xmssmt_params *params, int m, int n, int h, int d, int w)
*/
static void l_tree(unsigned char *leaf, unsigned char *wots_pk, const xmss_params *params, const unsigned char *pub_seed, unsigned char addr[16])
{
uint l = params->wots_par.len;
uint n = params->n;
unsigned int l = params->wots_par.len;
unsigned int n = params->n;
unsigned long i = 0;
uint height = 0;
unsigned int height = 0;
//ADRS.setTreeHeight(0);
SET_LTREE_TREE_HEIGHT(addr,height);
@@ -192,8 +192,8 @@ static void gen_leaf_wots(unsigned char *leaf, const unsigned char *sk_seed, con
static void treehash(unsigned char *node, int height, int index, const unsigned char *sk_seed, const xmss_params *params, const unsigned char *pub_seed, const unsigned char addr[16])
{

uint idx = index;
uint n = params->n;
unsigned int idx = index;
unsigned int n = params->n;
// use three different addresses because at this point we use all three formats in parallel
unsigned char ots_addr[16];
unsigned char ltree_addr[16];
@@ -240,7 +240,7 @@ static void treehash(unsigned char *node, int height, int index, const unsigned
*/
static void validate_authpath(unsigned char *root, const unsigned char *leaf, unsigned long leafidx, const unsigned char *authpath, const xmss_params *params, const unsigned char *pub_seed, unsigned char addr[16])
{
uint n = params->n;
unsigned int n = params->n;
int i,j;
unsigned char buffer[2*n];
@@ -295,7 +295,7 @@ static void validate_authpath(unsigned char *root, const unsigned char *leaf, un
*/
static void compute_authpath_wots(unsigned char *root, unsigned char *authpath, unsigned long leaf_idx, const unsigned char *sk_seed, const xmss_params *params, unsigned char *pub_seed, unsigned char addr[16])
{
uint i, j, level;
unsigned int i, j, level;
int n = params->n;
int h = params->h;
@@ -355,8 +355,8 @@ static void compute_authpath_wots(unsigned char *root, unsigned char *authpath,
*/
int xmss_keypair(unsigned char *pk, unsigned char *sk, xmss_params *params)
{
uint n = params->n;
uint m = params->m;
unsigned int n = params->n;
unsigned int m = params->m;
// Set idx = 0
sk[0] = 0;
sk[1] = 0;
@@ -382,8 +382,8 @@ int xmss_keypair(unsigned char *pk, unsigned char *sk, xmss_params *params)
*/
int xmss_sign(unsigned char *sk, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg, unsigned long long msglen, const xmss_params *params)
{
uint n = params->n;
uint m = params->m;
unsigned int n = params->n;
unsigned int m = params->m;
// Extract SK
unsigned long idx = ((unsigned long)sk[0] << 24) | ((unsigned long)sk[1] << 16) | ((unsigned long)sk[2] << 8) | sk[3];
@@ -474,8 +474,8 @@ int xmss_sign(unsigned char *sk, unsigned char *sig_msg, unsigned long long *sig
*/
int xmss_sign_open(unsigned char *msg, unsigned long long *msglen, const unsigned char *sig_msg, unsigned long long sig_msg_len, const unsigned char *pk, const xmss_params *params)
{
uint n = params->n;
uint m = params->m;
unsigned int n = params->n;
unsigned int m = params->m;
unsigned long long i, m_len;
unsigned long idx=0;
@@ -564,9 +564,9 @@ fail:
*/
int xmssmt_keypair(unsigned char *pk, unsigned char *sk, xmssmt_params *params)
{
uint n = params->n;
uint m = params->m;
uint i;
unsigned int n = params->n;
unsigned int m = params->m;
unsigned int i;
// Set idx = 0
for (i = 0; i < params->index_len; i++){
sk[i] = 0;
@@ -594,10 +594,10 @@ int xmssmt_keypair(unsigned char *pk, unsigned char *sk, xmssmt_params *params)
*/
int xmssmt_sign(unsigned char *sk, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg, unsigned long long msglen, const xmssmt_params *params)
{
uint n = params->n;
uint m = params->m;
uint tree_h = params->xmss_par.h;
uint idx_len = params->index_len;
unsigned int n = params->n;
unsigned int m = params->m;
unsigned int tree_h = params->xmss_par.h;
unsigned int idx_len = params->index_len;
unsigned long long idx_tree;
unsigned long long idx_leaf;
unsigned long long i;
@@ -686,7 +686,7 @@ int xmssmt_sign(unsigned char *sk, unsigned char *sig_msg, unsigned long long *s
*sig_msg_len += tree_h*n;
// Now loop over remaining layers...
uint j;
unsigned int j;
for(j = 1; j < params->d; j++){
// Prepare Address
idx_leaf = (idx_tree & ((1 << tree_h)-1));
@@ -723,11 +723,11 @@ int xmssmt_sign(unsigned char *sk, unsigned char *sig_msg, unsigned long long *s
*/
int xmssmt_sign_open(unsigned char *msg, unsigned long long *msglen, const unsigned char *sig_msg, unsigned long long sig_msg_len, const unsigned char *pk, const xmssmt_params *params)
{
uint n = params->n;
uint m = params->m;
unsigned int n = params->n;
unsigned int m = params->m;
uint tree_h = params->xmss_par.h;
uint idx_len = params->index_len;
unsigned int tree_h = params->xmss_par.h;
unsigned int idx_len = params->index_len;
unsigned long long idx_tree;
unsigned long long idx_leaf;


+ 1
- 1
xmss_commons.c Näytä tiedosto

@@ -8,7 +8,7 @@ Public domain.
#include <stdlib.h>
#include <stdio.h>

void to_byte(unsigned char *out, uint in, int bytes)
void to_byte(unsigned char *out, unsigned int in, int bytes)
{
int i;
for(i = 0; i < bytes; i++){


+ 1
- 1
xmss_commons.h Näytä tiedosto

@@ -8,6 +8,6 @@ Public domain.

#include <stdlib.h>

void to_byte(unsigned char *output, uint in, int bytes);
void to_byte(unsigned char *output, unsigned int in, int bytes);
void hexdump(const unsigned char *a, size_t len);
#endif

Ladataan…
Peruuta
Tallenna