e293d105cf
Fix memory corruption
2024-06-03 11:21:10 +01:00
db1d6a1eda
add parameter name to the vectors
2024-06-03 00:52:19 +01:00
c5e4f43d04
[acvp-kat] Adds OID to keys and signature
2024-06-03 00:40:33 +01:00
b231090079
[xmss] Create ACVP tests
2024-06-01 01:38:11 +01:00
f6f2e7c444
Init
2024-05-31 15:17:45 +01:00
Andreas
171ccbd26f
fixed two minor points in handling the maximum signature value
2021-03-16 09:23:17 +01:00
Andreas
f56dc0e8a7
Ensure that sign deletes key after 2^h signatures and returns -2
2021-03-15 10:41:00 +01:00
Joost Rijneveld
9384cc066a
Clean up compiler warnings/int overflow
2020-05-25 13:07:11 +02:00
Joost Rijneveld
feed976315
Unify keypair and seed_keypair
2020-05-25 13:04:02 +02:00
Bas Westerbaan
27f2f6eb45
Add test/vectors to generate intermediate test vectors
...
Helpful to test other implementations.
Used for instance for go-xmssmt.
Issue #5
2020-05-24 17:56:45 +02:00
David Cooper
3dabea248f
Add NIST Special Publication 800-208 parameter sets
...
This commit adds support for the parameter sets in the draft version of NIST SP 800-208.
2020-05-18 08:16:02 -04:00
Joost Rijneveld
bb2d285814
Prevent overrunning stack for large benchmarks
2018-09-11 16:00:05 +02:00
Joost Rijneveld
9207b91272
Add benchmarking binary/target
2018-09-03 13:23:55 +09:00
Joost Rijneveld
c63291fb8e
Add test to check existence of parameter sets
2018-01-11 10:09:59 +01:00
Joost Rijneveld
f8023bbc2b
Update IANA numeric identifiers to match Draft v12
2018-01-10 23:22:32 +01:00
Joost Rijneveld
b78d0756d0
Make return code of test/xmss meaningful
2017-10-31 17:24:06 +01:00
Joost Rijneveld
a234427390
Explicitly parse XMSS_VARIANT to get OID for tests
2017-10-31 17:23:37 +01:00
Joost Rijneveld
c248911178
Optionally specify number of test sigs in Makefile
...
This is relevant because of the enormous difference in signing
speed between the regular and BDS-traversal-based xmss core.
2017-10-31 17:23:28 +01:00
Joost Rijneveld
1cba1e7be8
Make core_fast use the secret key for the state
...
This ensures that xmss_core and xmss_core_fast offer the same API.
Note that xmss_core_fast still needs a major refactor, and this
wrapper is not exactly very clean. There is a considerable chance
this refactor will change the format of the state in the secret key.
2017-10-31 17:21:29 +01:00
Joost Rijneveld
384b228c58
Support messages that exceed the stack size
...
Previous code allocated an array on the stack of mlen bytes, but
it should be possible to also sign heap-space messages. By relying
on the fact that sm and m fit the message + signature, we move
the message so that 4*n bytes of prefix can be added.
2017-10-31 17:21:27 +01:00
Joost Rijneveld
f5d53b252e
Fix failing verification test formatting
2017-10-30 16:36:08 +01:00
Joost Rijneveld
ac55d2ccf2
Make XMSSMT WOTS memory usage more accurate
2017-10-30 12:31:33 +01:00
Joost Rijneveld
5ce8fc402b
Clean up tests
2017-10-26 18:06:15 +02:00
Joost Rijneveld
3c802756aa
Separate UI and test files
2017-10-26 14:13:28 +02:00
Joost Rijneveld
7c6354f762
Rename parameters for readability and consistency
2017-10-24 17:51:56 +02:00
Joost Rijneveld
9ac634762f
Also fix underflow for XMSSMT
...
This is the same fix as 998137622a
2017-10-24 09:37:57 +02:00
Joost Rijneveld
c4d4e93bbd
Add test to check deterministic signatures
...
Wrote this to find what turned out to be an external error when
using the interfacing programs, but felt like it might as well be added.
Under the same key and message, the signature is expected to be identical.
However, as the index changes, this case will not happen in real use.
2017-10-23 14:52:33 +02:00
Joost Rijneveld
305bd614bb
Perform various reformatting / renaming
2017-10-23 14:10:39 +02:00
Joost Rijneveld
998137622a
Fix integer underflow when writing updated sk
...
This caused secret key files to become close to MAXINT bytes, as
the unsigned int that is the private key size would be subtracted
from MAXINT when its negative was used as offset.
2017-10-23 13:25:01 +02:00
Joost Rijneveld
8970c4933c
Document and simplify library usage
2017-10-23 13:03:44 +02:00
Joost Rijneveld
c803860cf8
Fix file IO ambiguity for UI scripts
...
The variable sm should contain the signature and the message,
not the message and the signature (i.e. the order is crucial).
2017-10-19 16:08:50 +02:00
Joost Rijneveld
b8eb8c44a1
Add UI test files to create sample signatures
...
This makes it easier to mix and match with other implementations
for compatibility testing.
2017-10-17 17:11:18 +02:00
Joost Rijneveld
6a8571d880
Revert to using runtime-only parameter struct
...
Using global defines for parameters (as seems to be typical in
academic crypto code) does not play nice with multithreading at all.
2017-10-16 12:09:07 +02:00
Joost Rijneveld
9d5884e120
Refactor for more consistent style and readability
2017-08-03 17:39:37 +02:00
Joost Rijneveld
9b35b00d98
Add wrapper that allows for runtime parameters
2017-08-01 16:18:09 +02:00
Joost Rijneveld
65ee8202d8
Refactor to prepare for runtime parameters
2017-08-01 16:18:09 +02:00
Joost Rijneveld
8befb0d550
Add SHAKE128 and SHAKE256
...
This also performs numerous consistency fixes
2017-06-02 17:29:14 +02:00
Joost Rijneveld
1e00c92c18
Refactor to use compile-time parameter sets
...
This starts a cleanup / refactor, but there is still some low-hanging fruit.
2017-06-02 14:10:24 +02:00
Joost Rijneveld
d4bc8656e3
Fix bug in addressing during fast xmssmt key gen
2017-05-31 16:43:12 +02:00
Andreas
9f512fa8dc
v06
2016-09-22 16:31:41 +02:00
Andreas
2c290d39be
upgraded to draft-06
2016-07-11 11:15:16 +02:00
Andreas
c37b9dcfca
SWITCH from v01 to v03
...
Versions are incompatible due to different address formats and differing message compression!
2016-02-16 16:31:18 +01:00
Joost Rijneveld
1e503b665e
Make codestyle more consistent, fix -Wextra warns
2016-02-02 14:11:23 +01:00
Joost Rijneveld
719cb467df
Prevent allocating for a 'next' tree on top layer
2016-02-01 17:21:09 +01:00
Andreas
9d9b782ff9
added support for n = m = 64
2015-10-28 15:49:46 +01:00
Joost Rijneveld
c2807695e8
Make test_xmss_fast stack large enough for pkgen
2015-10-28 11:40:26 +01:00
Andreas
cb05927c24
corrected test cases
2015-10-28 11:08:36 +01:00
Joost Rijneveld
594d67aeb9
Use proper size limits for state structures
2015-10-05 21:59:50 +02:00
Joost Rijneveld
4c19fe61e4
Make XMSSMT also use BDS tree traversal
2015-09-21 13:24:42 +02:00
Joost Rijneveld
a075747462
Store BDS state in passable struct, not in globals
2015-08-27 09:39:06 +02:00