Граф коммитов

60 Коммитов

Автор SHA1 Сообщение Дата
e293d105cf Fix memory corruption 2024-06-03 11:21:10 +01:00
db1d6a1eda add parameter name to the vectors 2024-06-03 00:52:19 +01:00
c5e4f43d04 [acvp-kat] Adds OID to keys and signature 2024-06-03 00:40:33 +01:00
b231090079 [xmss] Create ACVP tests 2024-06-01 01:38:11 +01:00
f6f2e7c444 Init 2024-05-31 15:17:45 +01:00
Andreas
171ccbd26f fixed two minor points in handling the maximum signature value 2021-03-16 09:23:17 +01:00
Andreas
f56dc0e8a7 Ensure that sign deletes key after 2^h signatures and returns -2 2021-03-15 10:41:00 +01:00
Joost Rijneveld
9384cc066a
Clean up compiler warnings/int overflow 2020-05-25 13:07:11 +02:00
Joost Rijneveld
feed976315
Unify keypair and seed_keypair 2020-05-25 13:04:02 +02:00
Bas Westerbaan
27f2f6eb45 Add test/vectors to generate intermediate test vectors
Helpful to test other implementations.

Used for instance for go-xmssmt.

Issue #5
2020-05-24 17:56:45 +02:00
David Cooper
3dabea248f Add NIST Special Publication 800-208 parameter sets
This commit adds support for the parameter sets in the draft version of NIST SP 800-208.
2020-05-18 08:16:02 -04:00
Joost Rijneveld
bb2d285814
Prevent overrunning stack for large benchmarks 2018-09-11 16:00:05 +02:00
Joost Rijneveld
9207b91272
Add benchmarking binary/target 2018-09-03 13:23:55 +09:00
Joost Rijneveld
c63291fb8e
Add test to check existence of parameter sets 2018-01-11 10:09:59 +01:00
Joost Rijneveld
f8023bbc2b
Update IANA numeric identifiers to match Draft v12 2018-01-10 23:22:32 +01:00
Joost Rijneveld
b78d0756d0
Make return code of test/xmss meaningful 2017-10-31 17:24:06 +01:00
Joost Rijneveld
a234427390
Explicitly parse XMSS_VARIANT to get OID for tests 2017-10-31 17:23:37 +01:00
Joost Rijneveld
c248911178
Optionally specify number of test sigs in Makefile
This is relevant because of the enormous difference in signing
speed between the regular and BDS-traversal-based xmss core.
2017-10-31 17:23:28 +01:00
Joost Rijneveld
1cba1e7be8
Make core_fast use the secret key for the state
This ensures that xmss_core and xmss_core_fast offer the same API.
Note that xmss_core_fast still needs a major refactor, and this
wrapper is not exactly very clean. There is a considerable chance
this refactor will change the format of the state in the secret key.
2017-10-31 17:21:29 +01:00
Joost Rijneveld
384b228c58
Support messages that exceed the stack size
Previous code allocated an array on the stack of mlen bytes, but
it should be possible to also sign heap-space messages. By relying
on the fact that sm and m fit the message + signature, we move
the message so that 4*n bytes of prefix can be added.
2017-10-31 17:21:27 +01:00
Joost Rijneveld
f5d53b252e
Fix failing verification test formatting 2017-10-30 16:36:08 +01:00
Joost Rijneveld
ac55d2ccf2
Make XMSSMT WOTS memory usage more accurate 2017-10-30 12:31:33 +01:00
Joost Rijneveld
5ce8fc402b
Clean up tests 2017-10-26 18:06:15 +02:00
Joost Rijneveld
3c802756aa
Separate UI and test files 2017-10-26 14:13:28 +02:00
Joost Rijneveld
7c6354f762
Rename parameters for readability and consistency 2017-10-24 17:51:56 +02:00
Joost Rijneveld
9ac634762f
Also fix underflow for XMSSMT
This is the same fix as 998137622a
2017-10-24 09:37:57 +02:00
Joost Rijneveld
c4d4e93bbd
Add test to check deterministic signatures
Wrote this to find what turned out to be an external error when
using the interfacing programs, but felt like it might as well be added.

Under the same key and message, the signature is expected to be identical.
However, as the index changes, this case will not happen in real use.
2017-10-23 14:52:33 +02:00
Joost Rijneveld
305bd614bb
Perform various reformatting / renaming 2017-10-23 14:10:39 +02:00
Joost Rijneveld
998137622a
Fix integer underflow when writing updated sk
This caused secret key files to become close to MAXINT bytes, as
the unsigned int that is the private key size would be subtracted
from MAXINT when its negative was used as offset.
2017-10-23 13:25:01 +02:00
Joost Rijneveld
8970c4933c
Document and simplify library usage 2017-10-23 13:03:44 +02:00
Joost Rijneveld
c803860cf8
Fix file IO ambiguity for UI scripts
The variable sm should contain the signature and the message,
not the message and the signature (i.e. the order is crucial).
2017-10-19 16:08:50 +02:00
Joost Rijneveld
b8eb8c44a1
Add UI test files to create sample signatures
This makes it easier to mix and match with other implementations
for compatibility testing.
2017-10-17 17:11:18 +02:00
Joost Rijneveld
6a8571d880
Revert to using runtime-only parameter struct
Using global defines for parameters (as seems to be typical in
academic crypto code) does not play nice with multithreading at all.
2017-10-16 12:09:07 +02:00
Joost Rijneveld
9d5884e120
Refactor for more consistent style and readability 2017-08-03 17:39:37 +02:00
Joost Rijneveld
9b35b00d98
Add wrapper that allows for runtime parameters 2017-08-01 16:18:09 +02:00
Joost Rijneveld
65ee8202d8
Refactor to prepare for runtime parameters 2017-08-01 16:18:09 +02:00
Joost Rijneveld
8befb0d550
Add SHAKE128 and SHAKE256
This also performs numerous consistency fixes
2017-06-02 17:29:14 +02:00
Joost Rijneveld
1e00c92c18
Refactor to use compile-time parameter sets
This starts a cleanup / refactor, but there is still some low-hanging fruit.
2017-06-02 14:10:24 +02:00
Joost Rijneveld
d4bc8656e3
Fix bug in addressing during fast xmssmt key gen 2017-05-31 16:43:12 +02:00
Andreas
9f512fa8dc v06 2016-09-22 16:31:41 +02:00
Andreas
2c290d39be upgraded to draft-06 2016-07-11 11:15:16 +02:00
Andreas
c37b9dcfca SWITCH from v01 to v03
Versions are incompatible due to different address formats and differing message compression!
2016-02-16 16:31:18 +01:00
Joost Rijneveld
1e503b665e Make codestyle more consistent, fix -Wextra warns 2016-02-02 14:11:23 +01:00
Joost Rijneveld
719cb467df Prevent allocating for a 'next' tree on top layer 2016-02-01 17:21:09 +01:00
Andreas
9d9b782ff9 added support for n = m = 64 2015-10-28 15:49:46 +01:00
Joost Rijneveld
c2807695e8 Make test_xmss_fast stack large enough for pkgen 2015-10-28 11:40:26 +01:00
Andreas
cb05927c24 corrected test cases 2015-10-28 11:08:36 +01:00
Joost Rijneveld
594d67aeb9 Use proper size limits for state structures 2015-10-05 21:59:50 +02:00
Joost Rijneveld
4c19fe61e4 Make XMSSMT also use BDS tree traversal 2015-09-21 13:24:42 +02:00
Joost Rijneveld
a075747462 Store BDS state in passable struct, not in globals 2015-08-27 09:39:06 +02:00