Henry Case
e293d105cf
Fix memory corruption
5 månader sedan
Kris Kwiatkowski
db1d6a1eda
add parameter name to the vectors
5 månader sedan
Kris Kwiatkowski
c5e4f43d04
[acvp-kat] Adds OID to keys and signature
5 månader sedan
Kris Kwiatkowski
b231090079
[xmss] Create ACVP tests
5 månader sedan
Henry Case
f6f2e7c444
Init
5 månader sedan
Andreas
171ccbd26f
fixed two minor points in handling the maximum signature value
3 år sedan
Andreas
f56dc0e8a7
Ensure that sign deletes key after 2^h signatures and returns -2
3 år sedan
Joost Rijneveld
9384cc066a
Clean up compiler warnings/int overflow
4 år sedan
Joost Rijneveld
feed976315
Unify keypair and seed_keypair
4 år sedan
Bas Westerbaan
27f2f6eb45
Add test/vectors to generate intermediate test vectors
Helpful to test other implementations.
Used for instance for go-xmssmt.
Issue #5
4 år sedan
David Cooper
3dabea248f
Add NIST Special Publication 800-208 parameter sets
This commit adds support for the parameter sets in the draft version of NIST SP 800-208.
4 år sedan
Joost Rijneveld
bb2d285814
Prevent overrunning stack for large benchmarks
6 år sedan
Joost Rijneveld
9207b91272
Add benchmarking binary/target
6 år sedan
Joost Rijneveld
c63291fb8e
Add test to check existence of parameter sets
6 år sedan
Joost Rijneveld
f8023bbc2b
Update IANA numeric identifiers to match Draft v12
6 år sedan
Joost Rijneveld
b78d0756d0
Make return code of test/xmss meaningful
7 år sedan
Joost Rijneveld
a234427390
Explicitly parse XMSS_VARIANT to get OID for tests
7 år sedan
Joost Rijneveld
c248911178
Optionally specify number of test sigs in Makefile
This is relevant because of the enormous difference in signing
speed between the regular and BDS-traversal-based xmss core.
7 år sedan
Joost Rijneveld
1cba1e7be8
Make core_fast use the secret key for the state
This ensures that xmss_core and xmss_core_fast offer the same API.
Note that xmss_core_fast still needs a major refactor, and this
wrapper is not exactly very clean. There is a considerable chance
this refactor will change the format of the state in the secret key.
7 år sedan
Joost Rijneveld
384b228c58
Support messages that exceed the stack size
Previous code allocated an array on the stack of mlen bytes, but
it should be possible to also sign heap-space messages. By relying
on the fact that sm and m fit the message + signature, we move
the message so that 4*n bytes of prefix can be added.
7 år sedan
Joost Rijneveld
f5d53b252e
Fix failing verification test formatting
7 år sedan
Joost Rijneveld
ac55d2ccf2
Make XMSSMT WOTS memory usage more accurate
7 år sedan
Joost Rijneveld
5ce8fc402b
Clean up tests
7 år sedan
Joost Rijneveld
3c802756aa
Separate UI and test files
7 år sedan
Joost Rijneveld
7c6354f762
Rename parameters for readability and consistency
7 år sedan
Joost Rijneveld
9ac634762f
Also fix underflow for XMSSMT
This is the same fix as 998137622a
7 år sedan
Joost Rijneveld
c4d4e93bbd
Add test to check deterministic signatures
Wrote this to find what turned out to be an external error when
using the interfacing programs, but felt like it might as well be added.
Under the same key and message, the signature is expected to be identical.
However, as the index changes, this case will not happen in real use.
7 år sedan
Joost Rijneveld
305bd614bb
Perform various reformatting / renaming
7 år sedan
Joost Rijneveld
998137622a
Fix integer underflow when writing updated sk
This caused secret key files to become close to MAXINT bytes, as
the unsigned int that is the private key size would be subtracted
from MAXINT when its negative was used as offset.
7 år sedan
Joost Rijneveld
8970c4933c
Document and simplify library usage
7 år sedan
Joost Rijneveld
c803860cf8
Fix file IO ambiguity for UI scripts
The variable sm should contain the signature and the message,
not the message and the signature (i.e. the order is crucial).
7 år sedan
Joost Rijneveld
b8eb8c44a1
Add UI test files to create sample signatures
This makes it easier to mix and match with other implementations
for compatibility testing.
7 år sedan
Joost Rijneveld
6a8571d880
Revert to using runtime-only parameter struct
Using global defines for parameters (as seems to be typical in
academic crypto code) does not play nice with multithreading at all.
7 år sedan
Joost Rijneveld
9d5884e120
Refactor for more consistent style and readability
7 år sedan
Joost Rijneveld
9b35b00d98
Add wrapper that allows for runtime parameters
7 år sedan
Joost Rijneveld
65ee8202d8
Refactor to prepare for runtime parameters
7 år sedan
Joost Rijneveld
3c0f6668ef
Add parameter for hash alg family, support SHAKE
7 år sedan
Andreas
dd067bd23e
some old changes
7 år sedan
Joost Rijneveld
8befb0d550
Add SHAKE128 and SHAKE256
This also performs numerous consistency fixes
7 år sedan
Joost Rijneveld
1e00c92c18
Refactor to use compile-time parameter sets
This starts a cleanup / refactor, but there is still some low-hanging fruit.
7 år sedan
Joost Rijneveld
d4bc8656e3
Fix bug in addressing during fast xmssmt key gen
7 år sedan
Andreas
9f512fa8dc
v06
8 år sedan
Andreas
2c290d39be
upgraded to draft-06
8 år sedan
Andreas
c37b9dcfca
SWITCH from v01 to v03
Versions are incompatible due to different address formats and differing message compression!
8 år sedan
Joost Rijneveld
1e503b665e
Make codestyle more consistent, fix -Wextra warns
8 år sedan
Joost Rijneveld
719cb467df
Prevent allocating for a 'next' tree on top layer
8 år sedan
Andreas
9d9b782ff9
added support for n = m = 64
9 år sedan
Joost Rijneveld
c2807695e8
Make test_xmss_fast stack large enough for pkgen
9 år sedan
Andreas
cb05927c24
corrected test cases
9 år sedan
Joost Rijneveld
594d67aeb9
Use proper size limits for state structures
9 år sedan