You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
David Cooper 3e28db2362 Improved key generation 4 年之前
test Prevent overrunning stack for large benchmarks 6 年之前
ui Fix OID parsing 6 年之前
.gitignore Clean up tests 7 年之前
.travis.yml Add TravisCI configuration 7 年之前
LICENSE Simplify licensing using LICENSE file 7 年之前
Makefile Add benchmarking binary/target 6 年之前
README.md Add note on deploying reference code 5 年之前
fips202.c Clean up includes 7 年之前
fips202.h Perform various reformatting / renaming 7 年之前
hash.c Improved key generation 4 年之前
hash.h Improved key generation 4 年之前
hash_address.c Make addr type switching not zero out remainder 7 年之前
hash_address.h Rename parameters for readability and consistency 7 年之前
params.c Separate definition of padding length 4 年之前
params.h Separate definition of padding length 4 年之前
randombytes.c Refactor for more consistent style and readability 7 年之前
randombytes.h Perform various reformatting / renaming 7 年之前
utils.c Move ull-byte-conversions to separate utils file 7 年之前
utils.h Move ull-byte-conversions to separate utils file 7 年之前
wots.c Improved key generation 4 年之前
wots.h Fix typo in WOTS comments: n-byte messages, not m 7 年之前
xmss.c Store OID in bigendian notation in pk and sk 6 年之前
xmss.h Perform various reformatting / renaming 7 年之前
xmss_commons.c Improved key generation 4 年之前
xmss_commons.h Improved key generation 4 年之前
xmss_core.c Improved key generation 4 年之前
xmss_core.h Allow more flexible parameter selection 6 年之前
xmss_core_fast.c Improved key generation 4 年之前

README.md

XMSS reference code Build Status

This repository contains the reference implementation that accompanies RFC 8391: “XMSS: eXtended Merkle Signature Scheme”.

This reference implementation supports all parameter sets as defined in the RFC at run-time (specified by prefixing the public and private keys with a 32-bit oid). Implementations that want to use compile-time parameter sets can remove the struct xmss_params function parameter, and globally replace the use of its attributes by compile-time constants.

Please note that this reference implementation is intended for cross-validation and experimenting. Deploying cryptographic code in practice requires careful consideration of the specific deployment scenario and relevant threat model. This holds perhaps doubly so for stateful signature schemes such as XMSS.

When using the current code base, please be careful, expect changes and watch this document for further documentation. In particular, xmss_core_fast.c is long due for a serious clean-up. While this will not change its public API or output, it may affect the storage format of the BDS state (i.e. part of the secret key).

Dependencies

For the SHA-2 hash functions (i.e. SHA-256 and SHA-512), we rely on OpenSSL. Make sure to install the OpenSSL development headers. On Debian-based systems, this is achieved by installing the OpenSSL development package libssl-dev.

License

This reference implementation was written by Andreas Hülsing and Joost Rijneveld. All included code is available under the CC0 1.0 Universal Public Domain Dedication.