998137622a
This caused secret key files to become close to MAXINT bytes, as the unsigned int that is the private key size would be subtracted from MAXINT when its negative was used as offset. |
||
---|---|---|
test | ||
.gitignore | ||
fips202.c | ||
fips202.h | ||
hash_address.c | ||
hash_address.h | ||
hash.c | ||
hash.h | ||
LICENSE | ||
Makefile | ||
params.c | ||
params.h | ||
randombytes.c | ||
randombytes.h | ||
README.md | ||
wots.c | ||
wots.h | ||
xmss_commons.c | ||
xmss_commons.h | ||
xmss_core_fast.c | ||
xmss_core_fast.h | ||
xmss_core.c | ||
xmss_core.h | ||
xmss.c | ||
xmss.h |
XMSS reference code
This repository contains the reference implementation that accompanies the Internet Draft "XMSS: Extended Hash-Based Signatures", draft-irtf-cfrg-xmss-hash-based-signatures
.
This reference implementation supports all parameter sets as defined in the Draft at run-time (specified by prefixing the public and private keys with a 32-bit oid
). Implementations that want to use compile-time parameter sets can remove the struct xmss_params
function parameter.
While the behavior of the code in this repository is supposed to be stable, the API is not yet fully complete. In particular, the wrapper for run-time parameters does not yet support the back-end functions that make use of BDS traversal (TODO). We will also add more extensive test functionality, making it easier to compare to other XMSS implementations (TODO).
When using the current code base, please be careful, expect changes and watch this document for further documentation.
Dependencies
For the SHA-2 hash functions (i.e. SHA-256 and SHA-512), we rely on OpenSSL. Make sure to install the OpenSSL development headers. On Debian-based systems, this is achieved by installing the OpenSSL development package libssl-dev
.
License
This reference implementation was written by Andreas Hülsing and Joost Rijneveld. All included code is available under the CC0 1.0 Universal Public Domain Dedication.