59d304027c
This allows different backends to store additional state information in the secret key while the rest of the codebase remains agnostic. In particular, this prepares for a common xmss_core.h API for both the standard and the BDS-traversal-based implementations.
105 lines
3.7 KiB
C
105 lines
3.7 KiB
C
#ifndef XMSS_CORE_H
|
|
#define XMSS_CORE_H
|
|
|
|
#include "params.h"
|
|
|
|
typedef struct{
|
|
unsigned int h;
|
|
unsigned int next_idx;
|
|
unsigned int stackusage;
|
|
unsigned char completed;
|
|
unsigned char *node;
|
|
} treehash_inst;
|
|
|
|
typedef struct {
|
|
unsigned char *stack;
|
|
unsigned int stackoffset;
|
|
unsigned char *stacklevels;
|
|
unsigned char *auth;
|
|
unsigned char *keep;
|
|
treehash_inst *treehash;
|
|
unsigned char *retain;
|
|
unsigned int next_leaf;
|
|
} bds_state;
|
|
|
|
/**
|
|
* Initialize BDS state struct
|
|
* parameter names are the same as used in the description of the BDS traversal
|
|
*/
|
|
void xmss_set_bds_state(bds_state *state, unsigned char *stack,
|
|
int stackoffset, unsigned char *stacklevels,
|
|
unsigned char *auth, unsigned char *keep,
|
|
treehash_inst *treehash, unsigned char *retain,
|
|
int next_leaf);
|
|
|
|
/**
|
|
* Given a set of parameters, this function returns the size of the secret key.
|
|
* This is implementation specific, as varying choices in tree traversal will
|
|
* result in varying requirements for state storage.
|
|
*/
|
|
unsigned long long xmss_core_sk_bytes(const xmss_params *params);
|
|
|
|
/**
|
|
* Generates a XMSS key pair for a given parameter set.
|
|
* Format sk: [(32bit) idx || SK_SEED || SK_PRF || PUB_SEED || root]
|
|
* Format pk: [root || PUB_SEED] omitting algo oid.
|
|
*/
|
|
int xmss_core_keypair(const xmss_params *params,
|
|
unsigned char *pk, unsigned char *sk, bds_state *state);
|
|
/**
|
|
* Signs a message.
|
|
* Returns
|
|
* 1. an array containing the signature followed by the message AND
|
|
* 2. an updated secret key!
|
|
*/
|
|
int xmss_core_sign(const xmss_params *params,
|
|
unsigned char *sk, bds_state *state,
|
|
unsigned char *sm, unsigned long long *smlen,
|
|
const unsigned char *m, unsigned long long mlen);
|
|
/**
|
|
* Verifies a given message signature pair under a given public key.
|
|
*
|
|
* Note: msg and mlen are pure outputs which carry the message in case verification succeeds. The (input) message is assumed to be within sm which has the form (sig||msg).
|
|
*/
|
|
int xmss_core_sign_open(const xmss_params *params,
|
|
unsigned char *m, unsigned long long *mlen,
|
|
const unsigned char *sm, unsigned long long smlen,
|
|
const unsigned char *pk);
|
|
|
|
/**
|
|
* Given a set of parameters, this function returns the size of the secret key.
|
|
* This is implementation specific, as varying choices in tree traversal will
|
|
* result in varying requirements for state storage.
|
|
*/
|
|
unsigned long long xmssmt_core_sk_bytes(const xmss_params *params);
|
|
|
|
/*
|
|
* Generates a XMSSMT key pair for a given parameter set.
|
|
* Format sk: [(ceil(h/8) bit) idx || SK_SEED || SK_PRF || PUB_SEED || root]
|
|
* Format pk: [root || PUB_SEED] omitting algo oid.
|
|
*/
|
|
int xmssmt_core_keypair(const xmss_params *params,
|
|
unsigned char *pk, unsigned char *sk,
|
|
bds_state *states, unsigned char *wots_sigs);
|
|
|
|
/**
|
|
* Signs a message.
|
|
* Returns
|
|
* 1. an array containing the signature followed by the message AND
|
|
* 2. an updated secret key!
|
|
*/
|
|
int xmssmt_core_sign(const xmss_params *params,
|
|
unsigned char *sk,
|
|
bds_state *states, unsigned char *wots_sigs,
|
|
unsigned char *sm, unsigned long long *smlen,
|
|
const unsigned char *m, unsigned long long mlen);
|
|
|
|
/**
|
|
* Verifies a given message signature pair under a given public key.
|
|
*/
|
|
int xmssmt_core_sign_open(const xmss_params *params,
|
|
unsigned char *m, unsigned long long *mlen,
|
|
const unsigned char *sm, unsigned long long smlen,
|
|
const unsigned char *pk);
|
|
#endif
|