root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Address style check nits for SLH-DSA 

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25882)
This commit is contained in:
slontis 2024-11-13 10:59:10 +11:00 committed by Tomas Mraz
parent 148f4d23e1
commit db5846a7e0
13 changed files with 175 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
crypto/slh_dsa/slh_adrs.c
View File

@ -12,15 +12,15 @@
/* See FIPS 205 - Section 4.3 Table 1 Uncompressed Addresses */ /* See FIPS 205 - Section 4.3 Table 1 Uncompressed Addresses */
#define SLH_ADRS_OFF_LAYER_ADR 0 #define SLH_ADRS_OFF_LAYER_ADR 0
#define SLH_ADRS_OFF_TREE_ADR 4 #define SLH_ADRS_OFF_TREE_ADR 4
#define SLH_ADRS_OFF_TYPE 16 #define SLH_ADRS_OFF_TYPE 16
#define SLH_ADRS_OFF_KEYPAIR_ADDR 20 #define SLH_ADRS_OFF_KEYPAIR_ADDR 20
#define SLH_ADRS_OFF_CHAIN_ADDR 24 #define SLH_ADRS_OFF_CHAIN_ADDR 24
#define SLH_ADRS_OFF_HASH_ADDR 28 #define SLH_ADRS_OFF_HASH_ADDR 28
#define SLH_ADRS_OFF_TREE_INDEX SLH_ADRS_OFF_HASH_ADDR #define SLH_ADRS_OFF_TREE_INDEX SLH_ADRS_OFF_HASH_ADDR
#define SLH_ADRS_SIZE_TYPE 4 #define SLH_ADRS_SIZE_TYPE 4
/* Number of bytes after type to clear */ /* Number of bytes after type to clear */
#define SLH_ADRS_SIZE_TYPECLEAR SLH_ADRS_SIZE - (SLH_ADRS_OFF_TYPE + SLH_ADRS_SIZE_TYPE) #define SLH_ADRS_SIZE_TYPECLEAR SLH_ADRS_SIZE - (SLH_ADRS_OFF_TYPE + SLH_ADRS_SIZE_TYPE)
#define SLH_ADRS_SIZE_KEYPAIR_ADDR 4 #define SLH_ADRS_SIZE_KEYPAIR_ADDR 4
/* See FIPS 205 - Section 11.2 Table 3 Compressed Addresses */ /* See FIPS 205 - Section 11.2 Table 3 Compressed Addresses */
#define SLH_ADRSC_OFF_LAYER_ADR 0 #define SLH_ADRSC_OFF_LAYER_ADR 0

7
crypto/slh_dsa/slh_dsa.c
View File

@ -46,9 +46,6 @@ static int slh_sign_internal(SLH_DSA_CTX *ctx, const SLH_DSA_KEY *priv,
int ret = 0; int ret = 0;
const SLH_DSA_PARAMS *params = ctx->params; const SLH_DSA_PARAMS *params = ctx->params;
size_t sig_len_expected = params->sig_len; size_t sig_len_expected = params->sig_len;
SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx);
SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
SLH_ADRS_DECLARE(adrs);
uint8_t m_digest[SLH_MAX_M]; uint8_t m_digest[SLH_MAX_M];
const uint8_t *md; /* The first md_len bytes of m_digest */ const uint8_t *md; /* The first md_len bytes of m_digest */
size_t md_len = MD_LEN(params); /* The size of the digest |md| */ size_t md_len = MD_LEN(params); /* The size of the digest |md| */
@ -61,6 +58,10 @@ static int slh_sign_internal(SLH_DSA_CTX *ctx, const SLH_DSA_KEY *priv,
uint64_t tree_id; uint64_t tree_id;
uint32_t leaf_id; uint32_t leaf_id;
SLH_ADRS_DECLARE(adrs);
SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx);
SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
if (sig_len != NULL) if (sig_len != NULL)
*sig_len = sig_len_expected; *sig_len = sig_len_expected;

4
crypto/slh_dsa/slh_dsa_local.h
View File

@ -50,8 +50,8 @@ __owur int ossl_slh_wots_pk_gen(SLH_DSA_CTX *ctx, const uint8_t *sk_seed,
const uint8_t *pk_seed, SLH_ADRS adrs, const uint8_t *pk_seed, SLH_ADRS adrs,
uint8_t *pk_out, size_t pk_out_len); uint8_t *pk_out, size_t pk_out_len);
__owur int ossl_slh_wots_sign(SLH_DSA_CTX *ctx, const uint8_t *msg, __owur int ossl_slh_wots_sign(SLH_DSA_CTX *ctx, const uint8_t *msg,
const uint8_t *sk_seed, const uint8_t *pk_seed, const uint8_t *sk_seed, const uint8_t *pk_seed,
SLH_ADRS adrs, WPACKET *sig_wpkt); SLH_ADRS adrs, WPACKET *sig_wpkt);
__owur int ossl_slh_wots_pk_from_sig(SLH_DSA_CTX *ctx, __owur int ossl_slh_wots_pk_from_sig(SLH_DSA_CTX *ctx,
PACKET *sig_rpkt, const uint8_t *msg, PACKET *sig_rpkt, const uint8_t *msg,
const uint8_t *pk_seed, SLH_ADRS adrs, const uint8_t *pk_seed, SLH_ADRS adrs,

20
crypto/slh_dsa/slh_fors.c
View File

@ -79,10 +79,11 @@ static int slh_fors_node(SLH_DSA_CTX *ctx, const uint8_t *sk_seed,
uint32_t height, uint8_t *node, size_t node_len) uint32_t height, uint8_t *node, size_t node_len)
{ {
int ret = 0; int ret = 0;
SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
uint8_t sk[SLH_MAX_N], lnode[SLH_MAX_N], rnode[SLH_MAX_N]; uint8_t sk[SLH_MAX_N], lnode[SLH_MAX_N], rnode[SLH_MAX_N];
uint32_t n = ctx->params->n; uint32_t n = ctx->params->n;
SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
if (height == 0) { if (height == 0) {
/* Gets here for leaf nodes */ /* Gets here for leaf nodes */
if (!slh_fors_sk_gen(ctx, sk_seed, pk_seed, adrs, node_id, if (!slh_fors_sk_gen(ctx, sk_seed, pk_seed, adrs, node_id,
@ -179,7 +180,7 @@ int ossl_slh_fors_sign(SLH_DSA_CTX *ctx, const uint8_t *md,
if (!slh_fors_node(ctx, sk_seed, pk_seed, adrs, if (!slh_fors_node(ctx, sk_seed, pk_seed, adrs,
s + tree_offset, layer, out, sizeof(out))) s + tree_offset, layer, out, sizeof(out)))
return 0; return 0;
node_id >>= 1;/* Get the parent node id */ node_id >>= 1; /* Get the parent node id */
tree_offset >>= 1; /* Each layer up has half as many nodes */ tree_offset >>= 1; /* Each layer up has half as many nodes */
WPACKET_memcpy(sig_wpkt, out, n); WPACKET_memcpy(sig_wpkt, out, n);
} }
@ -211,13 +212,6 @@ int ossl_slh_fors_pk_from_sig(SLH_DSA_CTX *ctx, PACKET *fors_sig_rpkt,
SLH_ADRS adrs, uint8_t *pk_out, size_t pk_out_len) SLH_ADRS adrs, uint8_t *pk_out, size_t pk_out_len)
{ {
int ret = 0; int ret = 0;
SLH_ADRS_DECLARE(pk_adrs);
SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
SLH_ADRS_FN_DECLARE(adrsf, set_tree_index);
SLH_ADRS_FN_DECLARE(adrsf, set_tree_height);
SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx);
SLH_HASH_FN_DECLARE(hashf, F);
SLH_HASH_FN_DECLARE(hashf, H);
uint32_t i, j, aoff = 0; uint32_t i, j, aoff = 0;
uint32_t ids[SLH_MAX_K]; uint32_t ids[SLH_MAX_K];
const SLH_DSA_PARAMS *params = ctx->params; const SLH_DSA_PARAMS *params = ctx->params;
@ -231,6 +225,14 @@ int ossl_slh_fors_pk_from_sig(SLH_DSA_CTX *ctx, PACKET *fors_sig_rpkt,
uint8_t *node0, *node1; /* Pointers into roots[] */ uint8_t *node0, *node1; /* Pointers into roots[] */
WPACKET root_pkt, *wroot_pkt = &root_pkt; /* Points to |roots| buffer */ WPACKET root_pkt, *wroot_pkt = &root_pkt; /* Points to |roots| buffer */
SLH_ADRS_DECLARE(pk_adrs);
SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
SLH_ADRS_FN_DECLARE(adrsf, set_tree_index);
SLH_ADRS_FN_DECLARE(adrsf, set_tree_height);
SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx);
SLH_HASH_FN_DECLARE(hashf, F);
SLH_HASH_FN_DECLARE(hashf, H);
if (!WPACKET_init_static_len(wroot_pkt, roots, sizeof(roots), 0)) if (!WPACKET_init_static_len(wroot_pkt, roots, sizeof(roots), 0))
return 0; return 0;

36
crypto/slh_dsa/slh_hash.c
View File

@ -129,31 +129,31 @@ void ossl_slh_hash_ctx_cleanup(SLH_HASH_CTX *ctx)
} }
static ossl_inline int xof_digest_3(EVP_MD_CTX *ctx, static ossl_inline int xof_digest_3(EVP_MD_CTX *ctx,
const uint8_t *in1, size_t in1_len, const uint8_t *in1, size_t in1_len,
const uint8_t *in2, size_t in2_len, const uint8_t *in2, size_t in2_len,
const uint8_t *in3, size_t in3_len, const uint8_t *in3, size_t in3_len,
uint8_t *out, size_t out_len) uint8_t *out, size_t out_len)
{ {
return (EVP_DigestInit_ex2(ctx, NULL, NULL) == 1 return (EVP_DigestInit_ex2(ctx, NULL, NULL) == 1
&& EVP_DigestUpdate(ctx, in1, in1_len) == 1 && EVP_DigestUpdate(ctx, in1, in1_len) == 1
&& EVP_DigestUpdate(ctx, in2, in2_len) == 1 && EVP_DigestUpdate(ctx, in2, in2_len) == 1
&& EVP_DigestUpdate(ctx, in3, in3_len) == 1 && EVP_DigestUpdate(ctx, in3, in3_len) == 1
&& EVP_DigestFinalXOF(ctx, out, out_len) == 1); && EVP_DigestFinalXOF(ctx, out, out_len) == 1);
} }
static ossl_inline int xof_digest_4(EVP_MD_CTX *ctx, static ossl_inline int xof_digest_4(EVP_MD_CTX *ctx,
const uint8_t *in1, size_t in1_len, const uint8_t *in1, size_t in1_len,
const uint8_t *in2, size_t in2_len, const uint8_t *in2, size_t in2_len,
const uint8_t *in3, size_t in3_len, const uint8_t *in3, size_t in3_len,
const uint8_t *in4, size_t in4_len, const uint8_t *in4, size_t in4_len,
uint8_t *out, size_t out_len) uint8_t *out, size_t out_len)
{ {
return (EVP_DigestInit_ex2(ctx, NULL, NULL) == 1 return (EVP_DigestInit_ex2(ctx, NULL, NULL) == 1
&& EVP_DigestUpdate(ctx, in1, in1_len) == 1 && EVP_DigestUpdate(ctx, in1, in1_len) == 1
&& EVP_DigestUpdate(ctx, in2, in2_len) == 1 && EVP_DigestUpdate(ctx, in2, in2_len) == 1
&& EVP_DigestUpdate(ctx, in3, in3_len) == 1 && EVP_DigestUpdate(ctx, in3, in3_len) == 1
&& EVP_DigestUpdate(ctx, in4, in4_len) == 1 && EVP_DigestUpdate(ctx, in4, in4_len) == 1
&& EVP_DigestFinalXOF(ctx, out, out_len) == 1); && EVP_DigestFinalXOF(ctx, out, out_len) == 1);
} }
/* See FIPS 205 Section 11.1 */ /* See FIPS 205 Section 11.1 */

28
crypto/slh_dsa/slh_hash.h
View File

@ -40,27 +40,33 @@ typedef struct slh_hash_ctx_st {
* @params out is |m| bytes which ranges from (30..49) bytes * @params out is |m| bytes which ranges from (30..49) bytes
*/ */
typedef int (OSSL_SLH_HASHFUNC_H_MSG)(SLH_HASH_CTX *ctx, const uint8_t *r, typedef int (OSSL_SLH_HASHFUNC_H_MSG)(SLH_HASH_CTX *ctx, const uint8_t *r,
const uint8_t *pk_seed, const uint8_t *pk_root, const uint8_t *pk_seed, const uint8_t *pk_root,
const uint8_t *msg, size_t msg_len, uint8_t *out, size_t out_len); const uint8_t *msg, size_t msg_len,
uint8_t *out, size_t out_len);
typedef int (OSSL_SLH_HASHFUNC_PRF)(SLH_HASH_CTX *ctx, const uint8_t *pk_seed, typedef int (OSSL_SLH_HASHFUNC_PRF)(SLH_HASH_CTX *ctx, const uint8_t *pk_seed,
const uint8_t *sk_seed, const SLH_ADRS adrs, const uint8_t *sk_seed, const SLH_ADRS adrs,
uint8_t *out, size_t out_len); uint8_t *out, size_t out_len);
typedef int (OSSL_SLH_HASHFUNC_PRF_MSG)(SLH_HASH_CTX *ctx, const uint8_t *sk_prf, typedef int (OSSL_SLH_HASHFUNC_PRF_MSG)(SLH_HASH_CTX *ctx, const uint8_t *sk_prf,
const uint8_t *opt_rand, const uint8_t *msg, size_t msg_len, WPACKET *pkt); const uint8_t *opt_rand,
const uint8_t *msg, size_t msg_len,
WPACKET *pkt);
typedef int (OSSL_SLH_HASHFUNC_F)(SLH_HASH_CTX *ctx, const uint8_t *pk_seed, typedef int (OSSL_SLH_HASHFUNC_F)(SLH_HASH_CTX *ctx, const uint8_t *pk_seed,
const SLH_ADRS adrs, const uint8_t *m1, size_t m1_len, const SLH_ADRS adrs,
uint8_t *out, size_t out_len); const uint8_t *m1, size_t m1_len,
uint8_t *out, size_t out_len);
typedef int (OSSL_SLH_HASHFUNC_H)(SLH_HASH_CTX *ctx, const uint8_t *pk_seed, typedef int (OSSL_SLH_HASHFUNC_H)(SLH_HASH_CTX *ctx, const uint8_t *pk_seed,
const SLH_ADRS adrs, const uint8_t *m1, const uint8_t *m2, const SLH_ADRS adrs,
uint8_t *out, size_t out_len); const uint8_t *m1, const uint8_t *m2,
uint8_t *out, size_t out_len);
typedef int (OSSL_SLH_HASHFUNC_T)(SLH_HASH_CTX *ctx, const uint8_t *pk_seed, typedef int (OSSL_SLH_HASHFUNC_T)(SLH_HASH_CTX *ctx, const uint8_t *pk_seed,
const SLH_ADRS adrs, const uint8_t *m1, size_t m1_len, const SLH_ADRS adrs,
uint8_t *out, size_t out_len); const uint8_t *m1, size_t m1_len,
uint8_t *out, size_t out_len);
typedef struct slh_hash_func_st { typedef struct slh_hash_func_st {
OSSL_SLH_HASHFUNC_H_MSG *H_MSG; OSSL_SLH_HASHFUNC_H_MSG *H_MSG;

4
crypto/slh_dsa/slh_hypertree.c
View File

@ -22,7 +22,7 @@
* @param sk_seed The private key seed of size |n| * @param sk_seed The private key seed of size |n|
* @param pk_seed The public key seed of size |n| * @param pk_seed The public key seed of size |n|
* @param tree_id Index of the XMSS tree that will sign the message * @param tree_id Index of the XMSS tree that will sign the message
* @param leaf_id Index of the WOTS+ key within the XMSS tree that will signed the message * @param leaf_id Index of the WOTS+ key within the XMSS tree that will sign the message
* @param sig_wpkt A WPACKET object to write the Hypertree Signature to. * @param sig_wpkt A WPACKET object to write the Hypertree Signature to.
* @returns 1 on success, or 0 on error. * @returns 1 on success, or 0 on error.
*/ */
@ -54,7 +54,7 @@ int ossl_slh_ht_sign(SLH_DSA_CTX *ctx,
if (!ossl_slh_xmss_sign(ctx, root, sk_seed, leaf_id, pk_seed, adrs, if (!ossl_slh_xmss_sign(ctx, root, sk_seed, leaf_id, pk_seed, adrs,
sig_wpkt)) sig_wpkt))
return 0; return 0;
if (!PACKET_buf_init(xmss_sig_rpkt, psig, WPACKET_get_curr(sig_wpkt) - psig)) if (!PACKET_buf_init(xmss_sig_rpkt, psig, WPACKET_get_curr(sig_wpkt) - psig))
return 0; return 0;
if (layer < d - 1) { if (layer < d - 1) {
if (!ossl_slh_xmss_pk_from_sig(ctx, leaf_id, xmss_sig_rpkt, root, if (!ossl_slh_xmss_pk_from_sig(ctx, leaf_id, xmss_sig_rpkt, root,

64
crypto/slh_dsa/slh_wots.c
View File

@ -13,14 +13,14 @@
#include "slh_dsa_local.h" #include "slh_dsa_local.h"
/* For the parameter sets defined there is only one w value */ /* For the parameter sets defined there is only one w value */
#define SLH_WOTS_LOGW 4 #define SLH_WOTS_LOGW 4
#define SLH_WOTS_W 16 #define SLH_WOTS_W 16
#define SLH_WOTS_LEN1(n) (2 * (n)) #define SLH_WOTS_LEN1(n) (2 * (n))
#define SLH_WOTS_LEN2 3 #define SLH_WOTS_LEN2 3
#define SLH_WOTS_CHECKSUM_LEN ((SLH_WOTS_LEN2 + SLH_WOTS_LOGW + 7) / 8) #define SLH_WOTS_CHECKSUM_LEN ((SLH_WOTS_LEN2 + SLH_WOTS_LOGW + 7) / 8)
#define SLH_WOTS_LEN_MAX SLH_WOTS_LEN(SLH_MAX_N) #define SLH_WOTS_LEN_MAX SLH_WOTS_LEN(SLH_MAX_N)
#define NIBBLE_MASK 15 #define NIBBLE_MASK 15
#define NIBBLE_SHIFT 4 #define NIBBLE_SHIFT 4
/* /*
* @brief Convert a byte array to a byte array of (4 bit) nibbles * @brief Convert a byte array to a byte array of (4 bit) nibbles
@ -142,18 +142,19 @@ int ossl_slh_wots_pk_gen(SLH_DSA_CTX *ctx,
SLH_ADRS adrs, uint8_t *pk_out, size_t pk_out_len) SLH_ADRS adrs, uint8_t *pk_out, size_t pk_out_len)
{ {
int ret = 0; int ret = 0;
size_t n = ctx->params->n;
size_t i, len = SLH_WOTS_LEN(n); /* 2 * n + 3 */
uint8_t sk[SLH_MAX_N];
uint8_t tmp[SLH_WOTS_LEN_MAX * SLH_MAX_N];
WPACKET pkt, *tmp_wpkt = &pkt; /* Points to the |tmp| buffer */
size_t tmp_len = 0;
SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx); SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx);
SLH_ADRS_FUNC_DECLARE(ctx, adrsf); SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
SLH_HASH_FN_DECLARE(hashf, PRF); SLH_HASH_FN_DECLARE(hashf, PRF);
SLH_ADRS_FN_DECLARE(adrsf, set_chain_address); SLH_ADRS_FN_DECLARE(adrsf, set_chain_address);
SLH_ADRS_DECLARE(sk_adrs); SLH_ADRS_DECLARE(sk_adrs);
SLH_ADRS_DECLARE(wots_pk_adrs); SLH_ADRS_DECLARE(wots_pk_adrs);
size_t n = ctx->params->n;
size_t i, len = SLH_WOTS_LEN(n); /*2 * n + 3 */
uint8_t sk[SLH_MAX_N];
uint8_t tmp[SLH_WOTS_LEN_MAX * SLH_MAX_N];
WPACKET pkt, *tmp_wpkt = &pkt; /* Points to the |tmp| buffer */
size_t tmp_len = 0;
if (!WPACKET_init_static_len(tmp_wpkt, tmp, sizeof(tmp), 0)) if (!WPACKET_init_static_len(tmp_wpkt, tmp, sizeof(tmp), 0))
return 0; return 0;
@ -206,18 +207,18 @@ int ossl_slh_wots_sign(SLH_DSA_CTX *ctx, const uint8_t *msg,
SLH_ADRS adrs, WPACKET *sig_wpkt) SLH_ADRS adrs, WPACKET *sig_wpkt)
{ {
int ret = 0; int ret = 0;
uint8_t msg_and_csum_nibbles[SLH_WOTS_LEN_MAX]; /* size is >= 2 * n + 3 */
uint8_t sk[SLH_MAX_N];
size_t i;
size_t n = ctx->params->n;
size_t len1 = SLH_WOTS_LEN1(n); /* 2 * n = the msg length in nibbles */
size_t len = len1 + SLH_WOTS_LEN2; /* 2 * n + 3 (3 checksum nibbles) */
SLH_ADRS_DECLARE(sk_adrs);
SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx); SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx);
SLH_ADRS_FUNC_DECLARE(ctx, adrsf); SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
SLH_HASH_FN_DECLARE(hashf, PRF); SLH_HASH_FN_DECLARE(hashf, PRF);
SLH_ADRS_FN_DECLARE(adrsf, set_chain_address); SLH_ADRS_FN_DECLARE(adrsf, set_chain_address);
SLH_ADRS_DECLARE(sk_adrs);
uint8_t msg_and_csum_nibbles[SLH_WOTS_LEN_MAX]; /* size is >= 2 * n + 3 */
uint8_t sk[SLH_MAX_N];
size_t i, len1, len;
size_t n = ctx->params->n;
len1 = SLH_WOTS_LEN1(n); /* 2 * n is for the message length in nibbles */
len = len1 + SLH_WOTS_LEN2; /* 2 * n + 3 (3 checksum nibbles) */
/* /*
* Convert n message bytes to 2*n base w=16 integers * Convert n message bytes to 2*n base w=16 integers
@ -269,19 +270,20 @@ int ossl_slh_wots_pk_from_sig(SLH_DSA_CTX *ctx,
uint8_t *pk_out, size_t pk_out_len) uint8_t *pk_out, size_t pk_out_len)
{ {
int ret = 0; int ret = 0;
SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx);
SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
SLH_ADRS_FN_DECLARE(adrsf, set_chain_address);
SLH_ADRS_DECLARE(wots_pk_adrs);
uint8_t msg_and_csum_nibbles[SLH_WOTS_LEN_MAX]; uint8_t msg_and_csum_nibbles[SLH_WOTS_LEN_MAX];
size_t i, len1, len, n = ctx->params->n; size_t i;
const uint8_t *sig_i; /* Pointer into |pkt_sig| buffer */ size_t n = ctx->params->n;
size_t len1 = SLH_WOTS_LEN1(n);
size_t len = len1 + SLH_WOTS_LEN2; /* 2n + 3 */
const uint8_t *sig_i; /* Pointer into |sig_rpkt| buffer */
uint8_t tmp[SLH_WOTS_LEN_MAX * SLH_MAX_N]; uint8_t tmp[SLH_WOTS_LEN_MAX * SLH_MAX_N];
WPACKET pkt, *tmp_pkt = &pkt; WPACKET pkt, *tmp_pkt = &pkt;
size_t tmp_len = 0; size_t tmp_len = 0;
len1 = SLH_WOTS_LEN1(n); SLH_HASH_FUNC_DECLARE(ctx, hashf, hctx);
len = len1 + SLH_WOTS_LEN2; /* 2n + 3 */ SLH_ADRS_FUNC_DECLARE(ctx, adrsf);
SLH_ADRS_FN_DECLARE(adrsf, set_chain_address);
SLH_ADRS_DECLARE(wots_pk_adrs);
if (!WPACKET_init_static_len(tmp_pkt, tmp, sizeof(tmp), 0)) if (!WPACKET_init_static_len(tmp_pkt, tmp, sizeof(tmp), 0))
return 0; return 0;
@ -305,7 +307,7 @@ int ossl_slh_wots_pk_from_sig(SLH_DSA_CTX *ctx,
if (!WPACKET_get_total_written(tmp_pkt, &tmp_len)) if (!WPACKET_get_total_written(tmp_pkt, &tmp_len))
goto err; goto err;
ret = hashf->T(hctx, pk_seed, wots_pk_adrs, tmp, tmp_len, ret = hashf->T(hctx, pk_seed, wots_pk_adrs, tmp, tmp_len,
pk_out, pk_out_len); pk_out, pk_out_len);
err: err:
if (!WPACKET_finish(tmp_pkt)) if (!WPACKET_finish(tmp_pkt))
ret = 0; ret = 0;

6
crypto/slh_dsa/slh_xmss.c
View File

@ -33,9 +33,9 @@
* @returns 1 on success, or 0 on error. * @returns 1 on success, or 0 on error.
*/ */
int ossl_slh_xmss_node(SLH_DSA_CTX *ctx, const uint8_t *sk_seed, int ossl_slh_xmss_node(SLH_DSA_CTX *ctx, const uint8_t *sk_seed,
uint32_t node_id, uint32_t h, uint32_t node_id, uint32_t h,
const uint8_t *pk_seed, SLH_ADRS adrs, const uint8_t *pk_seed, SLH_ADRS adrs,
uint8_t *pk_out, size_t pk_out_len) uint8_t *pk_out, size_t pk_out_len)
{ {
SLH_ADRS_FUNC_DECLARE(ctx, adrsf); SLH_ADRS_FUNC_DECLARE(ctx, adrsf);

48
providers/defltprov.c
View File

@ -463,30 +463,30 @@ static const OSSL_ALGORITHM deflt_signature[] = {
{ PROV_NAMES_CMAC, "provider=default", ossl_mac_legacy_cmac_signature_functions }, { PROV_NAMES_CMAC, "provider=default", ossl_mac_legacy_cmac_signature_functions },
#endif #endif
#ifndef OPENSSL_NO_SLH_DSA #ifndef OPENSSL_NO_SLH_DSA
{ PROV_NAMES_SLH_DSA_SHA2_128S, "provider=default", ossl_slh_dsa_sha2_128s_signature_functions, { PROV_NAMES_SLH_DSA_SHA2_128S, "provider=default",
PROV_DESCS_SLH_DSA_SHA2_128S }, ossl_slh_dsa_sha2_128s_signature_functions, PROV_DESCS_SLH_DSA_SHA2_128S },
{ PROV_NAMES_SLH_DSA_SHA2_128F, "provider=default", ossl_slh_dsa_sha2_128f_signature_functions, { PROV_NAMES_SLH_DSA_SHA2_128F, "provider=default",
PROV_DESCS_SLH_DSA_SHA2_128F }, ossl_slh_dsa_sha2_128f_signature_functions, PROV_DESCS_SLH_DSA_SHA2_128F },
{ PROV_NAMES_SLH_DSA_SHA2_192S, "provider=default", ossl_slh_dsa_sha2_192s_signature_functions, { PROV_NAMES_SLH_DSA_SHA2_192S, "provider=default",
PROV_DESCS_SLH_DSA_SHA2_192S }, ossl_slh_dsa_sha2_192s_signature_functions, PROV_DESCS_SLH_DSA_SHA2_192S },
{ PROV_NAMES_SLH_DSA_SHA2_192F, "provider=default", ossl_slh_dsa_sha2_192f_signature_functions, { PROV_NAMES_SLH_DSA_SHA2_192F, "provider=default",
PROV_DESCS_SLH_DSA_SHA2_192F }, ossl_slh_dsa_sha2_192f_signature_functions, PROV_DESCS_SLH_DSA_SHA2_192F },
{ PROV_NAMES_SLH_DSA_SHA2_256S, "provider=default", ossl_slh_dsa_sha2_256s_signature_functions, { PROV_NAMES_SLH_DSA_SHA2_256S, "provider=default",
PROV_DESCS_SLH_DSA_SHA2_256S }, ossl_slh_dsa_sha2_256s_signature_functions, PROV_DESCS_SLH_DSA_SHA2_256S },
{ PROV_NAMES_SLH_DSA_SHA2_256F, "provider=default", ossl_slh_dsa_sha2_256f_signature_functions, { PROV_NAMES_SLH_DSA_SHA2_256F, "provider=default",
PROV_DESCS_SLH_DSA_SHA2_256F }, ossl_slh_dsa_sha2_256f_signature_functions, PROV_DESCS_SLH_DSA_SHA2_256F },
{ PROV_NAMES_SLH_DSA_SHAKE_128S, "provider=default", ossl_slh_dsa_shake_128s_signature_functions, { PROV_NAMES_SLH_DSA_SHAKE_128S, "provider=default",
PROV_DESCS_SLH_DSA_SHAKE_128S }, ossl_slh_dsa_shake_128s_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_128S },
{ PROV_NAMES_SLH_DSA_SHAKE_128F, "provider=default", ossl_slh_dsa_shake_128f_signature_functions, { PROV_NAMES_SLH_DSA_SHAKE_128F, "provider=default",
PROV_DESCS_SLH_DSA_SHAKE_128F }, ossl_slh_dsa_shake_128f_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_128F },
{ PROV_NAMES_SLH_DSA_SHAKE_192S, "provider=default", ossl_slh_dsa_shake_192s_signature_functions, { PROV_NAMES_SLH_DSA_SHAKE_192S, "provider=default",
PROV_DESCS_SLH_DSA_SHAKE_192S }, ossl_slh_dsa_shake_192s_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_192S },
{ PROV_NAMES_SLH_DSA_SHAKE_192F, "provider=default", ossl_slh_dsa_shake_192f_signature_functions, { PROV_NAMES_SLH_DSA_SHAKE_192F, "provider=default",
PROV_DESCS_SLH_DSA_SHAKE_192F }, ossl_slh_dsa_shake_192f_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_192F },
{ PROV_NAMES_SLH_DSA_SHAKE_256S, "provider=default", ossl_slh_dsa_shake_256s_signature_functions, { PROV_NAMES_SLH_DSA_SHAKE_256S, "provider=default",
PROV_DESCS_SLH_DSA_SHAKE_256S }, ossl_slh_dsa_shake_256s_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_256S },
{ PROV_NAMES_SLH_DSA_SHAKE_256F, "provider=default", ossl_slh_dsa_shake_256f_signature_functions, { PROV_NAMES_SLH_DSA_SHAKE_256F, "provider=default",
PROV_DESCS_SLH_DSA_SHAKE_256F }, ossl_slh_dsa_shake_256f_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_256F },
#endif /* OPENSSL_NO_SLH_DSA */ #endif /* OPENSSL_NO_SLH_DSA */
{ NULL, NULL, NULL } { NULL, NULL, NULL }
}; };

64
providers/implementations/keymgmt/slh_dsa_kmgmt.c
View File

@ -162,7 +162,7 @@ static int slh_dsa_get_params(void *keydata, OSSL_PARAM params[])
} }
static int slh_dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, static int slh_dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
void *cbarg) void *cbarg)
{ {
SLH_DSA_KEY *key = keydata; SLH_DSA_KEY *key = keydata;
OSSL_PARAM_BLD *tmpl; OSSL_PARAM_BLD *tmpl;
@ -307,37 +307,37 @@ static void slh_dsa_gen_cleanup(void *genctx)
} }
#define MAKE_KEYMGMT_FUNCTIONS(alg, fn) \ #define MAKE_KEYMGMT_FUNCTIONS(alg, fn) \
static OSSL_FUNC_keymgmt_new_fn slh_dsa_##fn##_new_key; \ static OSSL_FUNC_keymgmt_new_fn slh_dsa_##fn##_new_key; \
static OSSL_FUNC_keymgmt_gen_fn slh_dsa_##fn##_gen; \ static OSSL_FUNC_keymgmt_gen_fn slh_dsa_##fn##_gen; \
static void *slh_dsa_##fn##_new_key(void *provctx) \ static void *slh_dsa_##fn##_new_key(void *provctx) \
{ \ { \
return slh_dsa_new_key(provctx, alg); \ return slh_dsa_new_key(provctx, alg); \
} \ } \
static void *slh_dsa_##fn##_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)\ static void *slh_dsa_##fn##_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)\
{ \ { \
return slh_dsa_gen(genctx, alg); \ return slh_dsa_gen(genctx, alg); \
} \ } \
const OSSL_DISPATCH ossl_slh_dsa_##fn##_keymgmt_functions[] = { \ const OSSL_DISPATCH ossl_slh_dsa_##fn##_keymgmt_functions[] = { \
{ OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))slh_dsa_##fn##_new_key }, \ { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))slh_dsa_##fn##_new_key }, \
{ OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))slh_dsa_free_key }, \ { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))slh_dsa_free_key }, \
{ OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))slh_dsa_has }, \ { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))slh_dsa_has }, \
{ OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))slh_dsa_match }, \ { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))slh_dsa_match }, \
{ OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))slh_dsa_import }, \ { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))slh_dsa_import }, \
{ OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))slh_dsa_imexport_types },\ { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))slh_dsa_imexport_types },\
{ OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))slh_dsa_export }, \ { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))slh_dsa_export }, \
{ OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))slh_dsa_imexport_types },\ { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))slh_dsa_imexport_types },\
{ OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))slh_dsa_load }, \ { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))slh_dsa_load }, \
{ OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))slh_dsa_get_params }, \ { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))slh_dsa_get_params }, \
{ OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))slh_dsa_gettable_params }, \ { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))slh_dsa_gettable_params },\
{ OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))slh_dsa_gen_init }, \ { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))slh_dsa_gen_init }, \
{ OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))slh_dsa_##fn##_gen }, \ { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))slh_dsa_##fn##_gen }, \
{ OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))slh_dsa_gen_cleanup }, \ { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))slh_dsa_gen_cleanup },\
{ OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, \ { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, \
(void (*)(void))slh_dsa_gen_set_params }, \ (void (*)(void))slh_dsa_gen_set_params }, \
{ OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, \ { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, \
(void (*)(void))slh_dsa_gen_settable_params }, \ (void (*)(void))slh_dsa_gen_settable_params }, \
OSSL_DISPATCH_END \ OSSL_DISPATCH_END \
} }
MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-128s", sha2_128s); MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-128s", sha2_128s);
MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-128f", sha2_128f); MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-128f", sha2_128f);

44
providers/implementations/signature/slh_dsa_sig.c
View File

@ -147,15 +147,13 @@ static int slh_sign(void *vctx, unsigned char *sig, size_t *siglen,
return ret; return ret;
} }
static int slh_verify_msg_init(void *vctx, void *vkey, static int slh_verify_msg_init(void *vctx, void *vkey, const OSSL_PARAM params[])
const OSSL_PARAM params[])
{ {
return slh_signverify_msg_init(vctx, vkey, params, EVP_PKEY_OP_VERIFY, return slh_signverify_msg_init(vctx, vkey, params, EVP_PKEY_OP_VERIFY,
"SLH_DSA Verify Init"); "SLH_DSA Verify Init");
} }
static int slh_verify(void *vctx, static int slh_verify(void *vctx, const unsigned char *sig, size_t siglen,
const unsigned char *sig, size_t siglen,
const unsigned char *msg, size_t msg_len) const unsigned char *msg, size_t msg_len)
{ {
PROV_SLH_DSA_CTX *ctx = (PROV_SLH_DSA_CTX *)vctx; PROV_SLH_DSA_CTX *ctx = (PROV_SLH_DSA_CTX *)vctx;
@ -226,25 +224,25 @@ static const OSSL_PARAM *slh_settable_ctx_params(void *vctx,
} }
#define MAKE_SIGNATURE_FUNCTIONS(alg, fn) \ #define MAKE_SIGNATURE_FUNCTIONS(alg, fn) \
static OSSL_FUNC_signature_newctx_fn slh_##fn##_newctx; \ static OSSL_FUNC_signature_newctx_fn slh_##fn##_newctx; \
static void *slh_##fn##_newctx(void *provctx, const char *propq) \ static void *slh_##fn##_newctx(void *provctx, const char *propq) \
{ \ { \
return slh_newctx(provctx, alg, propq); \ return slh_newctx(provctx, alg, propq); \
} \ } \
const OSSL_DISPATCH ossl_slh_dsa_##fn##_signature_functions[] = { \ const OSSL_DISPATCH ossl_slh_dsa_##fn##_signature_functions[] = { \
{ OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))slh_##fn##_newctx }, \ { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))slh_##fn##_newctx }, \
{ OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_INIT, \ { OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_INIT, \
(void (*)(void))slh_sign_msg_init }, \ (void (*)(void))slh_sign_msg_init }, \
{ OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))slh_sign }, \ { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))slh_sign }, \
{ OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_INIT, \ { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_INIT, \
(void (*)(void))slh_verify_msg_init }, \ (void (*)(void))slh_verify_msg_init }, \
{ OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))slh_verify }, \ { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))slh_verify }, \
{ OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))slh_freectx }, \ { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))slh_freectx }, \
{ OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))slh_set_ctx_params },\ { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))slh_set_ctx_params },\
{ OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, \ { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, \
(void (*)(void))slh_settable_ctx_params }, \ (void (*)(void))slh_settable_ctx_params }, \
OSSL_DISPATCH_END \ OSSL_DISPATCH_END \
} }
MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-128s", sha2_128s); MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-128s", sha2_128s);
MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-128f", sha2_128f); MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-128f", sha2_128f);

2
test/slh_dsa_test.c
View File

@ -237,7 +237,7 @@ static int slh_dsa_sign_verify_test(int tst_id)
|| !TEST_int_eq(EVP_PKEY_sign(sctx, NULL, &psig_len, || !TEST_int_eq(EVP_PKEY_sign(sctx, NULL, &psig_len,
td->msg, td->msg_len), 1) td->msg, td->msg_len), 1)
|| !TEST_true(EVP_PKEY_get_size_t_param(pkey, OSSL_PKEY_PARAM_MAX_SIZE, || !TEST_true(EVP_PKEY_get_size_t_param(pkey, OSSL_PKEY_PARAM_MAX_SIZE,
&sig_len2)) &sig_len2))
|| !TEST_int_eq(sig_len2, psig_len) || !TEST_int_eq(sig_len2, psig_len)
|| !TEST_ptr(psig = OPENSSL_zalloc(psig_len)) || !TEST_ptr(psig = OPENSSL_zalloc(psig_len))
|| !TEST_int_eq(EVP_PKEY_sign(sctx, psig, &psig_len, || !TEST_int_eq(EVP_PKEY_sign(sctx, psig, &psig_len,