Update XMSS

2026-05-06 16:36:16 +08:00 · 2026-01-05 21:19:23 +08:00
parent e919690d6a
commit 38451da6a8
6 changed files with 206 additions and 74 deletions
--- a/tools/xmsskeygen.c
+++ b/tools/xmsskeygen.c
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2014-2025 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
 *
 *  Licensed under the Apache License, Version 2.0 (the License); you may
 *  not use this file except in compliance with the License.
@@ -42,11 +42,12 @@ int xmsskeygen_main(int argc, char **argv)
 	FILE *outfp = NULL;
 	FILE *puboutfp = stdout;
 	XMSS_KEY key;
-	uint8_t out[XMSS_PRIVATE_KEY_SIZE];
+	uint8_t *out = NULL;
+	uint8_t *pout;
+	size_t outlen;
 	uint8_t pubout[XMSS_PUBLIC_KEY_SIZE];
-	uint8_t *pout = out;
-	uint8_t *ppubout = pubout;
-	size_t outlen = 0, puboutlen = 0;
+	uint8_t *ppubout;
+	size_t puboutlen ;

 	memset(&key, 0, sizeof(key));

@@ -116,6 +117,17 @@ bad:
 		xmss_public_key_print(stderr, 0, 0, "xmss_public_key", &key);
 	}

+	outlen = 0;
+	if (xmss_private_key_to_bytes(&key, NULL, &outlen) != 1) {
+		error_print();
+		goto end;
+	}
+	if (!(out = malloc(outlen))) {
+		error_print();
+		goto end;
+	}
+	pout = out;
+	outlen = 0;
 	if (xmss_private_key_to_bytes(&key, &pout, &outlen) != 1) {
 		error_print();
 		goto end;
@@ -125,10 +137,16 @@ bad:
 		goto end;
 	}

+	ppubout = pubout;
+	puboutlen = 0;
 	if (xmss_public_key_to_bytes(&key, &ppubout, &puboutlen) != 1) {
 		error_print();
 		goto end;
 	}
+	if (puboutlen != sizeof(pubout)) {
+		error_print();
+		goto end;
+	}
 	if (fwrite(pubout, 1, puboutlen, puboutfp) != puboutlen) {
 		error_print();
 		goto end;
@@ -137,7 +155,10 @@ bad:
 	ret = 0;
 end:
 	xmss_key_cleanup(&key);
-	gmssl_secure_clear(out, outlen);
+	if (out) {
+		gmssl_secure_clear(out, outlen);
+		free(out);
+	}
 	if (outfile && outfp) fclose(outfp);
 	if (puboutfile && puboutfp) fclose(puboutfp);
 	return ret;
--- a/tools/xmssmtsign.c
+++ b/tools/xmssmtsign.c
@@ -149,6 +149,7 @@ bad:
 		goto end;
 	}

+#if 0
 	// write updated key back to file
 	// TODO: write back `q` only
 	p = keybuf;
@@ -162,6 +163,17 @@ bad:
 		error_print();
 		return -1;
 	}
+#else
+	if (fseek(keyfp, XMSSMT_PUBLIC_KEY_SIZE, SEEK_SET) != 0) {
+		error_print();
+		goto end;
+	}
+	uint8_t index_buf[8];
+	uint8_t *pindex = index_buf;
+	size_t index_len = 0;
+	xmssmt_index_to_bytes(key.index, key.public_key.xmssmt_type, &pindex, &index_len);
+	fwrite(index_buf, 1, index_len, keyfp);
+#endif

 	while (1) {
 		uint8_t buf[1024];
@@ -189,7 +201,7 @@ bad:
 	ret = 0;

 end:
-	//xmss_key_cleanup(&key);
+	xmssmt_key_cleanup(&key);
 	gmssl_secure_clear(keybuf, keylen);
 	gmssl_secure_clear(&ctx, sizeof(ctx));
 	if (keyfp) fclose(keyfp);
--- a/tools/xmsssign.c
+++ b/tools/xmsssign.c
@@ -14,6 +14,7 @@
 #include <stdlib.h>
 #include <gmssl/mem.h>
 #include <gmssl/error.h>
+#include <gmssl/endian.h>
 #include <gmssl/xmss.h>

 static const char *usage = "-key file [-in file] [-out file] [-verbose]\n";
@@ -37,10 +38,12 @@ int xmsssign_main(int argc, char **argv)
 	FILE *keyfp = NULL;
 	FILE *infp = stdin;
 	FILE *outfp = stdout;
-	uint8_t keybuf[XMSS_PRIVATE_KEY_SIZE];
-	size_t keylen = XMSS_PRIVATE_KEY_SIZE;
-	const uint8_t *cp = keybuf;
-	uint8_t *p = keybuf;
+	uint8_t pubkeybuf[XMSS_PUBLIC_KEY_SIZE];
+	uint8_t *keybuf = NULL;
+	size_t keylen;
+	const uint8_t *cp;
+	uint8_t *p;
+	size_t len;
 	XMSS_KEY key;
 	XMSS_SIGN_CTX ctx;
 	uint8_t sig[XMSS_SIGNATURE_MAX_SIZE];
@@ -102,10 +105,40 @@ bad:
 		goto end;
 	}

-	if (fread(keybuf, 1, keylen, keyfp) != keylen) {
+	// load xmss_public_key
+	if (fread(pubkeybuf, 1, sizeof(pubkeybuf), keyfp) != sizeof(pubkeybuf)) {
+		error_print();
+		goto end;
+	}
+	cp = pubkeybuf;
+	len = sizeof(pubkeybuf);
+	if (xmss_public_key_from_bytes(&key, &cp, &len) != 1) {
+		error_print();
+		goto end;
+	}
+	if (len) {
+		error_print();
+		goto end;
+	}
+
+	// xmss_private_key_size
+	if (xmss_private_key_size(key.public_key.xmss_type, &keylen) != 1) {
+		error_print();
+		goto end;
+	}
+	if (!(keybuf = malloc(keylen))) {
+		error_print();
+		goto end;
+	}
+	memcpy(keybuf, pubkeybuf, sizeof(pubkeybuf));
+
+	len = keylen - sizeof(pubkeybuf);
+	if (fread(keybuf + sizeof(pubkeybuf), 1, len, keyfp) != len) {
 		fprintf(stderr, "%s: read private key failure\n", prog);
 		goto end;
 	}
+
+	cp = keybuf;
 	if (xmss_private_key_from_bytes(&key, &cp, &keylen) != 1) {
 		error_print();
 		goto end;
@@ -124,8 +157,10 @@ bad:
 		goto end;
 	}

+#if 0
 	// write updated key back to file
 	// TODO: write back `q` only
+	p = keybuf;
 	if (xmss_private_key_to_bytes(&key, &p, &keylen) != 1) {
 		error_print();
 		return -1;
@@ -135,6 +170,16 @@ bad:
 		error_print();
 		return -1;
 	}
+#else
+	// write index only
+	if (fseek(keyfp, XMSS_PUBLIC_KEY_SIZE, SEEK_SET) != 0) {
+		error_print();
+		goto end;
+	}
+	uint8_t index_buf[4];
+	PUTU32(index_buf, key.index);
+	fwrite(index_buf, 1, 4, keyfp);
+#endif

 	while (1) {
 		uint8_t buf[1024];
@@ -163,8 +208,11 @@ bad:

 end:
 	xmss_key_cleanup(&key);
-	gmssl_secure_clear(keybuf, sizeof(keybuf));
 	gmssl_secure_clear(&ctx, sizeof(ctx));
+	if (keybuf) {
+		gmssl_secure_clear(keybuf, keylen);
+		free(keybuf);
+	}
 	if (keyfp) fclose(keyfp);
 	if (infp && infp != stdin) fclose(infp);
 	if (outfp && outfp != stdout) fclose(outfp);