abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-07 00:46:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

Reomve sm3 from lms/hss names

Browse Source
This commit is contained in:
Zhi Guan
2025-12-07 22:08:17 +08:00
parent 49f4e1f28a
commit 833150f297
13 changed files with 825 additions and 829 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
CMakeLists.txt
View File

@@ -53,7 +53,7 @@ option(ENABLE_SM4_XTS "Enable SM4 XTS mode" ON)
option(ENABLE_SM4_CBC_MAC "Enable SM4-CBC-MAC" ON) option(ENABLE_SM4_CBC_MAC "Enable SM4-CBC-MAC" ON)
option(ENABLE_SM2_EXTS "Enable SM2 Extensions" OFF) option(ENABLE_SM2_EXTS "Enable SM2 Extensions" OFF)
option(ENABLE_SM3_LMS "Enable SM3-LMS signature" ON) option(ENABLE_LMS_HSS "Enable LMS/HSS signature" ON)
option(ENABLE_SM3_XMSS "Enable SM3-XMSS signature" OFF) option(ENABLE_SM3_XMSS "Enable SM3-XMSS signature" OFF)
@@ -416,18 +416,18 @@ if (ENABLE_SM2_EXTS)
endif() endif()
if (ENABLE_SM3_LMS) if (ENABLE_LMS_HSS)
message(STATUS "ENABLE_SM3_LMS is ON") message(STATUS "ENABLE_LMS_HSS is ON")
add_definitions(-DENABLE_SM3_LMS) add_definitions(-DENABLE_LMS_HSS)
list(APPEND src src/sm3_lms.c) list(APPEND src src/lms.c)
list(APPEND tools tools/sm3lmskeygen.c tools/sm3lmssign.c tools/sm3lmsverify.c) list(APPEND tools tools/lmskeygen.c tools/lmssign.c tools/lmsverify.c)
list(APPEND tools tools/sm3hsskeygen.c tools/sm3hsssign.c tools/sm3hssverify.c) list(APPEND tools tools/hsskeygen.c tools/hsssign.c tools/hssverify.c)
list(APPEND tests sm3_lms) list(APPEND tests lms)
option(ENABLE_SM3_LMS_CROSSCHECK "Enable LMS SHA-256 cross-check" OFF) option(ENABLE_LMS_HSS_CROSSCHECK "Enable LMS SHA-256 cross-check" OFF)
if (ENABLE_SM3_LMS_CROSSCHECK) if (ENABLE_LMS_HSS_CROSSCHECK)
message(STATUS "ENABLE_SM3_LMS_CROSSCHECK is ON") message(STATUS "ENABLE_LMS_HSS_CROSSCHECK is ON")
add_definitions(-DENABLE_SM3_LMS_CROSSCHECK) add_definitions(-DENABLE_LMS_HSS_CROSSCHECK)
endif() endif()
endif() endif()

305
include/gmssl/lms.h Normal file
View File

@@ -0,0 +1,305 @@
/*
* Copyright 2014-2025 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#ifndef GMSSL_LMS_H
#define GMSSL_LMS_H
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <stdint.h>
#include <gmssl/sm3.h>
#ifdef ENABLE_SHA2
#include <gmssl/sha2.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
typedef uint8_t hash256_t[32];
#define HSS_MAX_LEVELS 5
#define LMS_MAX_HEIGHT 25
// Crosscheck with data from LMS-reference (SHA-256), except the LMS signature.
#if defined(ENABLE_LMS_CROSSCHECK) && defined(ENABLE_SHA2)
# define HASH256_CTX SHA256_CTX
# define hash256_init sha256_init
# define hash256_update sha256_update
# define hash256_finish sha256_finish
# define hash256_digest sha256_digest
# define LMOTS_HASH256_N32_W8 LMOTS_SHA256_N32_W8
# define LMOTS_HASH256_N32_W8_NAME "LMOTS_SHA256_N32_W8"
# define LMS_HASH256_M32_H5 LMS_SHA256_M32_H5
# define LMS_HASH256_M32_H10 LMS_SHA256_M32_H10
# define LMS_HASH256_M32_H15 LMS_SHA256_M32_H15
# define LMS_HASH256_M32_H20 LMS_SHA256_M32_H20
# define LMS_HASH256_M32_H25 LMS_SHA256_M32_H25
# define LMS_HASH256_M32_H5_NAME "LMS_SHA256_M32_H5"
# define LMS_HASH256_M32_H10_NAME "LMS_SHA256_M32_H10"
# define LMS_HASH256_M32_H15_NAME "LMS_SHA256_M32_H15"
# define LMS_HASH256_M32_H20_NAME "LMS_SHA256_M32_H20"
# define LMS_HASH256_M32_H25_NAME "LMS_SHA256_M32_H25"
#else
# define HASH256_CTX SM3_CTX
# define hash256_init sm3_init
# define hash256_update sm3_update
# define hash256_finish sm3_finish
# define hash256_digest sm3_digest
# define LMOTS_HASH256_N32_W8 LMOTS_SM3_N32_W8
# define LMOTS_HASH256_N32_W8_NAME "LMOTS_SM3_N32_W8"
# define LMS_HASH256_M32_H5 LMS_SM3_M32_H5
# define LMS_HASH256_M32_H10 LMS_SM3_M32_H10
# define LMS_HASH256_M32_H15 LMS_SM3_M32_H15
# define LMS_HASH256_M32_H20 LMS_SM3_M32_H20
# define LMS_HASH256_M32_H25 LMS_SM3_M32_H25
# define LMS_HASH256_M32_H5_NAME "LMS_SM3_M32_H5"
# define LMS_HASH256_M32_H10_NAME "LMS_SM3_M32_H10"
# define LMS_HASH256_M32_H15_NAME "LMS_SM3_M32_H15"
# define LMS_HASH256_M32_H20_NAME "LMS_SM3_M32_H20"
# define LMS_HASH256_M32_H25_NAME "LMS_SM3_M32_H25"
#endif
enum {
LMOTS_RESERVED = 0,
LMOTS_SHA256_N32_W1 = 1,
LMOTS_SHA256_N32_W2 = 2,
LMOTS_SHA256_N32_W4 = 3,
LMOTS_SHA256_N32_W8 = 4,
LMOTS_SM3_N32_W1 = 11,
LMOTS_SM3_N32_W2 = 12,
LMOTS_SM3_N32_W4 = 13,
LMOTS_SM3_N32_W8 = 14,
};
enum {
#if defined(ENABLE_LMS_CROSSCHECK) && defined(ENABLE_SHA2)
LMS_SHA256_M32_H5 = 5,
LMS_SHA256_M32_H10 = 6,
LMS_SHA256_M32_H15 = 7,
LMS_SHA256_M32_H20 = 8,
LMS_SHA256_M32_H25 = 9,
#else
// TODO: submit to IETF
LMS_SM3_M32_H5 = 5,
LMS_SM3_M32_H10 = 6,
LMS_SM3_M32_H15 = 7,
LMS_SM3_M32_H20 = 8,
LMS_SM3_M32_H25 = 9,
#endif
};
char *lmots_type_name(int lmots_type);
void lmots_derive_secrets(const hash256_t seed, const uint8_t I[16], int q, hash256_t x[34]);
void lmots_secrets_to_public_hash(const uint8_t I[16], int q, const hash256_t x[34], hash256_t pub);
void lmots_compute_signature(const uint8_t I[16], int q, const hash256_t dgst, const hash256_t x[34], hash256_t y[34]);
void lmots_signature_to_public_hash(const uint8_t I[16], int q, const hash256_t y[34], const hash256_t dgst, hash256_t pub);
char *lms_type_name(int lms_type);
int lms_type_from_name(const char *name);
int lms_type_to_height(int type, size_t *height);
void lms_derive_merkle_tree(const hash256_t seed, const uint8_t I[16], int height, hash256_t *tree);
void lms_derive_merkle_root(const hash256_t seed, const uint8_t I[16], int height, hash256_t root);
typedef struct {
int lms_type;
int lmots_type;
uint8_t I[16]; // lms key identifier
hash256_t root; // merkle tree root
} LMS_PUBLIC_KEY;
#define LMS_PUBLIC_KEY_SIZE (4 + 4 + 16 + 32) // = 56 bytes
typedef struct {
LMS_PUBLIC_KEY public_key;
hash256_t *tree;
hash256_t seed;
uint32_t q; // in [0, 2^h - 1], q++ after every sign
} LMS_KEY;
#define LMS_PRIVATE_KEY_SIZE (LMS_PUBLIC_KEY_SIZE + 32 + 4) // = 92 bytes
// FIXME: do we need a function to update lms_key->q ?
int lms_key_generate_ex(LMS_KEY *key, int lms_type, const hash256_t seed, const uint8_t I[16], int cache_tree);
int lms_key_generate(LMS_KEY *key, int lms_type);
int lms_key_check(const LMS_KEY *key, const LMS_PUBLIC_KEY *pub);
int lms_key_remaining_signs(const LMS_KEY *key, size_t *count);
int lms_public_key_to_bytes(const LMS_KEY *key, uint8_t **out, size_t *outlen);
int lms_public_key_from_bytes_ex(const LMS_PUBLIC_KEY **key, const uint8_t **in, size_t *inlen);
int lms_public_key_from_bytes(LMS_KEY *key, const uint8_t **in, size_t *inlen);
int lms_private_key_to_bytes(const LMS_KEY *key, uint8_t **out, size_t *outlen);
int lms_private_key_from_bytes(LMS_KEY *key, const uint8_t **in, size_t *inlen);
int lms_public_key_print(FILE *fp, int fmt, int ind, const char *label, const LMS_PUBLIC_KEY *pub);
int lms_key_print(FILE *fp, int fmt, int ind, const char *label, const LMS_KEY *key);
void lms_key_cleanup(LMS_KEY *key);
typedef struct {
int q; // index of LMS tree leaf, in [0, 2^h - 1]
struct {
int lmots_type; // LMOTS_SM3_N32_W8 or LMOTS_SHA256_N32_W8 in compile time
hash256_t C; // randomness of every LMOTS signature
hash256_t y[34]; // for w = 8 and hash256, 34 winternitz chains
} lmots_sig;
int lms_type;
hash256_t path[25]; // max tree height = 25 when LMS_SM3_M32_H25
} LMS_SIGNATURE;
// encoded size, SHOULD be changed when supporting text/der encoding
#define LMS_SIGNATURE_MIN_SIZE (4 + 4 + 32 + 32*34 + 4 + 32*5) // = 1292 bytes
#define LMS_SIGNATURE_MAX_SIZE (4 + 4 + 32 + 32*34 + 4 + 32*25) // = 1932 bytes
int lms_signature_to_merkle_root(const uint8_t I[16], size_t h, int q,
const hash256_t y[34], const hash256_t *path,
const hash256_t dgst, hash256_t root);
/*
* LMS_HASH256_M32_H5 1292
* LMS_HASH256_M32_H10 1452
* LMS_HASH256_M32_H15 1612
* LMS_HASH256_M32_H20 1772
* LMS_HASH256_M32_H25 1932
*/
int lms_signature_size(int lms_type, size_t *siglen);
int lms_key_get_signature_size(const LMS_KEY *key, size_t *siglen);
int lms_signature_to_bytes(const LMS_SIGNATURE *sig, uint8_t **out, size_t *outlen);
int lms_signature_from_bytes_ex(const LMS_SIGNATURE **sig, size_t *siglen, const uint8_t **in, size_t *inlen);
int lms_signature_from_bytes(LMS_SIGNATURE *sig, const uint8_t **in, size_t *inlen);
int lms_signature_print_ex(FILE *fp, int fmt, int ind, const char *label, const LMS_SIGNATURE *sig);
int lms_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen);
typedef struct {
HASH256_CTX hash256_ctx;
LMS_PUBLIC_KEY lms_public_key; // FIXME: or use LMS_PUBLIC_KEY to re-use tree?
LMS_SIGNATURE lms_sig;
} LMS_SIGN_CTX;
int lms_sign_init(LMS_SIGN_CTX *ctx, LMS_KEY *key);
int lms_sign_update(LMS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int lms_sign_finish(LMS_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen);
int lms_sign_finish_ex(LMS_SIGN_CTX *ctx, LMS_SIGNATURE *sig);
int lms_verify_init_ex(LMS_SIGN_CTX *ctx, const LMS_KEY *key, const LMS_SIGNATURE *sig);
int lms_verify_init(LMS_SIGN_CTX *ctx, const LMS_KEY *key, const uint8_t *sigbuf, size_t siglen);
int lms_verify_update(LMS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int lms_verify_finish(LMS_SIGN_CTX *ctx);
// `lms_sign_init` copy lmots private to ctx->lms_sig.y
// call `lms_sign_ctx_cleanup` incase `lms_sign_finish` not called nor finished
void lms_sign_ctx_cleanup(LMS_SIGN_CTX *ctx);
/*
// just for reference, HSS_PUBLIC_KEY memory layout might not compatible with HSS_KEY
typedef struct {
uint32_t levels;
LMS_PUBLIC_KEY lms_public_key;
} HSS_PUBLIC_KEY;
*/
// HSS_PUBLIC_KEY: { level, lms_key[0].public_key }
#define HSS_PUBLIC_KEY_SIZE (4 + LMS_PUBLIC_KEY_SIZE)
// TODO: LMS_KEY should be a tree other than a vector
// when updated, low level lms keys will lost, maybe a good feature
typedef struct {
uint32_t levels; // should be checked to prevent memory error
LMS_KEY lms_key[5];
LMS_SIGNATURE lms_sig[4];
} HSS_KEY;
#define HSS_PRIVATE_KEY_MAX_SIZE sizeof(HSS_KEY)
int hss_private_key_size(const int *lms_types, size_t levels, size_t *len);
int hss_key_generate(HSS_KEY *key, const int *lms_types, size_t levels);
int hss_key_update(HSS_KEY *key);
int hss_public_key_digest(const HSS_KEY *key, uint8_t dgst[32]);
int hss_public_key_to_bytes(const HSS_KEY *key, uint8_t **out, size_t *outlen);
int hss_private_key_to_bytes(const HSS_KEY *key, uint8_t **out, size_t *outlen);
int hss_public_key_from_bytes(HSS_KEY *key, const uint8_t **in, size_t *inlen);
int hss_private_key_from_bytes(HSS_KEY *key, const uint8_t **in, size_t *inlen);
int hss_public_key_print(FILE *fp, int fmt, int ind, const char *label, const HSS_KEY *key);
int hss_key_print(FILE *fp, int fmt, int ind, const char *label, const HSS_KEY *key);
void hss_key_cleanup(HSS_KEY *key);
typedef struct {
uint32_t num_signed_public_keys; // = hss_key->levels - 1
struct {
LMS_SIGNATURE lms_sig; // lms_sig[i] = sign(hss_key->lms_key[i], lms_public_key[i])
LMS_PUBLIC_KEY lms_public_key; // signed_public_keys[i] = hss_key->lms_key[i+1].public_key
} signed_public_keys[HSS_MAX_LEVELS - 1];
LMS_SIGNATURE msg_lms_sig; // = sign(hss->lms_key[levels-1], msg)
} HSS_SIGNATURE;
#define HSS_SIGNATURE_MAX_SIZE sizeof(HSS_SIGNATURE)
int hss_signature_size(const int *lms_types, size_t levels, size_t *len);
int hss_key_get_signature_size(const HSS_KEY *key, size_t *siglen);
int hss_signature_to_bytes(const HSS_SIGNATURE *sig, uint8_t **out, size_t *outlen);
int hss_signature_from_bytes(HSS_SIGNATURE *sig, const uint8_t **in, size_t *inlen);
int hss_signature_print_ex(FILE *fp, int fmt, int ind, const char *label, const HSS_SIGNATURE *sig);
int hss_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen);
typedef struct {
LMS_SIGN_CTX lms_ctx;
uint32_t levels;
LMS_SIGNATURE lms_sigs[HSS_MAX_LEVELS - 1];
LMS_PUBLIC_KEY lms_public_keys[HSS_MAX_LEVELS - 1];
} HSS_SIGN_CTX;
int hss_sign_init(HSS_SIGN_CTX *ctx, HSS_KEY *key);
int hss_sign_update(HSS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int hss_sign_finish(HSS_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen);
int hss_sign_finish_ex(HSS_SIGN_CTX *ctx, HSS_SIGNATURE *sig);
int hss_verify_init_ex(HSS_SIGN_CTX *ctx, const HSS_KEY *key, const HSS_SIGNATURE *sig);
int hss_verify_init(HSS_SIGN_CTX *ctx, const HSS_KEY *key, const uint8_t *sigbuf, size_t siglen);
int hss_verify_update(HSS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int hss_verify_finish(HSS_SIGN_CTX *ctx);
// X.509 related
#define HSS_PUBLIC_KEY_DER_SIZE 63
#define HSS_PUBLIC_KEY_INFO_SIZE 82
int hss_public_key_to_der(const HSS_KEY *key, uint8_t **out, size_t *outlen);
int hss_public_key_from_der(HSS_KEY *key, const uint8_t **in, size_t *inlen);
int hss_public_key_algor_to_der(uint8_t **out, size_t *outlen);
int hss_public_key_algor_from_der(const uint8_t **in, size_t *inlen);
int hss_public_key_info_to_der(const HSS_KEY *key, uint8_t **out, size_t *outlen);
int hss_public_key_info_from_der(HSS_KEY *key, const uint8_t **in, size_t *inlen);
#ifdef __cplusplus
}
#endif
#endif

305
include/gmssl/sm3_lms.h
View File

@@ -1,305 +0,0 @@
/*
* Copyright 2014-2025 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#ifndef GMSSL_SM3_LMS_H
#define GMSSL_SM3_LMS_H
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <stdint.h>
#include <gmssl/sm3.h>
#ifdef ENABLE_SHA2
#include <gmssl/sha2.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
typedef uint8_t hash256_t[32];
#define SM3_HSS_MAX_LEVELS 5
#define SM3_LMS_MAX_HEIGHT 25
// Crosscheck with data from LMS-reference (SHA-256), except the LMS signature.
#if defined(ENABLE_SM3_LMS_CROSSCHECK) && defined(ENABLE_SHA2)
# define HASH256_CTX SHA256_CTX
# define hash256_init sha256_init
# define hash256_update sha256_update
# define hash256_finish sha256_finish
# define hash256_digest sha256_digest
# define LMOTS_HASH256_N32_W8 LMOTS_SHA256_N32_W8
# define LMOTS_HASH256_N32_W8_NAME "LMOTS_SHA256_N32_W8"
# define LMS_HASH256_M32_H5 LMS_SHA256_M32_H5
# define LMS_HASH256_M32_H10 LMS_SHA256_M32_H10
# define LMS_HASH256_M32_H15 LMS_SHA256_M32_H15
# define LMS_HASH256_M32_H20 LMS_SHA256_M32_H20
# define LMS_HASH256_M32_H25 LMS_SHA256_M32_H25
# define LMS_HASH256_M32_H5_NAME "LMS_SHA256_M32_H5"
# define LMS_HASH256_M32_H10_NAME "LMS_SHA256_M32_H10"
# define LMS_HASH256_M32_H15_NAME "LMS_SHA256_M32_H15"
# define LMS_HASH256_M32_H20_NAME "LMS_SHA256_M32_H20"
# define LMS_HASH256_M32_H25_NAME "LMS_SHA256_M32_H25"
#else
# define HASH256_CTX SM3_CTX
# define hash256_init sm3_init
# define hash256_update sm3_update
# define hash256_finish sm3_finish
# define hash256_digest sm3_digest
# define LMOTS_HASH256_N32_W8 LMOTS_SM3_N32_W8
# define LMOTS_HASH256_N32_W8_NAME "LMOTS_SM3_N32_W8"
# define LMS_HASH256_M32_H5 LMS_SM3_M32_H5
# define LMS_HASH256_M32_H10 LMS_SM3_M32_H10
# define LMS_HASH256_M32_H15 LMS_SM3_M32_H15
# define LMS_HASH256_M32_H20 LMS_SM3_M32_H20
# define LMS_HASH256_M32_H25 LMS_SM3_M32_H25
# define LMS_HASH256_M32_H5_NAME "LMS_SM3_M32_H5"
# define LMS_HASH256_M32_H10_NAME "LMS_SM3_M32_H10"
# define LMS_HASH256_M32_H15_NAME "LMS_SM3_M32_H15"
# define LMS_HASH256_M32_H20_NAME "LMS_SM3_M32_H20"
# define LMS_HASH256_M32_H25_NAME "LMS_SM3_M32_H25"
#endif
enum {
LMOTS_RESERVED = 0,
LMOTS_SHA256_N32_W1 = 1,
LMOTS_SHA256_N32_W2 = 2,
LMOTS_SHA256_N32_W4 = 3,
LMOTS_SHA256_N32_W8 = 4,
LMOTS_SM3_N32_W1 = 11,
LMOTS_SM3_N32_W2 = 12,
LMOTS_SM3_N32_W4 = 13,
LMOTS_SM3_N32_W8 = 14,
};
enum {
#if defined(ENABLE_SM3_LMS_CROSSCHECK) && defined(ENABLE_SHA2)
LMS_SHA256_M32_H5 = 5,
LMS_SHA256_M32_H10 = 6,
LMS_SHA256_M32_H15 = 7,
LMS_SHA256_M32_H20 = 8,
LMS_SHA256_M32_H25 = 9,
#else
// TODO: submit to IETF
LMS_SM3_M32_H5 = 5,
LMS_SM3_M32_H10 = 6,
LMS_SM3_M32_H15 = 7,
LMS_SM3_M32_H20 = 8,
LMS_SM3_M32_H25 = 9,
#endif
};
char *sm3_lmots_type_name(int lmots_type);
void sm3_lmots_derive_secrets(const hash256_t seed, const uint8_t I[16], int q, hash256_t x[34]);
void sm3_lmots_secrets_to_public_hash(const uint8_t I[16], int q, const hash256_t x[34], hash256_t pub);
void sm3_lmots_compute_signature(const uint8_t I[16], int q, const hash256_t dgst, const hash256_t x[34], hash256_t y[34]);
void sm3_lmots_signature_to_public_hash(const uint8_t I[16], int q, const hash256_t y[34], const hash256_t dgst, hash256_t pub);
char *sm3_lms_type_name(int lms_type);
int sm3_lms_type_from_name(const char *name);
int sm3_lms_type_to_height(int type, size_t *height);
void sm3_lms_derive_merkle_tree(const hash256_t seed, const uint8_t I[16], int height, hash256_t *tree);
void sm3_lms_derive_merkle_root(const hash256_t seed, const uint8_t I[16], int height, hash256_t root);
typedef struct {
int lms_type;
int lmots_type;
uint8_t I[16]; // lms key identifier
hash256_t root; // merkle tree root
} SM3_LMS_PUBLIC_KEY;
#define SM3_LMS_PUBLIC_KEY_SIZE (4 + 4 + 16 + 32) // = 56 bytes
typedef struct {
SM3_LMS_PUBLIC_KEY public_key;
hash256_t *tree;
hash256_t seed;
uint32_t q; // in [0, 2^h - 1], q++ after every sign
} SM3_LMS_KEY;
#define SM3_LMS_PRIVATE_KEY_SIZE (SM3_LMS_PUBLIC_KEY_SIZE + 32 + 4) // = 92 bytes
// FIXME: do we need a function to update lms_key->q ?
int sm3_lms_key_generate_ex(SM3_LMS_KEY *key, int lms_type, const hash256_t seed, const uint8_t I[16], int cache_tree);
int sm3_lms_key_generate(SM3_LMS_KEY *key, int lms_type);
int sm3_lms_key_check(const SM3_LMS_KEY *key, const SM3_LMS_PUBLIC_KEY *pub);
int sm3_lms_key_remaining_signs(const SM3_LMS_KEY *key, size_t *count);
int sm3_lms_public_key_to_bytes(const SM3_LMS_KEY *key, uint8_t **out, size_t *outlen);
int sm3_lms_public_key_from_bytes_ex(const SM3_LMS_PUBLIC_KEY **key, const uint8_t **in, size_t *inlen);
int sm3_lms_public_key_from_bytes(SM3_LMS_KEY *key, const uint8_t **in, size_t *inlen);
int sm3_lms_private_key_to_bytes(const SM3_LMS_KEY *key, uint8_t **out, size_t *outlen);
int sm3_lms_private_key_from_bytes(SM3_LMS_KEY *key, const uint8_t **in, size_t *inlen);
int sm3_lms_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM3_LMS_PUBLIC_KEY *pub);
int sm3_lms_key_print(FILE *fp, int fmt, int ind, const char *label, const SM3_LMS_KEY *key);
void sm3_lms_key_cleanup(SM3_LMS_KEY *key);
typedef struct {
int q; // index of LMS tree leaf, in [0, 2^h - 1]
struct {
int lmots_type; // LMOTS_SM3_N32_W8 or LMOTS_SHA256_N32_W8 in compile time
hash256_t C; // randomness of every LMOTS signature
hash256_t y[34]; // for w = 8 and hash256, 34 winternitz chains
} lmots_sig;
int lms_type;
hash256_t path[25]; // max tree height = 25 when LMS_SM3_M32_H25
} SM3_LMS_SIGNATURE;
// encoded size, SHOULD be changed when supporting text/der encoding
#define SM3_LMS_SIGNATURE_MIN_SIZE (4 + 4 + 32 + 32*34 + 4 + 32*5) // = 1292 bytes
#define SM3_LMS_SIGNATURE_MAX_SIZE (4 + 4 + 32 + 32*34 + 4 + 32*25) // = 1932 bytes
int sm3_lms_signature_to_merkle_root(const uint8_t I[16], size_t h, int q,
const hash256_t y[34], const hash256_t *path,
const hash256_t dgst, hash256_t root);
/*
* LMS_HASH256_M32_H5 1292
* LMS_HASH256_M32_H10 1452
* LMS_HASH256_M32_H15 1612
* LMS_HASH256_M32_H20 1772
* LMS_HASH256_M32_H25 1932
*/
int sm3_lms_signature_size(int lms_type, size_t *siglen);
int sm3_lms_key_get_signature_size(const SM3_LMS_KEY *key, size_t *siglen);
int sm3_lms_signature_to_bytes(const SM3_LMS_SIGNATURE *sig, uint8_t **out, size_t *outlen);
int sm3_lms_signature_from_bytes_ex(const SM3_LMS_SIGNATURE **sig, size_t *siglen, const uint8_t **in, size_t *inlen);
int sm3_lms_signature_from_bytes(SM3_LMS_SIGNATURE *sig, const uint8_t **in, size_t *inlen);
int sm3_lms_signature_print_ex(FILE *fp, int fmt, int ind, const char *label, const SM3_LMS_SIGNATURE *sig);
int sm3_lms_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen);
typedef struct {
HASH256_CTX hash256_ctx;
SM3_LMS_PUBLIC_KEY lms_public_key; // FIXME: or use LMS_PUBLIC_KEY to re-use tree?
SM3_LMS_SIGNATURE lms_sig;
} SM3_LMS_SIGN_CTX;
int sm3_lms_sign_init(SM3_LMS_SIGN_CTX *ctx, SM3_LMS_KEY *key);
int sm3_lms_sign_update(SM3_LMS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int sm3_lms_sign_finish(SM3_LMS_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen);
int sm3_lms_sign_finish_ex(SM3_LMS_SIGN_CTX *ctx, SM3_LMS_SIGNATURE *sig);
int sm3_lms_verify_init_ex(SM3_LMS_SIGN_CTX *ctx, const SM3_LMS_KEY *key, const SM3_LMS_SIGNATURE *sig);
int sm3_lms_verify_init(SM3_LMS_SIGN_CTX *ctx, const SM3_LMS_KEY *key, const uint8_t *sigbuf, size_t siglen);
int sm3_lms_verify_update(SM3_LMS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int sm3_lms_verify_finish(SM3_LMS_SIGN_CTX *ctx);
// `sm3_lms_sign_init` copy lmots private to ctx->lms_sig.y
// call `sm3_lms_sign_ctx_cleanup` incase `sm3_lms_sign_finish` not called nor finished
void sm3_lms_sign_ctx_cleanup(SM3_LMS_SIGN_CTX *ctx);
/*
// just for reference, HSS_PUBLIC_KEY memory layout might not compatible with HSS_KEY
typedef struct {
uint32_t levels;
SM3_LMS_PUBLIC_KEY lms_public_key;
} SM3_HSS_PUBLIC_KEY;
*/
// SM3_HSS_PUBLIC_KEY: { level, lms_key[0].public_key }
#define SM3_HSS_PUBLIC_KEY_SIZE (4 + SM3_LMS_PUBLIC_KEY_SIZE)
// TODO: LMS_KEY should be a tree other than a vector
// when updated, low level lms keys will lost, maybe a good feature
typedef struct {
uint32_t levels; // should be checked to prevent memory error
SM3_LMS_KEY lms_key[5];
SM3_LMS_SIGNATURE lms_sig[4];
} SM3_HSS_KEY;
#define SM3_HSS_PRIVATE_KEY_MAX_SIZE sizeof(SM3_HSS_KEY)
int sm3_hss_private_key_size(const int *lms_types, size_t levels, size_t *len);
int sm3_hss_key_generate(SM3_HSS_KEY *key, const int *lms_types, size_t levels);
int sm3_hss_key_update(SM3_HSS_KEY *key);
int sm3_hss_public_key_digest(const SM3_HSS_KEY *key, uint8_t dgst[32]);
int sm3_hss_public_key_to_bytes(const SM3_HSS_KEY *key, uint8_t **out, size_t *outlen);
int sm3_hss_private_key_to_bytes(const SM3_HSS_KEY *key, uint8_t **out, size_t *outlen);
int sm3_hss_public_key_from_bytes(SM3_HSS_KEY *key, const uint8_t **in, size_t *inlen);
int sm3_hss_private_key_from_bytes(SM3_HSS_KEY *key, const uint8_t **in, size_t *inlen);
int sm3_hss_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM3_HSS_KEY *key);
int sm3_hss_key_print(FILE *fp, int fmt, int ind, const char *label, const SM3_HSS_KEY *key);
void sm3_hss_key_cleanup(SM3_HSS_KEY *key);
typedef struct {
uint32_t num_signed_public_keys; // = hss_key->levels - 1
struct {
SM3_LMS_SIGNATURE lms_sig; // lms_sig[i] = sign(hss_key->lms_key[i], lms_public_key[i])
SM3_LMS_PUBLIC_KEY lms_public_key; // signed_public_keys[i] = hss_key->lms_key[i+1].public_key
} signed_public_keys[SM3_HSS_MAX_LEVELS - 1];
SM3_LMS_SIGNATURE msg_lms_sig; // = sign(hss->lms_key[levels-1], msg)
} SM3_HSS_SIGNATURE;
#define SM3_HSS_SIGNATURE_MAX_SIZE sizeof(SM3_HSS_SIGNATURE)
int sm3_hss_signature_size(const int *lms_types, size_t levels, size_t *len);
int sm3_hss_key_get_signature_size(const SM3_HSS_KEY *key, size_t *siglen);
int sm3_hss_signature_to_bytes(const SM3_HSS_SIGNATURE *sig, uint8_t **out, size_t *outlen);
int sm3_hss_signature_from_bytes(SM3_HSS_SIGNATURE *sig, const uint8_t **in, size_t *inlen);
int sm3_hss_signature_print_ex(FILE *fp, int fmt, int ind, const char *label, const SM3_HSS_SIGNATURE *sig);
int sm3_hss_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen);
typedef struct {
SM3_LMS_SIGN_CTX lms_ctx;
uint32_t levels;
SM3_LMS_SIGNATURE lms_sigs[SM3_HSS_MAX_LEVELS - 1];
SM3_LMS_PUBLIC_KEY lms_public_keys[SM3_HSS_MAX_LEVELS - 1];
} SM3_HSS_SIGN_CTX;
int sm3_hss_sign_init(SM3_HSS_SIGN_CTX *ctx, SM3_HSS_KEY *key);
int sm3_hss_sign_update(SM3_HSS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int sm3_hss_sign_finish(SM3_HSS_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen);
int sm3_hss_sign_finish_ex(SM3_HSS_SIGN_CTX *ctx, SM3_HSS_SIGNATURE *sig);
int sm3_hss_verify_init_ex(SM3_HSS_SIGN_CTX *ctx, const SM3_HSS_KEY *key, const SM3_HSS_SIGNATURE *sig);
int sm3_hss_verify_init(SM3_HSS_SIGN_CTX *ctx, const SM3_HSS_KEY *key, const uint8_t *sigbuf, size_t siglen);
int sm3_hss_verify_update(SM3_HSS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int sm3_hss_verify_finish(SM3_HSS_SIGN_CTX *ctx);
// X.509 related
#define SM3_HSS_PUBLIC_KEY_DER_SIZE 63
#define SM3_HSS_PUBLIC_KEY_INFO_SIZE 82
int sm3_hss_public_key_to_der(const SM3_HSS_KEY *key, uint8_t **out, size_t *outlen);
int sm3_hss_public_key_from_der(SM3_HSS_KEY *key, const uint8_t **in, size_t *inlen);
int sm3_hss_public_key_algor_to_der(uint8_t **out, size_t *outlen);
int sm3_hss_public_key_algor_from_der(const uint8_t **in, size_t *inlen);
int sm3_hss_public_key_info_to_der(const SM3_HSS_KEY *key, uint8_t **out, size_t *outlen);
int sm3_hss_public_key_info_from_der(SM3_HSS_KEY *key, const uint8_t **in, size_t *inlen);
#ifdef __cplusplus
}
#endif
#endif

468
src/sm3_lms.c → src/lms.c
View File

File diff suppressed because it is too large Load Diff

14
src/x509_alg.c
View File

@@ -16,9 +16,7 @@
#include <gmssl/asn1.h> #include <gmssl/asn1.h>
#include <gmssl/error.h> #include <gmssl/error.h>
#include <gmssl/x509_alg.h> #include <gmssl/x509_alg.h>
#ifdef ENABLE_SM3_LMS
#include <gmssl/sm3_lms.h>
#endif
static uint32_t oid_sm3[] = { 1,2,156,10197,1,401 }; static uint32_t oid_sm3[] = { 1,2,156,10197,1,401 };
static uint32_t oid_md5[] = { 1,2,840,113549,2,5 }; static uint32_t oid_md5[] = { 1,2,840,113549,2,5 };
@@ -357,7 +355,7 @@ static const ASN1_OID_INFO x509_sign_algors[] = {
{ OID_rsasign_with_sha256, "sha256WithRSAEncryption", oid_rsasign_with_sha256, sizeof(oid_rsasign_with_sha256)/sizeof(int), 1 }, { OID_rsasign_with_sha256, "sha256WithRSAEncryption", oid_rsasign_with_sha256, sizeof(oid_rsasign_with_sha256)/sizeof(int), 1 },
{ OID_rsasign_with_sha384, "sha384WithRSAEncryption", oid_rsasign_with_sha384, sizeof(oid_rsasign_with_sha384)/sizeof(int), 1 }, { OID_rsasign_with_sha384, "sha384WithRSAEncryption", oid_rsasign_with_sha384, sizeof(oid_rsasign_with_sha384)/sizeof(int), 1 },
{ OID_rsasign_with_sha512, "sha512WithRSAEncryption", oid_rsasign_with_sha512, sizeof(oid_rsasign_with_sha512)/sizeof(int), 1 }, { OID_rsasign_with_sha512, "sha512WithRSAEncryption", oid_rsasign_with_sha512, sizeof(oid_rsasign_with_sha512)/sizeof(int), 1 },
#ifdef ENABLE_SM3_LMS #ifdef ENABLE_LMS_HSS
{ OID_hss_lms_hashsig, "hss-lms-hashsig", oid_hss_lms_hashsig, sizeof(oid_hss_lms_hashsig)/sizeof(int), 1 }, { OID_hss_lms_hashsig, "hss-lms-hashsig", oid_hss_lms_hashsig, sizeof(oid_hss_lms_hashsig)/sizeof(int), 1 },
#endif #endif
}; };
@@ -577,7 +575,7 @@ static uint32_t oid_ec_public_key[] = { oid_x9_62,2,1 };
static const ASN1_OID_INFO x509_public_key_algors[] = { static const ASN1_OID_INFO x509_public_key_algors[] = {
{ OID_ec_public_key, "ecPublicKey", oid_ec_public_key, sizeof(oid_ec_public_key)/sizeof(int), 0, "X9.62 ecPublicKey" }, { OID_ec_public_key, "ecPublicKey", oid_ec_public_key, sizeof(oid_ec_public_key)/sizeof(int), 0, "X9.62 ecPublicKey" },
{ OID_rsa_encryption, "rsaEncryption", oid_rsa_encryption, sizeof(oid_rsa_encryption)/sizeof(int), 0, "RSAEncryption" }, { OID_rsa_encryption, "rsaEncryption", oid_rsa_encryption, sizeof(oid_rsa_encryption)/sizeof(int), 0, "RSAEncryption" },
#ifdef ENABLE_SM3_LMS #ifdef ENABLE_LMS_HSS
{ OID_hss_lms_hashsig, "hss-lms-hashsig", oid_hss_lms_hashsig, sizeof(oid_hss_lms_hashsig)/sizeof(int), 0, "HSS/LMS HashSig" }, { OID_hss_lms_hashsig, "hss-lms-hashsig", oid_hss_lms_hashsig, sizeof(oid_hss_lms_hashsig)/sizeof(int), 0, "HSS/LMS HashSig" },
#endif #endif
}; };
@@ -630,7 +628,7 @@ int x509_public_key_algor_to_der(int oid, int curve_or_null, uint8_t **out, size
return -1; return -1;
} }
break; break;
#ifdef ENABLE_SM3_LMS #ifdef ENABLE_LMS_HSS
case OID_hss_lms_hashsig: case OID_hss_lms_hashsig:
if (asn1_object_identifier_to_der(oid_hss_lms_hashsig, sizeof(oid_hss_lms_hashsig)/sizeof(int), NULL, &len) != 1 if (asn1_object_identifier_to_der(oid_hss_lms_hashsig, sizeof(oid_hss_lms_hashsig)/sizeof(int), NULL, &len) != 1
|| asn1_null_to_der(NULL, &len) != 1 || asn1_null_to_der(NULL, &len) != 1
@@ -676,7 +674,7 @@ int x509_public_key_algor_from_der(int *oid , int *curve_or_null, const uint8_t
} }
break; break;
case OID_rsa_encryption: case OID_rsa_encryption:
#ifdef ENABLE_SM3_LMS #ifdef ENABLE_LMS_HSS
case OID_hss_lms_hashsig: case OID_hss_lms_hashsig:
#endif #endif
if ((*curve_or_null = asn1_null_from_der(&d, &dlen)) < 0 if ((*curve_or_null = asn1_null_from_der(&d, &dlen)) < 0
@@ -709,7 +707,7 @@ int x509_public_key_algor_print(FILE *fp, int fmt, int ind, const char *label, c
format_print(fp, fmt, ind, "namedCurve: %s\n", ec_named_curve_name(val)); format_print(fp, fmt, ind, "namedCurve: %s\n", ec_named_curve_name(val));
break; break;
case OID_rsa_encryption: case OID_rsa_encryption:
#ifdef ENABLE_SM3_LMS #ifdef ENABLE_LMS_HSS
case OID_hss_lms_hashsig: case OID_hss_lms_hashsig:
#endif #endif
if ((val = asn1_null_from_der(&d, &dlen)) < 0) goto err; if ((val = asn1_null_from_der(&d, &dlen)) < 0) goto err;

332
tests/sm3_lmstest.c → tests/lmstest.c
View File

@@ -13,7 +13,7 @@
#include <gmssl/hex.h> #include <gmssl/hex.h>
#include <gmssl/rand.h> #include <gmssl/rand.h>
#include <gmssl/error.h> #include <gmssl/error.h>
#include <gmssl/sm3_lms.h> #include <gmssl/lms.h>
static int lms_types[] = { static int lms_types[] = {
@@ -23,7 +23,7 @@ static int lms_types[] = {
}; };
#if defined(ENABLE_SM3_LMS_CROSSCHECK) && defined(ENABLE_SHA2) #if defined(ENABLE_LMS_CROSSCHECK) && defined(ENABLE_SHA2)
static int test_rfc8554_test1(void) static int test_rfc8554_test1(void)
{ {
size_t i; size_t i;
@@ -150,10 +150,10 @@ static int test_rfc8554_test1(void)
"09ab3034911fe125631051df0408b3946b0bde790911e8978ba07dd56c73e7ee", "09ab3034911fe125631051df0408b3946b0bde790911e8978ba07dd56c73e7ee",
}; };
SM3_HSS_KEY key; HSS_KEY key;
SM3_HSS_SIGNATURE sig; HSS_SIGNATURE sig;
SM3_LMS_SIGNATURE *lms_sig; LMS_SIGNATURE *lms_sig;
SM3_LMS_PUBLIC_KEY *lms_pub; LMS_PUBLIC_KEY *lms_pub;
size_t len; size_t len;
// hss public key // hss public key
@@ -202,25 +202,25 @@ static int test_rfc8554_test1(void)
hex_to_bytes(sig1_path[i], 64, lms_sig->path[i], &len); hex_to_bytes(sig1_path[i], 64, lms_sig->path[i], &len);
} }
sm3_hss_public_key_print(stderr, 0, 0, "hss_public_key", &key); hss_public_key_print(stderr, 0, 0, "hss_public_key", &key);
sm3_hss_signature_print_ex(stderr, 0, 0, "hss_signature", &sig); hss_signature_print_ex(stderr, 0, 0, "hss_signature", &sig);
SM3_HSS_SIGN_CTX ctx; HSS_SIGN_CTX ctx;
uint8_t data[162]; uint8_t data[162];
hex_to_bytes(msg, strlen(msg), data, &len); hex_to_bytes(msg, strlen(msg), data, &len);
if (sm3_hss_verify_init_ex(&ctx, &key, &sig) != 1) { if (hss_verify_init_ex(&ctx, &key, &sig) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_update(&ctx, data, len) != 1) { if (hss_verify_update(&ctx, data, len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_finish(&ctx) != 1) { if (hss_verify_finish(&ctx) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -242,11 +242,11 @@ static int test_sm3_lmots(void)
hash256_t pub; hash256_t pub;
hash256_t pub2; hash256_t pub2;
sm3_lmots_derive_secrets(seed, I, q, x); // TODO: compare results with test vector lmots_derive_secrets(seed, I, q, x); // TODO: compare results with test vector
sm3_lmots_secrets_to_public_hash(I, q, x, pub); // TODO: compare results with test vector lmots_secrets_to_public_hash(I, q, x, pub); // TODO: compare results with test vector
sm3_lmots_compute_signature(I, q, dgst, x, y); // TODO: compare results with test vector lmots_compute_signature(I, q, dgst, x, y); // TODO: compare results with test vector
sm3_lmots_signature_to_public_hash(I, q, y, dgst, pub2); lmots_signature_to_public_hash(I, q, y, dgst, pub2);
if (memcmp(pub, pub2, 32) != 0) { if (memcmp(pub, pub2, 32) != 0) {
error_print(); error_print();
@@ -257,7 +257,7 @@ static int test_sm3_lmots(void)
return 1; return 1;
} }
static int test_sm3_lms_derive_merkle_root(void) static int test_lms_derive_merkle_root(void)
{ {
hash256_t seed = {0}; // TODO: change to test vector hash256_t seed = {0}; // TODO: change to test vector
uint8_t I[16] = {0}; uint8_t I[16] = {0};
@@ -271,8 +271,8 @@ static int test_sm3_lms_derive_merkle_root(void)
return -1; return -1;
} }
sm3_lms_derive_merkle_tree(seed, I, h, tree); lms_derive_merkle_tree(seed, I, h, tree);
sm3_lms_derive_merkle_root(seed, I, h, root); lms_derive_merkle_root(seed, I, h, root);
if (memcmp(tree[0], root, 32) != 0) { if (memcmp(tree[0], root, 32) != 0) {
free(tree); free(tree);
@@ -285,69 +285,69 @@ static int test_sm3_lms_derive_merkle_root(void)
return 1; return 1;
} }
static int test_sm3_lms_key_generate(void) static int test_lms_key_generate(void)
{ {
SM3_LMS_KEY lms_key; LMS_KEY lms_key;
int lms_type = lms_types[0]; int lms_type = lms_types[0];
if (sm3_lms_key_generate(&lms_key, lms_type) != 1) { if (lms_key_generate(&lms_key, lms_type) != 1) {
error_print(); error_print();
return -1; return -1;
} }
//sm3_lms_key_print(stdout, 0, 0, "lms_key", &lms_key); //lms_key_print(stdout, 0, 0, "lms_key", &lms_key);
printf("%s() ok\n", __FUNCTION__); printf("%s() ok\n", __FUNCTION__);
return 1; return 1;
} }
static int test_sm3_lms_key_to_bytes(void) static int test_lms_key_to_bytes(void)
{ {
SM3_LMS_KEY key; LMS_KEY key;
int lms_type = lms_types[0]; int lms_type = lms_types[0];
uint8_t buf[sizeof(SM3_LMS_KEY) * 2]; uint8_t buf[sizeof(LMS_KEY) * 2];
uint8_t *p = buf; uint8_t *p = buf;
const uint8_t *cp = buf; const uint8_t *cp = buf;
size_t len; size_t len;
if (sm3_lms_key_generate(&key, lms_type) != 1) { if (lms_key_generate(&key, lms_type) != 1) {
error_print(); error_print();
return -1; return -1;
} }
p = buf; p = buf;
len = 0; len = 0;
if (sm3_lms_public_key_to_bytes(&key, &p, &len) != 1) { if (lms_public_key_to_bytes(&key, &p, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (len != SM3_LMS_PUBLIC_KEY_SIZE) { if (len != LMS_PUBLIC_KEY_SIZE) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_lms_private_key_to_bytes(&key, &p, &len) != 1) { if (lms_private_key_to_bytes(&key, &p, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (len != SM3_LMS_PUBLIC_KEY_SIZE + SM3_LMS_PRIVATE_KEY_SIZE) { if (len != LMS_PUBLIC_KEY_SIZE + LMS_PRIVATE_KEY_SIZE) {
error_print(); error_print();
return -1; return -1;
} }
cp = buf; cp = buf;
if (sm3_lms_public_key_from_bytes(&key, &cp, &len) != 1) { if (lms_public_key_from_bytes(&key, &cp, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_lms_key_print(stdout, 0, 4, "lms_public_key", &key); lms_key_print(stdout, 0, 4, "lms_public_key", &key);
if (sm3_lms_private_key_from_bytes(&key, &cp, &len) != 1) { if (lms_private_key_from_bytes(&key, &cp, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_lms_key_print(stdout, 0, 4, "lms_private_key", &key); lms_key_print(stdout, 0, 4, "lms_private_key", &key);
if (len != 0) { if (len != 0) {
error_print(); error_print();
return -1; return -1;
@@ -357,7 +357,7 @@ static int test_sm3_lms_key_to_bytes(void)
return 1; return 1;
} }
static int test_sm3_lms_signature_size(void) static int test_lms_signature_size(void)
{ {
int lms_types[] = { int lms_types[] = {
LMS_HASH256_M32_H5, LMS_HASH256_M32_H5,
@@ -377,7 +377,7 @@ static int test_sm3_lms_signature_size(void)
size_t i; size_t i;
for (i = 0; i < sizeof(lms_types)/sizeof(lms_types[0]); i++) { for (i = 0; i < sizeof(lms_types)/sizeof(lms_types[0]); i++) {
if (sm3_lms_signature_size(lms_types[i], &siglen) != 1) { if (lms_signature_size(lms_types[i], &siglen) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -391,7 +391,7 @@ static int test_sm3_lms_signature_size(void)
return 1; return 1;
} }
static int test_sm3_hss_signature_size(void) static int test_hss_signature_size(void)
{ {
int lms_types[] = { int lms_types[] = {
LMS_HASH256_M32_H5, LMS_HASH256_M32_H5,
@@ -402,17 +402,17 @@ static int test_sm3_hss_signature_size(void)
}; };
size_t siglens[] = { size_t siglens[] = {
4 + 1292, 4 + 1292,
4 + 1292 + SM3_LMS_PUBLIC_KEY_SIZE*1 + 1452, 4 + 1292 + LMS_PUBLIC_KEY_SIZE*1 + 1452,
4 + 1292 + SM3_LMS_PUBLIC_KEY_SIZE*2 + 1452 + 1612, 4 + 1292 + LMS_PUBLIC_KEY_SIZE*2 + 1452 + 1612,
4 + 1292 + SM3_LMS_PUBLIC_KEY_SIZE*3 + 1452 + 1612 + 1772, 4 + 1292 + LMS_PUBLIC_KEY_SIZE*3 + 1452 + 1612 + 1772,
4 + 1292 + SM3_LMS_PUBLIC_KEY_SIZE*4 + 1452 + 1612 + 1772 + 1932, 4 + 1292 + LMS_PUBLIC_KEY_SIZE*4 + 1452 + 1612 + 1772 + 1932,
}; };
size_t siglen; size_t siglen;
size_t i; size_t i;
for (i = 0; i < sizeof(lms_types)/sizeof(lms_types[0]); i++) { for (i = 0; i < sizeof(lms_types)/sizeof(lms_types[0]); i++) {
if (sm3_hss_signature_size(lms_types, i+1, &siglen) != 1) { if (hss_signature_size(lms_types, i+1, &siglen) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -431,17 +431,17 @@ static int test_sm3_hss_signature_size(void)
return 1; return 1;
} }
static int test_sm3_lms_sign(void) static int test_lms_sign(void)
{ {
int lms_type = lms_types[0]; int lms_type = lms_types[0];
SM3_LMS_KEY key; LMS_KEY key;
SM3_LMS_SIGN_CTX ctx; LMS_SIGN_CTX ctx;
uint8_t msg[200]; uint8_t msg[200];
uint8_t sig[SM3_LMS_SIGNATURE_MAX_SIZE]; uint8_t sig[LMS_SIGNATURE_MAX_SIZE];
size_t siglen; size_t siglen;
int ret; int ret;
if (sm3_lms_key_generate(&key, lms_type) != 1) { if (lms_key_generate(&key, lms_type) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -449,33 +449,33 @@ static int test_sm3_lms_sign(void)
memset(&ctx, 0, sizeof(ctx)); memset(&ctx, 0, sizeof(ctx));
memset(sig, 0, sizeof(sig)); memset(sig, 0, sizeof(sig));
if (sm3_lms_sign_init(&ctx, &key) != 1) { if (lms_sign_init(&ctx, &key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_lms_sign_update(&ctx, msg, 100) != 1) { if (lms_sign_update(&ctx, msg, 100) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_lms_sign_update(&ctx, msg + 100, 100) != 1) { if (lms_sign_update(&ctx, msg + 100, 100) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_lms_sign_finish(&ctx, sig, &siglen) != 1) { if (lms_sign_finish(&ctx, sig, &siglen) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (1) { if (1) {
SM3_LMS_SIGNATURE signature; LMS_SIGNATURE signature;
const uint8_t *cp = sig; const uint8_t *cp = sig;
size_t len = siglen; size_t len = siglen;
if (sm3_lms_signature_from_bytes(&signature, &cp, &len) != 1) { if (lms_signature_from_bytes(&signature, &cp, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_lms_signature_print_ex(stderr, 0, 4, "lms_signature", &signature); lms_signature_print_ex(stderr, 0, 4, "lms_signature", &signature);
if (len) { if (len) {
error_print(); error_print();
return -1; return -1;
@@ -484,19 +484,19 @@ static int test_sm3_lms_sign(void)
memset(&ctx, 0, sizeof(ctx)); memset(&ctx, 0, sizeof(ctx));
if (sm3_lms_verify_init(&ctx, &key, sig, siglen) != 1) { if (lms_verify_init(&ctx, &key, sig, siglen) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_lms_verify_update(&ctx, msg, 100) != 1) { if (lms_verify_update(&ctx, msg, 100) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_lms_verify_update(&ctx, msg + 100, 100) != 1) { if (lms_verify_update(&ctx, msg + 100, 100) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if ((ret = sm3_lms_verify_finish(&ctx)) != 1) { if ((ret = lms_verify_finish(&ctx)) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -505,22 +505,22 @@ static int test_sm3_lms_sign(void)
return 1; return 1;
} }
static int test_sm3_lms_max_sigs(void) static int test_lms_max_sigs(void)
{ {
int lms_type = LMS_HASH256_M32_H5; int lms_type = LMS_HASH256_M32_H5;
int height = 5; int height = 5;
SM3_LMS_KEY key; LMS_KEY key;
SM3_LMS_SIGN_CTX ctx; LMS_SIGN_CTX ctx;
int i; int i;
if (sm3_lms_key_generate(&key, lms_type) != 1) { if (lms_key_generate(&key, lms_type) != 1) {
error_print(); error_print();
return -1; return -1;
} }
key.q = 1 << height; key.q = 1 << height;
if (sm3_lms_sign_init(&ctx, &key) == 1) { if (lms_sign_init(&ctx, &key) == 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -529,17 +529,17 @@ static int test_sm3_lms_max_sigs(void)
return 1; return 1;
} }
static int test_sm3_hss_key_generate(void) static int test_hss_key_generate(void)
{ {
SM3_HSS_KEY key; HSS_KEY key;
if (sm3_hss_key_generate(&key, lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) { if (hss_key_generate(&key, lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_hss_public_key_print(stdout, 0, 4, "sm3_hss_public_key", &key); hss_public_key_print(stdout, 0, 4, "hss_public_key", &key);
sm3_hss_key_print(stdout, 0, 4, "sm3_hss_key", &key); hss_key_print(stdout, 0, 4, "hss_key", &key);
printf("%s() ok\n", __FUNCTION__); printf("%s() ok\n", __FUNCTION__);
return 1; return 1;
@@ -547,11 +547,11 @@ static int test_sm3_hss_key_generate(void)
static int test_sm3_hss_key_update_level1(void) static int test_hss_key_update_level1(void)
{ {
SM3_HSS_KEY key; HSS_KEY key;
memset(&key, 0, sizeof(SM3_HSS_KEY)); memset(&key, 0, sizeof(HSS_KEY));
key.levels = 1; key.levels = 1;
key.lms_key[0].public_key.lms_type = LMS_HASH256_M32_H25; key.lms_key[0].public_key.lms_type = LMS_HASH256_M32_H25;
@@ -559,7 +559,7 @@ static int test_sm3_hss_key_update_level1(void)
key.lms_key[0].q = (1 << 25); key.lms_key[0].q = (1 << 25);
// out of keys // out of keys
if (sm3_hss_key_update(&key) != 0) { if (hss_key_update(&key) != 0) {
error_print(); error_print();
return -1; return -1;
} }
@@ -568,23 +568,23 @@ static int test_sm3_hss_key_update_level1(void)
return 1; return 1;
} }
static int test_sm3_hss_key_update_level2(void) static int test_hss_key_update_level2(void)
{ {
int lms_types[] = { int lms_types[] = {
LMS_HASH256_M32_H5, LMS_HASH256_M32_H5,
LMS_HASH256_M32_H5, LMS_HASH256_M32_H5,
}; };
SM3_HSS_KEY key; HSS_KEY key;
int i; int i;
if (sm3_hss_key_generate(&key, lms_types, 2) != 1) { if (hss_key_generate(&key, lms_types, 2) != 1) {
error_print(); error_print();
return -1; return -1;
} }
key.lms_key[1].q = 32; key.lms_key[1].q = 32;
// update 1 // update 1
if (sm3_hss_key_update(&key) != 1) { if (hss_key_update(&key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -597,7 +597,7 @@ static int test_sm3_hss_key_update_level2(void)
// update 2 // update 2
key.lms_key[1].q = 32; key.lms_key[1].q = 32;
if (sm3_hss_key_update(&key) != 1) { if (hss_key_update(&key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -611,7 +611,7 @@ static int test_sm3_hss_key_update_level2(void)
// update 31 // update 31
key.lms_key[0].q = 31; key.lms_key[0].q = 31;
key.lms_key[1].q = 32; key.lms_key[1].q = 32;
if (sm3_hss_key_update(&key) != 1) { if (hss_key_update(&key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -624,7 +624,7 @@ static int test_sm3_hss_key_update_level2(void)
// update 32, key space exhausted, return 0 // update 32, key space exhausted, return 0
key.lms_key[1].q = 32; key.lms_key[1].q = 32;
if (sm3_hss_key_update(&key) != 0) { if (hss_key_update(&key) != 0) {
error_print(); error_print();
return -1; return -1;
} }
@@ -635,7 +635,7 @@ static int test_sm3_hss_key_update_level2(void)
static int test_sm3_hss_key_update_level5(void) static int test_hss_key_update_level5(void)
{ {
int lms_types[] = { int lms_types[] = {
LMS_HASH256_M32_H5, LMS_HASH256_M32_H5,
@@ -644,10 +644,10 @@ static int test_sm3_hss_key_update_level5(void)
LMS_HASH256_M32_H5, LMS_HASH256_M32_H5,
LMS_HASH256_M32_H5, LMS_HASH256_M32_H5,
}; };
SM3_HSS_KEY key; HSS_KEY key;
int i; int i;
if (sm3_hss_key_generate(&key, lms_types, 5) != 1) { if (hss_key_generate(&key, lms_types, 5) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -667,7 +667,7 @@ static int test_sm3_hss_key_update_level5(void)
// level-4 update // level-4 update
key.lms_key[4].q = 32; key.lms_key[4].q = 32;
if (sm3_hss_key_update(&key) != 1) { if (hss_key_update(&key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -694,7 +694,7 @@ static int test_sm3_hss_key_update_level5(void)
key.lms_key[3].q = 32; key.lms_key[3].q = 32;
key.lms_sig[3].q = 31; key.lms_sig[3].q = 31;
key.lms_key[4].q = 32; key.lms_key[4].q = 32;
if (sm3_hss_key_update(&key) != 1) { if (hss_key_update(&key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -721,7 +721,7 @@ static int test_sm3_hss_key_update_level5(void)
key.lms_key[3].q = 32; key.lms_key[3].q = 32;
key.lms_sig[3].q = 31; key.lms_sig[3].q = 31;
key.lms_key[4].q = 32; key.lms_key[4].q = 32;
if (sm3_hss_key_update(&key) != 1) { if (hss_key_update(&key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -748,7 +748,7 @@ static int test_sm3_hss_key_update_level5(void)
key.lms_key[3].q = 32; key.lms_key[3].q = 32;
key.lms_sig[3].q = 31; key.lms_sig[3].q = 31;
key.lms_key[4].q = 32; key.lms_key[4].q = 32;
if (sm3_hss_key_update(&key) != 0) { if (hss_key_update(&key) != 0) {
error_print(); error_print();
return -1; return -1;
} }
@@ -757,16 +757,16 @@ static int test_sm3_hss_key_update_level5(void)
return 1; return 1;
} }
static int test_sm3_hss_key_to_bytes(void) static int test_hss_key_to_bytes(void)
{ {
SM3_HSS_KEY key; HSS_KEY key;
uint8_t buf[SM3_HSS_PUBLIC_KEY_SIZE + sizeof(SM3_HSS_KEY)]; uint8_t buf[HSS_PUBLIC_KEY_SIZE + sizeof(HSS_KEY)];
uint8_t *p = buf; uint8_t *p = buf;
const uint8_t *cp = buf; const uint8_t *cp = buf;
size_t len; size_t len;
if (sm3_hss_key_generate(&key, if (hss_key_generate(&key,
lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) { lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) {
error_print(); error_print();
return -1; return -1;
@@ -774,32 +774,32 @@ static int test_sm3_hss_key_to_bytes(void)
p = buf; p = buf;
len = 0; len = 0;
if (sm3_hss_public_key_to_bytes(&key, &p, &len) != 1) { if (hss_public_key_to_bytes(&key, &p, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (len != SM3_HSS_PUBLIC_KEY_SIZE) { if (len != HSS_PUBLIC_KEY_SIZE) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_private_key_to_bytes(&key, &p, &len) != 1) { if (hss_private_key_to_bytes(&key, &p, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
cp = buf; cp = buf;
if (sm3_hss_public_key_from_bytes(&key, &cp, &len) != 1) { if (hss_public_key_from_bytes(&key, &cp, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_hss_public_key_print(stdout, 0, 4, "lms_public_key", &key); hss_public_key_print(stdout, 0, 4, "lms_public_key", &key);
if (sm3_hss_private_key_from_bytes(&key, &cp, &len) != 1) { if (hss_private_key_from_bytes(&key, &cp, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_hss_key_print(stdout, 0, 4, "lms_private_key", &key); hss_key_print(stdout, 0, 4, "lms_private_key", &key);
if (len != 0) { if (len != 0) {
error_print(); error_print();
return -1; return -1;
@@ -809,43 +809,43 @@ static int test_sm3_hss_key_to_bytes(void)
return 1; return 1;
} }
static int test_sm3_hss_sign_level1(void) static int test_hss_sign_level1(void)
{ {
int levels = 1; int levels = 1;
SM3_HSS_KEY key; HSS_KEY key;
SM3_HSS_SIGN_CTX ctx; HSS_SIGN_CTX ctx;
SM3_HSS_SIGNATURE sig; HSS_SIGNATURE sig;
uint8_t msg[200]; uint8_t msg[200];
uint8_t buf[sizeof(SM3_HSS_SIGNATURE)]; uint8_t buf[sizeof(HSS_SIGNATURE)];
size_t len; size_t len;
if (sm3_hss_key_generate(&key, lms_types, levels) != 1) { if (hss_key_generate(&key, lms_types, levels) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_sign_init(&ctx, &key) != 1) { if (hss_sign_init(&ctx, &key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_sign_update(&ctx, msg, sizeof(msg)) != 1) { if (hss_sign_update(&ctx, msg, sizeof(msg)) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_sign_finish(&ctx, buf, &len) != 1) { if (hss_sign_finish(&ctx, buf, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_init(&ctx, &key, buf, len) != 1) { if (hss_verify_init(&ctx, &key, buf, len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_update(&ctx, msg, sizeof(msg)) != 1) { if (hss_verify_update(&ctx, msg, sizeof(msg)) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_finish(&ctx) != 1) { if (hss_verify_finish(&ctx) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -854,47 +854,47 @@ static int test_sm3_hss_sign_level1(void)
return 1; return 1;
} }
static int test_sm3_hss_sign_level2(void) static int test_hss_sign_level2(void)
{ {
int levels = 2; int levels = 2;
SM3_HSS_KEY key; HSS_KEY key;
SM3_HSS_SIGN_CTX ctx; HSS_SIGN_CTX ctx;
SM3_HSS_SIGNATURE sig; HSS_SIGNATURE sig;
uint8_t msg[200]; uint8_t msg[200];
uint8_t buf[sizeof(SM3_HSS_SIGNATURE)]; uint8_t buf[sizeof(HSS_SIGNATURE)];
size_t len; size_t len;
if (sm3_hss_key_generate(&key, lms_types, levels) != 1) { if (hss_key_generate(&key, lms_types, levels) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_hss_key_print(stderr, 0, 4, "sm3_hss_key", &key); hss_key_print(stderr, 0, 4, "hss_key", &key);
if (sm3_hss_sign_init(&ctx, &key) != 1) { if (hss_sign_init(&ctx, &key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_sign_update(&ctx, msg, sizeof(msg)) != 1) { if (hss_sign_update(&ctx, msg, sizeof(msg)) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_sign_finish(&ctx, buf, &len) != 1) { if (hss_sign_finish(&ctx, buf, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_hss_signature_print(stderr, 0, 4, "sm3_hss_signature", buf, len); hss_signature_print(stderr, 0, 4, "hss_signature", buf, len);
if (sm3_hss_verify_init(&ctx, &key, buf, len) != 1) { if (hss_verify_init(&ctx, &key, buf, len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_update(&ctx, msg, sizeof(msg)) != 1) { if (hss_verify_update(&ctx, msg, sizeof(msg)) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_finish(&ctx) != 1) { if (hss_verify_finish(&ctx) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -903,46 +903,46 @@ static int test_sm3_hss_sign_level2(void)
return 1; return 1;
} }
static int test_sm3_hss_sign(void) static int test_hss_sign(void)
{ {
SM3_HSS_KEY key; HSS_KEY key;
SM3_HSS_SIGN_CTX ctx; HSS_SIGN_CTX ctx;
SM3_HSS_SIGNATURE sig; HSS_SIGNATURE sig;
uint8_t msg[200]; uint8_t msg[200];
uint8_t buf[sizeof(SM3_HSS_SIGNATURE)]; uint8_t buf[sizeof(HSS_SIGNATURE)];
size_t len; size_t len;
if (sm3_hss_key_generate(&key, lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) { if (hss_key_generate(&key, lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_hss_key_print(stderr, 0, 4, "sm3_hss_key", &key); hss_key_print(stderr, 0, 4, "hss_key", &key);
if (sm3_hss_sign_init(&ctx, &key) != 1) { if (hss_sign_init(&ctx, &key) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_sign_update(&ctx, msg, sizeof(msg)) != 1) { if (hss_sign_update(&ctx, msg, sizeof(msg)) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_sign_finish(&ctx, buf, &len) != 1) { if (hss_sign_finish(&ctx, buf, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
sm3_hss_signature_print(stderr, 0, 4, "sm3_hss_signature", buf, len); hss_signature_print(stderr, 0, 4, "hss_signature", buf, len);
if (sm3_hss_verify_init(&ctx, &key, buf, len) != 1) { if (hss_verify_init(&ctx, &key, buf, len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_update(&ctx, msg, sizeof(msg)) != 1) { if (hss_verify_update(&ctx, msg, sizeof(msg)) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_verify_finish(&ctx) != 1) { if (hss_verify_finish(&ctx) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -951,33 +951,33 @@ static int test_sm3_hss_sign(void)
return 1; return 1;
} }
static int test_sm3_hss_public_key_algor(void) static int test_hss_public_key_algor(void)
{ {
int lms_types[] = { int lms_types[] = {
LMS_HASH256_M32_H5 LMS_HASH256_M32_H5
}; };
SM3_HSS_KEY key; HSS_KEY key;
uint8_t buf[512]; uint8_t buf[512];
const uint8_t *cp; const uint8_t *cp;
uint8_t *p; uint8_t *p;
size_t len; size_t len;
if (sm3_hss_key_generate(&key, lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) { if (hss_key_generate(&key, lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) {
error_print(); error_print();
return -1; return -1;
} }
cp = p = buf; cp = p = buf;
len = 0; len = 0;
if (sm3_hss_public_key_to_der(&key, &p, &len) != 1) { if (hss_public_key_to_der(&key, &p, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
fprintf(stderr, "HSS-LMS-HashSig-PublicKey ::= OCTET STRING\n"); fprintf(stderr, "HSS-LMS-HashSig-PublicKey ::= OCTET STRING\n");
fprintf(stderr, "hss_public_key der size = %zu\n", len); fprintf(stderr, "hss_public_key der size = %zu\n", len);
memset(&key, 0, sizeof(SM3_HSS_KEY)); memset(&key, 0, sizeof(HSS_KEY));
if (sm3_hss_public_key_from_der(&key, &cp, &len) != 1) { if (hss_public_key_from_der(&key, &cp, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -989,11 +989,11 @@ static int test_sm3_hss_public_key_algor(void)
cp = p = buf; cp = p = buf;
len = 0; len = 0;
if (sm3_hss_public_key_algor_to_der(&p, &len) != 1) { if (hss_public_key_algor_to_der(&p, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (sm3_hss_public_key_algor_from_der(&cp, &len) != 1) { if (hss_public_key_algor_from_der(&cp, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -1005,13 +1005,13 @@ static int test_sm3_hss_public_key_algor(void)
cp = p = buf; cp = p = buf;
len = 0; len = 0;
if (sm3_hss_public_key_info_to_der(&key, &p, &len) != 1) { if (hss_public_key_info_to_der(&key, &p, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
fprintf(stderr, "HSSPublicKeyInfo DER size = %zu\n", len); fprintf(stderr, "HSSPublicKeyInfo DER size = %zu\n", len);
memset(&key, 0, sizeof(SM3_HSS_KEY)); memset(&key, 0, sizeof(HSS_KEY));
if (sm3_hss_public_key_info_from_der(&key, &cp, &len) != 1) { if (hss_public_key_info_from_der(&key, &cp, &len) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -1029,26 +1029,26 @@ static int test_sm3_hss_public_key_algor(void)
int main(void) int main(void)
{ {
#if defined(ENABLE_SM3_LMS_CROSSCHECK) && defined(ENABLE_SHA2) #if defined(ENABLE_LMS_CROSSCHECK) && defined(ENABLE_SHA2)
if (test_rfc8554_test1() != 1) goto err; if (test_rfc8554_test1() != 1) goto err;
#endif #endif
if (test_sm3_lmots() != 1) goto err; if (test_sm3_lmots() != 1) goto err;
if (test_sm3_lms_derive_merkle_root() != 1) goto err; if (test_lms_derive_merkle_root() != 1) goto err;
if (test_sm3_lms_key_generate() != 1) goto err; if (test_lms_key_generate() != 1) goto err;
if (test_sm3_lms_key_to_bytes() != 1) goto err; if (test_lms_key_to_bytes() != 1) goto err;
if (test_sm3_lms_signature_size() != 1) goto err; if (test_lms_signature_size() != 1) goto err;
if (test_sm3_lms_sign() != 1) goto err; if (test_lms_sign() != 1) goto err;
if (test_sm3_lms_max_sigs() != 1) goto err; if (test_lms_max_sigs() != 1) goto err;
if (test_sm3_hss_key_generate() != 1) goto err; if (test_hss_key_generate() != 1) goto err;
if (test_sm3_hss_key_to_bytes() != 1) goto err; if (test_hss_key_to_bytes() != 1) goto err;
if (test_sm3_hss_key_update_level1() != 1) goto err; if (test_hss_key_update_level1() != 1) goto err;
if (test_sm3_hss_key_update_level2() != 1) goto err; if (test_hss_key_update_level2() != 1) goto err;
if (test_sm3_hss_key_update_level5() != 1) goto err; if (test_hss_key_update_level5() != 1) goto err;
if (test_sm3_hss_signature_size() != 1) goto err; if (test_hss_signature_size() != 1) goto err;
if (test_sm3_hss_sign_level1() != 1) goto err; if (test_hss_sign_level1() != 1) goto err;
if (test_sm3_hss_sign_level2() != 1) goto err; if (test_hss_sign_level2() != 1) goto err;
if (test_sm3_hss_sign() != 1) goto err; if (test_hss_sign() != 1) goto err;
if (test_sm3_hss_public_key_algor() != 1) goto err; if (test_hss_public_key_algor() != 1) goto err;
printf("%s all tests passed\n", __FILE__); printf("%s all tests passed\n", __FILE__);
return 0; return 0;

54
tools/gmssl.c
View File

@@ -64,13 +64,13 @@ extern int tls12_client_main(int argc, char **argv);
extern int tls12_server_main(int argc, char **argv); extern int tls12_server_main(int argc, char **argv);
extern int tls13_client_main(int argc, char **argv); extern int tls13_client_main(int argc, char **argv);
extern int tls13_server_main(int argc, char **argv); extern int tls13_server_main(int argc, char **argv);
#ifdef ENABLE_SM3_LMS #ifdef ENABLE_LMS_HSS
extern int sm3lmskeygen_main(int argc, char **argv); extern int lmskeygen_main(int argc, char **argv);
extern int sm3lmssign_main(int argc, char **argv); extern int lmssign_main(int argc, char **argv);
extern int sm3lmsverify_main(int argc, char **argv); extern int lmsverify_main(int argc, char **argv);
extern int sm3hsskeygen_main(int argc, char **argv); extern int hsskeygen_main(int argc, char **argv);
extern int sm3hsssign_main(int argc, char **argv); extern int hsssign_main(int argc, char **argv);
extern int sm3hssverify_main(int argc, char **argv); extern int hssverify_main(int argc, char **argv);
#endif #endif
#ifdef ENABLE_SM3_XMSS #ifdef ENABLE_SM3_XMSS
extern int sm3xmss_keygen_main(int argc, char **argv); extern int sm3xmss_keygen_main(int argc, char **argv);
@@ -139,13 +139,13 @@ static const char *options =
" cmsdecrypt Decrypt CMS EnvelopedData\n" " cmsdecrypt Decrypt CMS EnvelopedData\n"
" cmssign Generate CMS SignedData\n" " cmssign Generate CMS SignedData\n"
" cmsverify Verify CMS SignedData\n" " cmsverify Verify CMS SignedData\n"
#ifdef ENABLE_SM3_LMS #ifdef ENABLE_LMS_HSS
" sm3lmskeygen Generate SM3-LMS keypair\n" " lmskeygen Generate SM3-LMS keypair\n"
" sm3lmssign Generate LMS signature\n" " lmssign Generate LMS signature\n"
" sm3lmsverify Verify LMS signature\n" " lmsverify Verify LMS signature\n"
" sm3hsskeygen Generate SM3-HSS keypair\n" " hsskeygen Generate SM3-HSS keypair\n"
" sm3hsssign Generate HSS signature\n" " hsssign Generate HSS signature\n"
" sm3hssverify Verify HSS signature\n" " hssverify Verify HSS signature\n"
#endif #endif
#ifdef ENABLE_SM3_XMSS #ifdef ENABLE_SM3_XMSS
" sm3xmss_keygen Generate SM3-XMSS keypair\n" " sm3xmss_keygen Generate SM3-XMSS keypair\n"
@@ -304,19 +304,19 @@ int main(int argc, char **argv)
return tls13_client_main(argc, argv); return tls13_client_main(argc, argv);
} else if (!strcmp(*argv, "tls13_server")) { } else if (!strcmp(*argv, "tls13_server")) {
return tls13_server_main(argc, argv); return tls13_server_main(argc, argv);
#ifdef ENABLE_SM3_LMS #ifdef ENABLE_LMS_HSS
} else if (!strcmp(*argv, "sm3lmskeygen")) { } else if (!strcmp(*argv, "lmskeygen")) {
return sm3lmskeygen_main(argc, argv); return lmskeygen_main(argc, argv);
} else if (!strcmp(*argv, "sm3lmssign")) { } else if (!strcmp(*argv, "lmssign")) {
return sm3lmssign_main(argc, argv); return lmssign_main(argc, argv);
} else if (!strcmp(*argv, "sm3lmsverify")) { } else if (!strcmp(*argv, "lmsverify")) {
return sm3lmsverify_main(argc, argv); return lmsverify_main(argc, argv);
} else if (!strcmp(*argv, "sm3hsskeygen")) { } else if (!strcmp(*argv, "hsskeygen")) {
return sm3hsskeygen_main(argc, argv); return hsskeygen_main(argc, argv);
} else if (!strcmp(*argv, "sm3hsssign")) { } else if (!strcmp(*argv, "hsssign")) {
return sm3hsssign_main(argc, argv); return hsssign_main(argc, argv);
} else if (!strcmp(*argv, "sm3hssverify")) { } else if (!strcmp(*argv, "hssverify")) {
return sm3hssverify_main(argc, argv); return hssverify_main(argc, argv);
#endif #endif
#ifdef ENABLE_SM3_XMSS #ifdef ENABLE_SM3_XMSS
} else if (!strcmp(*argv, "sm3xmss_keygen")) { } else if (!strcmp(*argv, "sm3xmss_keygen")) {

20
tools/sm3hsskeygen.c → tools/hsskeygen.c
View File

@@ -14,7 +14,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/mem.h> #include <gmssl/mem.h>
#include <gmssl/error.h> #include <gmssl/error.h>
#include <gmssl/sm3_lms.h> #include <gmssl/lms.h>
static const char *usage = "-lms_types types -out file [-pubout file] [-verbose]\n"; static const char *usage = "-lms_types types -out file [-pubout file] [-verbose]\n";
@@ -36,7 +36,7 @@ static const char *options =
#define LMS_TYPES_STR_MAX_SIZE (sizeof("LMS_SM3_M32_H20_NAME") * 5) #define LMS_TYPES_STR_MAX_SIZE (sizeof("LMS_SM3_M32_H20_NAME") * 5)
int sm3hsskeygen_main(int argc, char **argv) int hsskeygen_main(int argc, char **argv)
{ {
int ret = 1; int ret = 1;
char *prog = argv[0]; char *prog = argv[0];
@@ -49,9 +49,9 @@ int sm3hsskeygen_main(int argc, char **argv)
int levels = 0; int levels = 0;
FILE *outfp = NULL; FILE *outfp = NULL;
FILE *puboutfp = stdout; FILE *puboutfp = stdout;
SM3_HSS_KEY key; HSS_KEY key;
uint8_t out[SM3_HSS_PRIVATE_KEY_MAX_SIZE]; uint8_t out[HSS_PRIVATE_KEY_MAX_SIZE];
uint8_t pubout[SM3_HSS_PUBLIC_KEY_SIZE]; uint8_t pubout[HSS_PUBLIC_KEY_SIZE];
uint8_t *pout = out; uint8_t *pout = out;
uint8_t *ppubout = pubout; uint8_t *ppubout = pubout;
size_t outlen = 0, puboutlen = 0; size_t outlen = 0, puboutlen = 0;
@@ -78,7 +78,7 @@ int sm3hsskeygen_main(int argc, char **argv)
tok = strtok(lms_types_str, ":"); tok = strtok(lms_types_str, ":");
while (tok) { while (tok) {
if (!(lms_types_val[levels] = sm3_lms_type_from_name(tok))) { if (!(lms_types_val[levels] = lms_type_from_name(tok))) {
fprintf(stderr, "%s: invalid lms_type `%s`\n", prog, tok); fprintf(stderr, "%s: invalid lms_type `%s`\n", prog, tok);
goto end; goto end;
} }
@@ -122,15 +122,15 @@ bad:
goto end; goto end;
} }
if (sm3_hss_key_generate(&key, lms_types_val, levels) != 1) { if (hss_key_generate(&key, lms_types_val, levels) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (verbose) { if (verbose) {
sm3_hss_public_key_print(stderr, 0, 0, "hss_public_key", &key); hss_public_key_print(stderr, 0, 0, "hss_public_key", &key);
} }
if (sm3_hss_private_key_to_bytes(&key, &pout, &outlen) != 1) { if (hss_private_key_to_bytes(&key, &pout, &outlen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
@@ -139,7 +139,7 @@ bad:
goto end; goto end;
} }
if (sm3_hss_public_key_to_bytes(&key, &ppubout, &puboutlen) != 1) { if (hss_public_key_to_bytes(&key, &ppubout, &puboutlen) != 1) {
error_print(); error_print();
goto end; goto end;
} }

28
tools/sm3hsssign.c → tools/hsssign.c
View File

@@ -14,7 +14,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/mem.h> #include <gmssl/mem.h>
#include <gmssl/error.h> #include <gmssl/error.h>
#include <gmssl/sm3_lms.h> #include <gmssl/lms.h>
static const char *usage = "-key file [-in file] [-out file] [-verbose]\n"; static const char *usage = "-key file [-in file] [-out file] [-verbose]\n";
@@ -26,7 +26,7 @@ static const char *options =
" -verbose Print public key and signature\n" " -verbose Print public key and signature\n"
"\n"; "\n";
int sm3hsssign_main(int argc, char **argv) int hsssign_main(int argc, char **argv)
{ {
int ret = 1; int ret = 1;
char *prog = argv[0]; char *prog = argv[0];
@@ -37,13 +37,13 @@ int sm3hsssign_main(int argc, char **argv)
FILE *keyfp = NULL; FILE *keyfp = NULL;
FILE *infp = stdin; FILE *infp = stdin;
FILE *outfp = stdout; FILE *outfp = stdout;
uint8_t keybuf[SM3_HSS_PRIVATE_KEY_MAX_SIZE]; uint8_t keybuf[HSS_PRIVATE_KEY_MAX_SIZE];
size_t keylen = SM3_HSS_PRIVATE_KEY_MAX_SIZE; size_t keylen = HSS_PRIVATE_KEY_MAX_SIZE;
const uint8_t *cp = keybuf; const uint8_t *cp = keybuf;
uint8_t *p = keybuf; uint8_t *p = keybuf;
SM3_HSS_KEY key; HSS_KEY key;
SM3_HSS_SIGN_CTX ctx; HSS_SIGN_CTX ctx;
uint8_t sig[SM3_HSS_SIGNATURE_MAX_SIZE]; uint8_t sig[HSS_SIGNATURE_MAX_SIZE];
size_t siglen; size_t siglen;
argc--; argc--;
@@ -104,7 +104,7 @@ bad:
fprintf(stderr, "%s: read private key failure\n", prog); fprintf(stderr, "%s: read private key failure\n", prog);
goto end; goto end;
} }
if (sm3_hss_private_key_from_bytes(&key, &cp, &keylen) != 1) { if (hss_private_key_from_bytes(&key, &cp, &keylen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
@@ -114,17 +114,17 @@ bad:
} }
if (verbose) { if (verbose) {
sm3_hss_public_key_print(stderr, 0, 0, "hss_public_key", &key); hss_public_key_print(stderr, 0, 0, "hss_public_key", &key);
} }
if (sm3_hss_sign_init(&ctx, &key) != 1) { if (hss_sign_init(&ctx, &key) != 1) {
error_print(); error_print();
goto end; goto end;
} }
// write updated key back to file // write updated key back to file
// TODO: write back `q` only // TODO: write back `q` only
if (sm3_hss_private_key_to_bytes(&key, &p, &keylen) != 1) { if (hss_private_key_to_bytes(&key, &p, &keylen) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -140,12 +140,12 @@ bad:
if (len == 0) { if (len == 0) {
break; break;
} }
if (sm3_hss_sign_update(&ctx, buf, len) != 1) { if (hss_sign_update(&ctx, buf, len) != 1) {
error_print(); error_print();
goto end; goto end;
} }
} }
if (sm3_hss_sign_finish(&ctx, sig, &siglen) != 1) { if (hss_sign_finish(&ctx, sig, &siglen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
@@ -154,7 +154,7 @@ bad:
goto end; goto end;
} }
if (verbose) { if (verbose) {
sm3_hss_signature_print(stderr, 0, 0, "hss_signature", sig, siglen); hss_signature_print(stderr, 0, 0, "hss_signature", sig, siglen);
} }
ret = 0; ret = 0;

28
tools/sm3hssverify.c → tools/hssverify.c
View File

@@ -14,7 +14,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/mem.h> #include <gmssl/mem.h>
#include <gmssl/error.h> #include <gmssl/error.h>
#include <gmssl/sm3_lms.h> #include <gmssl/lms.h>
static const char *usage = "-pubkey file [-in file] -sig file [-verbose]\n"; static const char *usage = "-pubkey file [-in file] -sig file [-verbose]\n";
@@ -26,7 +26,7 @@ static const char *options =
" -verbose Print public key and signature\n" " -verbose Print public key and signature\n"
"\n"; "\n";
int sm3hssverify_main(int argc, char **argv) int hssverify_main(int argc, char **argv)
{ {
int ret = 1; int ret = 1;
char *prog = argv[0]; char *prog = argv[0];
@@ -37,13 +37,13 @@ int sm3hssverify_main(int argc, char **argv)
FILE *pubkeyfp = NULL; FILE *pubkeyfp = NULL;
FILE *infp = stdin; FILE *infp = stdin;
FILE *sigfp = NULL; FILE *sigfp = NULL;
uint8_t pubkeybuf[SM3_HSS_PUBLIC_KEY_SIZE]; uint8_t pubkeybuf[HSS_PUBLIC_KEY_SIZE];
size_t pubkeylen = SM3_HSS_PUBLIC_KEY_SIZE; size_t pubkeylen = HSS_PUBLIC_KEY_SIZE;
const uint8_t *cp = pubkeybuf; const uint8_t *cp = pubkeybuf;
uint8_t sig[SM3_HSS_SIGNATURE_MAX_SIZE]; uint8_t sig[HSS_SIGNATURE_MAX_SIZE];
size_t siglen; size_t siglen;
SM3_HSS_KEY key; HSS_KEY key;
SM3_HSS_SIGN_CTX ctx; HSS_SIGN_CTX ctx;
int vr; int vr;
argc--; argc--;
@@ -108,23 +108,23 @@ bad:
fprintf(stderr, "%s: read public key failure\n", prog); fprintf(stderr, "%s: read public key failure\n", prog);
goto end; goto end;
} }
if (sm3_hss_public_key_from_bytes(&key, &cp, &pubkeylen) != 1) { if (hss_public_key_from_bytes(&key, &cp, &pubkeylen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
if (verbose) { if (verbose) {
sm3_hss_public_key_print(stderr, 0, 0, "lms_public_key", &key); hss_public_key_print(stderr, 0, 0, "lms_public_key", &key);
} }
// read signature even if signature not compatible with the public key // read signature even if signature not compatible with the public key
if ((siglen = fread(sig, 1, SM3_HSS_SIGNATURE_MAX_SIZE, sigfp)) <= 0) { if ((siglen = fread(sig, 1, HSS_SIGNATURE_MAX_SIZE, sigfp)) <= 0) {
fprintf(stderr, "%s: read signature failure\n", prog); fprintf(stderr, "%s: read signature failure\n", prog);
goto end; goto end;
} }
if (verbose) { if (verbose) {
sm3_hss_signature_print(stderr, 0, 0, "lms_signature", sig, siglen); hss_signature_print(stderr, 0, 0, "lms_signature", sig, siglen);
} }
if (sm3_hss_verify_init(&ctx, &key, sig, siglen) != 1) { if (hss_verify_init(&ctx, &key, sig, siglen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
@@ -135,12 +135,12 @@ bad:
if (len == 0) { if (len == 0) {
break; break;
} }
if (sm3_hss_verify_update(&ctx, buf, len) != 1) { if (hss_verify_update(&ctx, buf, len) != 1) {
error_print(); error_print();
goto end; goto end;
} }
} }
if ((vr = sm3_hss_verify_finish(&ctx)) < 0) { if ((vr = hss_verify_finish(&ctx)) < 0) {
error_print(); error_print();
goto end; goto end;
} }

20
tools/sm3lmskeygen.c → tools/lmskeygen.c
View File

@@ -14,7 +14,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/mem.h> #include <gmssl/mem.h>
#include <gmssl/error.h> #include <gmssl/error.h>
#include <gmssl/sm3_lms.h> #include <gmssl/lms.h>
static const char *usage = "-lms_type type -out file [-pubout file] [-verbose]\n"; static const char *usage = "-lms_type type -out file [-pubout file] [-verbose]\n";
@@ -32,7 +32,7 @@ static const char *options =
" -verbose Print public key\n" " -verbose Print public key\n"
"\n"; "\n";
int sm3lmskeygen_main(int argc, char **argv) int lmskeygen_main(int argc, char **argv)
{ {
int ret = 1; int ret = 1;
char *prog = argv[0]; char *prog = argv[0];
@@ -43,9 +43,9 @@ int sm3lmskeygen_main(int argc, char **argv)
int verbose = 0; int verbose = 0;
FILE *outfp = NULL; FILE *outfp = NULL;
FILE *puboutfp = stdout; FILE *puboutfp = stdout;
SM3_LMS_KEY key; LMS_KEY key;
uint8_t out[SM3_LMS_PRIVATE_KEY_SIZE]; uint8_t out[LMS_PRIVATE_KEY_SIZE];
uint8_t pubout[SM3_LMS_PUBLIC_KEY_SIZE]; uint8_t pubout[LMS_PUBLIC_KEY_SIZE];
uint8_t *pout = out; uint8_t *pout = out;
uint8_t *ppubout = pubout; uint8_t *ppubout = pubout;
size_t outlen = 0, puboutlen = 0; size_t outlen = 0, puboutlen = 0;
@@ -67,7 +67,7 @@ int sm3lmskeygen_main(int argc, char **argv)
} else if (!strcmp(*argv, "-lms_type")) { } else if (!strcmp(*argv, "-lms_type")) {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
lms_type = *(++argv); lms_type = *(++argv);
if (!(lms_type_val = sm3_lms_type_from_name(lms_type))) { if (!(lms_type_val = lms_type_from_name(lms_type))) {
fprintf(stderr, "%s: invalid lms_type `%s`\n", prog, lms_type); fprintf(stderr, "%s: invalid lms_type `%s`\n", prog, lms_type);
goto end; goto end;
} }
@@ -108,15 +108,15 @@ bad:
goto end; goto end;
} }
if (sm3_lms_key_generate(&key, lms_type_val) != 1) { if (lms_key_generate(&key, lms_type_val) != 1) {
error_print(); error_print();
return -1; return -1;
} }
if (verbose) { if (verbose) {
sm3_lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key); lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key);
} }
if (sm3_lms_private_key_to_bytes(&key, &pout, &outlen) != 1) { if (lms_private_key_to_bytes(&key, &pout, &outlen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
@@ -125,7 +125,7 @@ bad:
goto end; goto end;
} }
if (sm3_lms_public_key_to_bytes(&key, &ppubout, &puboutlen) != 1) { if (lms_public_key_to_bytes(&key, &ppubout, &puboutlen) != 1) {
error_print(); error_print();
goto end; goto end;
} }

28
tools/sm3lmssign.c → tools/lmssign.c
View File

@@ -14,7 +14,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/mem.h> #include <gmssl/mem.h>
#include <gmssl/error.h> #include <gmssl/error.h>
#include <gmssl/sm3_lms.h> #include <gmssl/lms.h>
static const char *usage = "-key file [-in file] [-out file] [-verbose]\n"; static const char *usage = "-key file [-in file] [-out file] [-verbose]\n";
@@ -26,7 +26,7 @@ static const char *options =
" -verbose Print public key and signature\n" " -verbose Print public key and signature\n"
"\n"; "\n";
int sm3lmssign_main(int argc, char **argv) int lmssign_main(int argc, char **argv)
{ {
int ret = 1; int ret = 1;
char *prog = argv[0]; char *prog = argv[0];
@@ -37,13 +37,13 @@ int sm3lmssign_main(int argc, char **argv)
FILE *keyfp = NULL; FILE *keyfp = NULL;
FILE *infp = stdin; FILE *infp = stdin;
FILE *outfp = stdout; FILE *outfp = stdout;
uint8_t keybuf[SM3_LMS_PRIVATE_KEY_SIZE]; uint8_t keybuf[LMS_PRIVATE_KEY_SIZE];
size_t keylen = SM3_LMS_PRIVATE_KEY_SIZE; size_t keylen = LMS_PRIVATE_KEY_SIZE;
const uint8_t *cp = keybuf; const uint8_t *cp = keybuf;
uint8_t *p = keybuf; uint8_t *p = keybuf;
SM3_LMS_KEY key; LMS_KEY key;
SM3_LMS_SIGN_CTX ctx; LMS_SIGN_CTX ctx;
uint8_t sig[SM3_LMS_SIGNATURE_MAX_SIZE]; uint8_t sig[LMS_SIGNATURE_MAX_SIZE];
size_t siglen; size_t siglen;
argc--; argc--;
@@ -104,7 +104,7 @@ bad:
fprintf(stderr, "%s: read private key failure\n", prog); fprintf(stderr, "%s: read private key failure\n", prog);
goto end; goto end;
} }
if (sm3_lms_private_key_from_bytes(&key, &cp, &keylen) != 1) { if (lms_private_key_from_bytes(&key, &cp, &keylen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
@@ -114,17 +114,17 @@ bad:
} }
if (verbose) { if (verbose) {
sm3_lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key); lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key);
} }
if (sm3_lms_sign_init(&ctx, &key) != 1) { if (lms_sign_init(&ctx, &key) != 1) {
error_print(); error_print();
goto end; goto end;
} }
// write updated key back to file // write updated key back to file
// TODO: write back `q` only // TODO: write back `q` only
if (sm3_lms_private_key_to_bytes(&key, &p, &keylen) != 1) { if (lms_private_key_to_bytes(&key, &p, &keylen) != 1) {
error_print(); error_print();
return -1; return -1;
} }
@@ -140,12 +140,12 @@ bad:
if (len == 0) { if (len == 0) {
break; break;
} }
if (sm3_lms_sign_update(&ctx, buf, len) != 1) { if (lms_sign_update(&ctx, buf, len) != 1) {
error_print(); error_print();
goto end; goto end;
} }
} }
if (sm3_lms_sign_finish(&ctx, sig, &siglen) != 1) { if (lms_sign_finish(&ctx, sig, &siglen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
@@ -154,7 +154,7 @@ bad:
goto end; goto end;
} }
if (verbose) { if (verbose) {
sm3_lms_signature_print(stderr, 0, 0, "lms_signature", sig, siglen); lms_signature_print(stderr, 0, 0, "lms_signature", sig, siglen);
} }
ret = 0; ret = 0;

28
tools/sm3lmsverify.c → tools/lmsverify.c
View File

@@ -14,7 +14,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/mem.h> #include <gmssl/mem.h>
#include <gmssl/error.h> #include <gmssl/error.h>
#include <gmssl/sm3_lms.h> #include <gmssl/lms.h>
static const char *usage = "-pubkey file [-in file] -sig file [-verbose]\n"; static const char *usage = "-pubkey file [-in file] -sig file [-verbose]\n";
@@ -26,7 +26,7 @@ static const char *options =
" -verbose Print public key and signature\n" " -verbose Print public key and signature\n"
"\n"; "\n";
int sm3lmsverify_main(int argc, char **argv) int lmsverify_main(int argc, char **argv)
{ {
int ret = 1; int ret = 1;
char *prog = argv[0]; char *prog = argv[0];
@@ -37,13 +37,13 @@ int sm3lmsverify_main(int argc, char **argv)
FILE *pubkeyfp = NULL; FILE *pubkeyfp = NULL;
FILE *infp = stdin; FILE *infp = stdin;
FILE *sigfp = NULL; FILE *sigfp = NULL;
uint8_t pubkeybuf[SM3_LMS_PUBLIC_KEY_SIZE]; uint8_t pubkeybuf[LMS_PUBLIC_KEY_SIZE];
size_t pubkeylen = SM3_LMS_PUBLIC_KEY_SIZE; size_t pubkeylen = LMS_PUBLIC_KEY_SIZE;
const uint8_t *cp = pubkeybuf; const uint8_t *cp = pubkeybuf;
uint8_t sig[SM3_LMS_SIGNATURE_MAX_SIZE]; uint8_t sig[LMS_SIGNATURE_MAX_SIZE];
size_t siglen; size_t siglen;
SM3_LMS_KEY key; LMS_KEY key;
SM3_LMS_SIGN_CTX ctx; LMS_SIGN_CTX ctx;
int vr; int vr;
argc--; argc--;
@@ -108,23 +108,23 @@ bad:
fprintf(stderr, "%s: read public key failure\n", prog); fprintf(stderr, "%s: read public key failure\n", prog);
goto end; goto end;
} }
if (sm3_lms_public_key_from_bytes(&key, &cp, &pubkeylen) != 1) { if (lms_public_key_from_bytes(&key, &cp, &pubkeylen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
if (verbose) { if (verbose) {
sm3_lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key); lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key);
} }
// read signature even if signature not compatible with the public key // read signature even if signature not compatible with the public key
if ((siglen = fread(sig, 1, SM3_LMS_SIGNATURE_MAX_SIZE, sigfp)) <= 0) { if ((siglen = fread(sig, 1, LMS_SIGNATURE_MAX_SIZE, sigfp)) <= 0) {
fprintf(stderr, "%s: read signature failure\n", prog); fprintf(stderr, "%s: read signature failure\n", prog);
goto end; goto end;
} }
if (verbose) { if (verbose) {
sm3_lms_signature_print(stderr, 0, 0, "lms_signature", sig, siglen); lms_signature_print(stderr, 0, 0, "lms_signature", sig, siglen);
} }
if (sm3_lms_verify_init(&ctx, &key, sig, siglen) != 1) { if (lms_verify_init(&ctx, &key, sig, siglen) != 1) {
error_print(); error_print();
goto end; goto end;
} }
@@ -135,12 +135,12 @@ bad:
if (len == 0) { if (len == 0) {
break; break;
} }
if (sm3_lms_verify_update(&ctx, buf, len) != 1) { if (lms_verify_update(&ctx, buf, len) != 1) {
error_print(); error_print();
goto end; goto end;
} }
} }
if ((vr = sm3_lms_verify_finish(&ctx)) < 0) { if ((vr = lms_verify_finish(&ctx)) < 0) {
error_print(); error_print();
goto end; goto end;
} }