Add LMS key_update callback

2026-05-06 16:36:16 +08:00 · 2026-01-18 12:12:45 +08:00
parent 47639a9e23
commit 9488128154
9 changed files with 355 additions and 374 deletions
--- a/tools/gmssl.c
+++ b/tools/gmssl.c
@@ -64,7 +64,7 @@ extern int tls12_client_main(int argc, char **argv);
 extern int tls12_server_main(int argc, char **argv);
 extern int tls13_client_main(int argc, char **argv);
 extern int tls13_server_main(int argc, char **argv);
-#ifdef ENABLE_LMS_HSS
+#ifdef ENABLE_LMS
 extern int lmskeygen_main(int argc, char **argv);
 extern int lmssign_main(int argc, char **argv);
 extern int lmsverify_main(int argc, char **argv);
@@ -154,7 +154,7 @@ static const char *options =
 	"  cmsdecrypt        Decrypt CMS EnvelopedData\n"
 	"  cmssign           Generate CMS SignedData\n"
 	"  cmsverify         Verify CMS SignedData\n"
-#ifdef ENABLE_LMS_HSS
+#ifdef ENABLE_LMS
 	"  lmskeygen         Generate LMS-SM3 (Leighton-Micali Signature) keypair\n"
 	"  lmssign           Generate LMS-SM3 signature\n"
 	"  lmsverify         Verify LMS-SM3 signature\n"
@@ -334,7 +334,7 @@ int main(int argc, char **argv)
 			return tls13_client_main(argc, argv);
 		} else if (!strcmp(*argv, "tls13_server")) {
 			return tls13_server_main(argc, argv);
-#ifdef ENABLE_LMS_HSS
+#ifdef ENABLE_LMS
 		} else if (!strcmp(*argv, "lmskeygen")) {
 			return lmskeygen_main(argc, argv);
 		} else if (!strcmp(*argv, "lmssign")) {
--- a/tools/hsssign.c
+++ b/tools/hsssign.c
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2014-2025 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
 *
 *  Licensed under the Apache License, Version 2.0 (the License); you may
 *  not use this file except in compliance with the License.
@@ -26,6 +26,36 @@ static const char *options =
 "    -verbose                    Print public key and signature\n"
 "\n";

+static int key_update_cb(HSS_KEY *key)
+{
+	FILE *fp;
+	uint8_t buf[HSS_PRIVATE_KEY_MAX_SIZE];
+	uint8_t *p = buf;
+	size_t len = 0;
+
+	if (!key->update_param) {
+		error_print();
+		return -1;
+	}
+	fp = (FILE *)key->update_param;
+
+	if (hss_private_key_to_bytes(key, &p, &len) != 1) {
+		error_print();
+		return -1;
+	}
+	rewind(fp);
+	if (fwrite(buf, 1, len, fp) != len
+		|| fflush(fp) != 0) {
+		gmssl_secure_clear(buf, sizeof(buf));
+		error_print();
+		return -1;
+	}
+	// TODO: need fsync to make sure data is written to disk
+	// but fsync need <unistd.h>, not std C
+	gmssl_secure_clear(buf, sizeof(buf));
+	return 1;
+}
+
 int hsssign_main(int argc, char **argv)
 {
 	int ret = 1;
@@ -112,28 +142,21 @@ bad:
 	}
 	if (keylen) {
 		error_print();
-		return -1;
+		goto end;
 	}

 	if (verbose) {
 		hss_public_key_print(stderr, 0, 0, "hss_public_key", &key);
 	}

-	if (hss_sign_init(&ctx, &key) != 1) {
+	if (hss_key_set_update_callback(&key, key_update_cb, keyfp) != 1) {
 		error_print();
 		goto end;
 	}

-	// write updated key back to file
-	// TODO: write back `q` only
-	if (hss_private_key_to_bytes(&key, &p, &keylen) != 1) {
+	if (hss_sign_init(&ctx, &key) != 1) {
 		error_print();
-		return -1;
-	}
-	rewind(keyfp);
-	if (fwrite(keybuf, 1, keylen, keyfp) != keylen) {
-		error_print();
-		return -1;
+		goto end;
 	}

 	while (1) {
--- a/tools/lmskeygen.c
+++ b/tools/lmskeygen.c
@@ -115,7 +115,7 @@ bad:
 		return -1;
 	}
 	if (verbose) {
-		lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key);
+		lms_public_key_print(stderr, 0, 0, "lms_public_key", &key);
 	}

 	if (lms_private_key_to_bytes(&key, &pout, &outlen) != 1) {
--- a/tools/lmssign.c
+++ b/tools/lmssign.c
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2014-2025 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
 *
 *  Licensed under the Apache License, Version 2.0 (the License); you may
 *  not use this file except in compliance with the License.
@@ -26,6 +26,36 @@ static const char *options =
 "    -verbose                    Print public key and signature\n"
 "\n";

+static int key_update_cb(LMS_KEY *key)
+{
+	FILE *fp;
+	uint8_t buf[LMS_PRIVATE_KEY_SIZE];
+	uint8_t *p = buf;
+	size_t len = 0;
+
+	if (!key->update_param) {
+		error_print();
+		return -1;
+	}
+	fp = (FILE *)key->update_param;
+
+	if (lms_private_key_to_bytes(key, &p, &len) != 1) {
+		error_print();
+		return -1;
+	}
+	rewind(fp);
+	if (fwrite(buf, 1, len, fp) != len
+		|| fflush(fp) != 0) {
+		gmssl_secure_clear(buf, sizeof(buf));
+		error_print();
+		return -1;
+	}
+	// TODO: need fsync to make sure data is written to disk
+	// but fsync need <unistd.h>, not std C
+	gmssl_secure_clear(buf, sizeof(buf));
+	return 1;
+}
+
 int lmssign_main(int argc, char **argv)
 {
 	int ret = 1;
@@ -116,7 +146,12 @@ bad:
 	}

 	if (verbose) {
-		lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key);
+		lms_public_key_print(stderr, 0, 0, "lms_public_key", &key);
+	}
+
+	if (lms_key_set_update_callback(&key, key_update_cb, keyfp) != 1) {
+		error_print();
+		goto end;
 	}

 	if (lms_sign_init(&ctx, &key) != 1) {
@@ -124,18 +159,6 @@ bad:
 		goto end;
 	}

-	// write updated key back to file
-	// TODO: write back `q` only
-	if (lms_private_key_to_bytes(&key, &p, &keylen) != 1) {
-		error_print();
-		return -1;
-	}
-	rewind(keyfp);
-	if (fwrite(keybuf, 1, keylen, keyfp) != keylen) {
-		error_print();
-		return -1;
-	}
-
 	while (1) {
 		uint8_t buf[1024];
 		size_t len = fread(buf, 1, sizeof(buf), infp);
--- a/tools/lmsverify.c
+++ b/tools/lmsverify.c
@@ -113,7 +113,7 @@ bad:
 		goto end;
 	}
 	if (verbose) {
-		lms_public_key_print(stderr, 0, 0, "lms_public_key", &key.public_key);
+		lms_public_key_print(stderr, 0, 0, "lms_public_key", &key);
 	}

 	// read signature even if signature not compatible with the public key