Add Stateful Signature (XMSS and LMS) #1650

Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu>

* init external and parameters * fix the size of pk and sk * add cmakelist for xmss_sha256_h10 * add comment * fix format err * fix compiler warning of size_t * update to match local * add remain and total API * add sigs_remaining and sigs_total * add const to API * add kat_sig_stfl * to pass the format test * fix typo * verbose error * let's see if this work * use UINT64_MAX constant * goto err to avoid memory leaks * safe arithmetic using unsigned int and initialize lengths array * fix iteration type to match its comparison * using unsigned int instead of uint32_t to match with comparison * use memset to initialize default value * convert to unsigned int * propagate unsigned int * clean up * remove randombytes, use OQS_randombytes instead. * use calloc instead of malloc for secret_key memory initialization * remove randombytes from CMakeLists.txt * remove makefile * using namespace to separate core_hash.c * rename katfile * add test and kats for test_kat.py * add compile definition for core_hash.c * add type for t * fix typo

* Re-add OQS_SECRET_KEY * Updates per review and formating changes * Set function callback for 'free'. * Address escaped PR comment * fix formatting * Update src/sig_stfl/sig_stfl.h Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com> --------- Co-authored-by: Norman Ashley <nashley@cisco.com>

* Add base LMS library * ignore use of free() by adding // IGNORE free-check * ignore use of free() by adding // IGNORE free-check

* populate all 28 XMSS parameters * clean up * remove wanrings in scanbuild * change free to OQS_MEM_insecure_free * fix build warning * fix integer in i386 platforms * proper type for sigs_remain and sig_maximum * remove size_t in signature remain and total * make scan-build happy

* Support LMS H5_W1 * Fix style check * Rename CmakeLists.txt CMakeLists.txt * Add namespace * Address issues from scan results * Address SA issue * Fix formatting * Fix formatting * Commit Duc's SA fixes * Fix mem leak, and compiler warning.

* Convert API to use OQS_SIG_STFL_SECRET_KEY * Update formatting

* Initial addition of sig_stfl API and dummy XMSS variant * add secret key object * allocate and free using wrapper function instead of malloc/free * cleaner function signature * Fix comment * Delete old file * Missing newline * Missing newlines

* Use secret key struct in LMS. Update de/serialize sk API * Updates per comments * Update per comments * Fix mem leak * Address scan bild issue * Removed unused variable * Remove unused struc member * Address macOS-noopenssl build failures

* Add serialize and deserialize to XMSS --------- Co-authored-by: Norman Ashley <nashley@cisco.com>

* Callback implemention updating secret key. * Block XMSS from secret key tests until after support code has been added. * Remove / from test file names * Format * Address SA issues * Fix mem leak * Fix mem leak * Address various comments * Fix SA issue

* Add mutex protection around access to stateful secret key * Formatting. * Clean up warnings * Exclude XMSS from some tests temporarily * Remove commented code. * Document use of callback functions for secret key thread safe protection and storage.

* Added functions to query the total, as well as, the remaining numbers of signing operation for a given secret key. * Cleanup unused variable * Fix code style

* Added new LMS varients. Removed unneeded vector functions from secret key data struc. * Add LMS variants * Fix formatting

* Update XMSS to use callbacks. Update test cases. * Fix format * Fix SA issues * Fix format * Fix SA issue * set secure function callback for KAT tests. Block slow tests * set secure function callback for KAT tests. Block slow tests.

* Init * convert all variable length array to malloc/free fix astyle fixed all memory errors * refactor XMSS and XMSS^MT, shorten LOC * clean up unused function * TODO: restore core_hash.c later * Add activate_lock and activate_unlock functions * Add `bool is_locked` to retain lock information, and adjust function signatures * cleanup test_sig_stfl.c * remove const in LMS_serialize_key and add `is_locked` to OQS_SIG_STFL_SECRET_KEY initialization * fix astyle error * fix astyle. I have to update local astyle to 3.4.10 * remove incorrect comments * remove unsued variables * fix if guard * fix const warnings * fix namespace error. revert core_hash.c to original namespace separation * move XMSS_free to internal of XMSS * Fix memory leaks * fix astyle format * fix typo * improve readablity * Update OID comment. * Trim the space * Remove mutex status bool * Remove use of mutex status bool. Use recursive mutex” src/sig_stfl/lms/sig_stfl_lms.c src/sig_stfl/xmss/sig_stfl_xmss_secret_key_functions.c tests/test_sig_stfl.c * rename lock function * simplify the check with 0 * Fix grammar * add `const` back to serialize. Reorder parameters to follow liboqs convention * use inner_serialize to avoid recursive lock * add return code in case pthread API has errors * fix scan_build NULL error --------- Co-authored-by: Norman Ashley <nashley@cisco.com>

* Enhanced with new SHA2 API that allows arbitary length updates * Fix style * Fix format * Document struct members * Fix comparison sign * Use OQS SHA2 API * Add nl at end * Use OQS_MEM_secure_free instead of free * Updated per review... mem check after malloc, use memcpy * Fix style

* 2-level LMS Support * Add LMS KAT from RFC 8554 * Fix format * Add multi level LMS variants supported by other libraried * Added 2-Level LMS Variants. Updated test vector format per code review comments. Updated tests accordingly. * Removed unused variable * Update per comments * Added stateful example application and review comments * Fixed use of uninit var * Update some comments * rename LMS KAT files * rename LMS KAT files * Added LMS KAT * rename KAT file * add individual options * add missing N32 in algorithm name * Use strip to remove new line, instead of [1:-2]. Add algo_dir = lms * Rename KATs.json for LMS * Shorten LMS names * Supported KAT files for LMS * Remove unsupported KAT files * Fix format * Fix mem leak * Add testcase for hash corner. Fix hash increment problem. * Fix formatting --------- Co-authored-by: Duc Nguyen <ductri.nguyen@sandboxquantum.com>

* Fix build err when built with no thread * Enable KAT * Add Generated test * Fix typo * update formatting * Fix typo * Fix build issues * Fix undefined error * Fixed SA issue * Fixed warnings * Skip variant that exceeds timeout * Fix style format * Fix various build issues

* Fix windows-x86 and arm compiling error. --------- Co-authored-by: Norman Ashley <nashley@cisco.com>

* Add sig_stfl to configure.md * Add OQS_MEM_checked_malloc and OQS_MEM_checked_aligned_alloc * Use memcpy and checked_malloc

* update the stateful siganture header documentation * catch the case when mutex is not set * stress that only the Signing operation need to be locked/unlocked. * make lock and unlock function to internal APIs.

Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Update documentation and license text. * Fix missing CR in calls to printf * Updates per review comments

* Add Apache 2.0 and MIT License to XMSS

* Disable stateful signature as default. When enabled, key and signature generation is disabled by default. Only signature verification is allowed. Key and signature generation can be enabled by defining OQS_ENABLE_SIG_STFL_KEY_SIG_GEN * Fixed format * Address unused variables * Update .CMake/alg_support.cmake Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update CONFIGURE.md Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca> * Update example_sig_stfl.c Fixed compile error, unused function. Added a negative test when stateful signature is disabled. * Fix build error. Allow some key generation tests to run as negative tests when key and sig gen is off * Fix format * Fix build error * Fix build error --------- Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Use OQS_SIG data struct for verify only capability. Refactor code via macro * Fix format issues * Fix build error * Fix build error * Remove comments

Co-authored-by: Duc Nguyen <ductri.nguyen@sandboxquantum.com>

…T) AND CC0-1.0` (#1697) * include CC0 and convert to Apache 2.0 OR MIT * update license * Add missing CC0-1.0

* Add return status for XMSS lock/unlock functions. * it should say return ERROR instead of SUCCESS.

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* remove unused file * move malloc from prf and prf_keygen to external, reduce number of malloc/free calls * push malloc/free to top level function * continue to move malloc/free to upper level * clean up * modify TODO to TODO(from upstream) * make astyle happy * clean up * use malloc and NULL check

Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu>

…y errors (#1755) * Add "EXPERIMENTAL" to keygen / sign enable switch * Add CI tests for macos * Zero-initialize aux_data * Fix test program arg parsing * Fix typo * Valgrind testing for stateful sigs * Satisfy astyle * Use calloc instead of malloc / memset

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

…ation Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Co-authored-by: Jason Goertzen <133878263+jgoertzen-sb@users.noreply.github.com> Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Co-authored-by: Douglas Stebila <dstebila@users.noreply.github.com> Signed-off-by: Norman Ashley <nashley@cisco.com>

* Address stateful-sigs comments in #1650 (#1656) * Add sig_stfl to configure.md * Add OQS_MEM_checked_malloc and OQS_MEM_checked_aligned_alloc * Use memcpy and checked_malloc * Zeroing internal state memory on heap Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu> * make astyle happy Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu> * secure free for wots key,sig tree stack Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu> * revert * fix markdown link invalid Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu> * fix markdown link, work with doxygen 1.10 Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu> --------- Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu> Co-authored-by: Duc Nguyen <106774416+ducnguyen-sb@users.noreply.github.com>

* Simplify security assumption in docs * Get rid of commented functions * Rename sm variable; use OQS_MEM_cleanse * Clean up TODOs * Update markdown files

I, Douglas Stebila, retroactively sign off on these commits: commit b0c06fa Fix API and build issues commit 7b59154 Add SIG_STFL to tests/dump_alg_info commit 8e1dd5c Update sig_stfl dummy scheme and add basic test program commit c9c3835 Re-add OQS_SECRET_KEY (#1493) Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca>

commit 001e96a Update GitHub Actions workflows for stateful signatures (#1692) commit 8524a16 Post-rebase cleanup commit 5da49e3 Satisfy astyle commit a535114 Fix macOS build error: lld -> llu commit 71ee535 Bring EVP_DigestUpdate calls in line with main commit 154d8e4 Fix test program linkage for cross-compiling commit e92aab3 Stateful sigs: Rename keygen / sign option, add more tests, fix memory errors (#1755) commit b075878 Clean up OQS_SIG_STFL_SECRET_KEY_free commit db000c2 Remove unused sig member commit 9b60f60 Naming convention for serialize / deserialize functions commit 7dd4ea0 Test stateful sigs on arm64, s390x, and powerpc (#1772) commit 31bdf13 Clean up unresolved comments on stateful-sigs PR (#1793) commit 8e75f98 Update config variable name commit ca27922 Strengthen warning in CONFIGURE.md Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

commit 244288f Add XMSS parameter xmss_sha256_h10 (#1482) commit a7e26d9 Add 12 XMSS and 16 XMSSMT parameters. (#1489) commit 4694fc3 Add secret key object to XMSS (#1530) commit 99067be Add XMSS Serialize/Deserialize (#1542) commit 2dbfc40 Update XMSS secret key object APIs, sync with LMS (#1588) commit 47740ad Enforce idx from unsigned int to uint32_t. (#1611) commit 9610576 Fix windows-x86 and arm compiling error. (#1634) commit bb658b7 Address stateful-sigs comments in #1650 (#1656) commit 7db8ddf Update `sig_stfl.h` document for #1650 (#1655) commit c3e5750 Add Apache 2.0 and MIT License to XMSS (#1662) commit e1f02b2 Change XMSS License from `(Apache 2.0 AND MIT)` to `(Apache 2.0 OR MIT) AND CC0-1.0` (#1697) commit 17c12c3 Add return status for XMSS lock/unlock functions. (#1712) commit 1941636 Add return check for lock/unlock function (#1727) commit b45415c Use `abort()` instead of exit to get the trace log. (#1728) commit ba63672 Reduce number of `malloc/free` call in `XMSS/external` (#1724) Signed-off-by: Duc Tri Nguyen <dnguye69@gmu.edu>

commit e356ebf Na lms (#1486) commit 55094c3 LMS H5_W1 (#1513) commit 4d773d7 Convert to use OQS_SIG_STFL_SECRET_KEY struct (#1525) commit 245aede LMS updated to use new SK API (#1533) commit a85a9aa Stateful sigs secret key storage callback (#1553) commit 3934949 Na statful sig lock (#1559) commit 3db6b44 Secret Key Query (#1572) commit 2446c64 Na stateful sigs lms var (#1574) commit 8df2539 Stateful sigs XMSS updates (#1590) commit a7b2987 SHA2 Increment with arbitrary length (non-block sizes) (#1614) commit 2dd9e07 Na lms kat multi level (#1620) commit 982b440 Fix Build Errors (#1635) commit ddae644 Various fixes commit cc50ef0 Fix warning commit cf03392 Update README.md commit 9325713 Update README.md commit a52b217 Update README.md commit d442ac9 Update README.md commit 72ab478 Update README.md commit 5967f12 Update src/CMakeLists.txt commit fc6d512 Update documentation and license text. (#1663) commit e7a83c7 Disable Stateful Signatures in the build by default (#1676) commit 6c81bae Na stateful macro (#1687) Signed-off-by: Norman Ashley <nashley@cisco.com>

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add Stateful Signature (XMSS and LMS) #1650

Add Stateful Signature (XMSS and LMS) #1650

Commits on May 14, 2024

Commits on May 23, 2024

Commits on May 30, 2024

Commits on Jun 4, 2024

Commits on Jun 5, 2024