aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/xmss
Commit message (Collapse)AuthorAgeFilesLines
* Remove deprecated headers, make more headers internalJack Lloyd2020-11-0614-137/+7
| | | | | | | | | Now modules default to internal headers instead of defaulting to public; making a new public API should be a visible and intentional choice. Brings the public header count from over 300 to around 150. Also removes the deprecated tls_blocking interface
* More header mergingJack Lloyd2020-11-0314-771/+769
|
* Add missing includeJack Lloyd2020-11-013-0/+3
|
* More cleanup of XMSS headersJack Lloyd2020-11-018-518/+480
| | | | Merge xmss_privatekey.h and xmss_publickey.h -> xmss.h
* Add missing includeJack Lloyd2020-10-311-0/+1
|
* Make several XMSS implementation headers internalJack Lloyd2020-10-3119-88/+112
| | | | | | This is nominally a SemVer break but there is no legit use for these APIs by applications, and most of them were not even exported via visibility attributes.
* Merge some of the ASN.1 headersJack Lloyd2020-10-314-7/+4
| | | | | Deprecate asn1_str.h asn1_time.h asn1_oid.h and alg_id.h with all contents moved to existing asn1_obj.h
* Resolve Doxygen warningsJack Lloyd2020-10-281-0/+2
|
* fix "string is not a member of std" error on windows compilation without threadsIbrahim Soliman Mohamed Soliman2020-08-241-0/+2
|
* Fix cppcheck findingsRené Fischer2020-06-051-1/+1
|
* fix leaf index size in comment for XMSS_Signature::bytes()Philippe Lieser2020-05-201-2/+2
|
* Avoid UbSan false positive in GCCJack Lloyd2020-04-0610-125/+95
| | | | | | | | | | | | | Unfortunately GCC's UbSan errors out when we cast the function pointer derived from XMSS_Common_Ops as a XMSS_PrivateKey::* then use an XMSS_PrivateKey* as this. Clang accepts it. Curiously, it works in GCC if we use an XMSS_Common_Ops::* instead, but Clang rejects that at compile time. Short of compiler specific logic which is probably fragile, just make everything from XMSS_Common_Ops static instead of being inherited.
* Build and link the tests and cli on baremetal as wellJack Lloyd2020-03-151-0/+4
| | | | | | | | Not actually useful for the most part but it ensures everything builds in a no-filesystem environment which is useful. Add a OS feature for atomic operations since these aren't necessarily available.
* Fix MSVC warnings in XMSSJack Lloyd2019-12-066-19/+20
|
* Add -Werror mode for CI buildJack Lloyd2019-12-032-15/+17
|
* Fix unreachable codeJack Lloyd2019-11-251-1/+0
| | | | Flagged by Coverity.
* Add missing certificatesRené Korthaus2019-10-232-0/+2
|
* Add support for XMSS X.509 certificatesRené Korthaus2019-10-215-25/+74
|
* Deprecate many publically available headersJack Lloyd2019-09-066-1/+13
|
* Add Private_Key::stateful_operation and use it in cli signerJack Lloyd2019-07-301-0/+2
|
* Fix various MSVC warningsJack Lloyd2019-06-291-1/+1
|
* Change XMSS OIDs and feature macro nameJack Lloyd2019-06-231-1/+1
| | | | Since draft6 and final RFC are not compatible ...
* Use qualified-id for XMSS key size checkMatthias Gierlings2019-06-212-2/+2
| | | | | | Explicitly choose the correct size() method for the key size check during XMSS_PublicKey and XMSS_PrivateKey construction.
* Fix param names to match RFCJack Lloyd2019-05-131-24/+24
|
* Fix param namesJack Lloyd2019-05-101-23/+23
|
* Serialize XMSS leaf index as four bytesMatthias Gierlings2019-05-063-10/+6
| | | | | | | | | | | | | Internally XMSS uses a 64 Bit type for the leaf index. This patch removes the four leading zero bytes from the XMSS leaf index and serializes it as a four byte value as described in RFC 8391. Test cases are adjusted accordingly. The 64 Bit type is kept internally which potentially allows for code reuse when implementing XMSS^MT on top of the current XMSS code.
* Updates copyright noticesMatthias Gierlings2019-05-0611-11/+11
|
* Updates references to XMSS the standard documentMatthias Gierlings2019-05-0611-47/+37
|
* Updates XMSS parameters corresponding to RFC 8391Matthias Gierlings2019-05-064-92/+92
| | | | | Changes XMSS and XMSS WOTS algorithm names and OIDs to correspond to RFC 8391.
* Remove unnecessary cmath includesJack Lloyd2019-03-262-6/+9
|
* Remove previous runtime testing for thread countersJack Lloyd2019-03-262-132/+0
|
* Use the global thread pool for XMSS signaturesJack Lloyd2019-03-261-34/+37
| | | | | | | * i7-6700K (4 core w/SMT): 10% improvements * Ryzen 7 2700 (8 core w/SMT): 25% improvement except SHA-256 which is over twice as fast. * POWER8 (160 cores w/SMT): between 25 and 60% faster
* Rename Integrity_Failure to Invalid_Authentication_TagJack Lloyd2019-01-185-12/+9
| | | | | | | | | This makes the meaning and usage more clear. Add a specific error type so invalid tags can be distinguished without having to catch that specific type. See also #1813
* Fix some warnings from PVS-StudioJack Lloyd2019-01-172-5/+5
| | | | No real bugs, but pointed out some odd constructs and duplicated logic
* Silence MSVC warningsJack Lloyd2018-12-042-3/+3
| | | | static_casts for the compiler god
* Make exceptions easier to translate to error codesJack Lloyd2018-11-232-4/+2
| | | | | | | | | | | Avoid throwing base Botan::Exception type, as it is difficult to determine what the error is in that case. Add Exception::error_code and Exception::error_type which allows (for error code) more information about the error and (for error type) allows knowing the error type without requiring a sequence of catches. See GH #1742
* Implements correct XMSS signature size calculationMatthias Gierlings2018-08-241-2/+4
| | | | Implements the correct signature size calculation for XMSS, required by #1641.
* Add PK_Signer::signature_lengthJack Lloyd2018-08-102-0/+8
|
* Improves "Avoid repeated allocations in XMSS chain function"Matthias Gierlings2018-05-271-1/+2
|
* Avoid repeated allocations in XMSS chain functionJack Lloyd2018-05-271-1/+4
| | | | | | | | | | | | | | | | | | | | This is the core hotspot of XMSS signatures. Avoiding the secure_vector allocation for the PRF output improves performance quite noticably. Before: XMSS_SHA2-256_W16_H10 1940.74 ms/op XMSS_SHA2-512_W16_H10 3985.98 ms/op XMSS_SHAKE128_W16_H10 1910.48 ms/op XMSS_SHAKE256_W16_H10 4074.65 ms/op After: XMSS_SHA2-256_W16_H10 1204.34 ms/op XMSS_SHA2-512_W16_H10 2498.17 ms/op XMSS_SHAKE128_W16_H10 1176.55 ms/op XMSS_SHAKE256_W16_H10 2689.76 ms/op
* Fixes XMSS leaf index bounds sanity checkMatthias Gierlings2018-05-253-5/+4
| | | | | | | | | | Prior to this patch the sanity check for XMSS leaf indices was wrongly based on the tree height. As a result only half of the one-time keys could be used. Instead base leaf index sanity check on the number of levels in a tree which equals tree height + 1. (see also: https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12#section-4.1.1)
* Add an explicit test mode buildJack Lloyd2018-04-141-2/+2
| | | | GH #1537
* Merge GH #1531 Improve XMSS test coverageJack Lloyd2018-04-143-12/+8
|\
| * Removes unused overload in XMSS_HashMatthias Gierlings2018-04-122-12/+0
| | | | | | | | - Removes overload `XMSS_Hash::h_msg_update(secure_vector<uint8_t>&)`
| * Codecov - cover MT code in XMSS_PrivateKeyMatthias Gierlings2018-04-121-0/+8
| | | | | | | | | | | | Codecov does not reach all parts of the `XMSS_PrivateKey` code because too few cores are detected during the CI run. To cover the missed codepaths always return a large enough core count if botan is compiled with coverage.
* | Merge GH #1537 Add missing XMSS signature length checkJack Lloyd2018-04-122-22/+21
|\ \
| * | Adds missing XMSS signature length check.Matthias Gierlings2018-04-122-22/+21
| |/ | | | | | | | | | | | | | | - Fixes out of bounds read in `XMSS_Signature` constructor when the raw signature data supplied as arguments is shorter than the signature size defined by the XMSS parameter set encoded in the `XMSS_PublicKey`. - Fixes valid signatures with arbitrary appended data to be verified as correct signature.
* / In XMSS_Tools::bench_threads only call hardware_concurrency onceJack Lloyd2018-04-121-7/+9
|/ | | | | Getting this value will typically require either a system call or a cpuid call, both of which are fairly expensive.
* Remove the unused XMSS-WOTS operationsJack Lloyd2017-12-2711-397/+0
|
* Avoid relying on AutoSeeded_RNG in XMSSJack Lloyd2017-12-232-3/+4
| | | | Just needed for the self-benchmark easier to just use fixed input.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 14:31:12 +0000