Adding NISTDSA API to support ML-DSA-44 and ML-DSA-87 #1949
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,66 @@ | ||
| // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. | ||
| // SPDX-License-Identifier: Apache-2.0 OR ISC | ||
|
|
||
| #ifndef AWSLC_HEADER_SIG_INTERNAL_H | ||
| #define AWSLC_HEADER_SIG_INTERNAL_H | ||
|
|
||
| #include <openssl/base.h> | ||
|
|
||
| #if defined(__cplusplus) | ||
| extern "C" { | ||
| #endif | ||
|
|
||
| // NISTDSA_METHOD structure and helper functions. | ||
| typedef struct { | ||
| int (*keygen)(uint8_t *public_key, | ||
| uint8_t *secret_key); | ||
|
|
||
| int (*sign)(uint8_t *sig, size_t *sig_len, | ||
| const uint8_t *message, | ||
| size_t message_len, | ||
| const uint8_t *ctx, | ||
|
There was a problem hiding this comment.
|
||
| size_t ctx_len, | ||
| const uint8_t *secret_key); | ||
|
|
||
| int (*verify)(const uint8_t *message, | ||
| size_t message_len, | ||
| const uint8_t *sig, | ||
| size_t sig_len, | ||
| const uint8_t *ctx, | ||
| size_t ctx_len, | ||
| const uint8_t *public_key); | ||
|
|
||
| } NISTDSA_METHOD; | ||
|
|
||
| // NISTDSA structure and helper functions. | ||
| typedef struct { | ||
| int nid; | ||
| const uint8_t *oid; | ||
| uint8_t oid_len; | ||
| const char *comment; | ||
| size_t public_key_len; | ||
| size_t secret_key_len; | ||
| size_t signature_len; | ||
| size_t keygen_seed_len; | ||
| size_t sign_seed_len; | ||
| const NISTDSA_METHOD *method; | ||
| } NISTDSA; | ||
|
|
||
| // NISTDSA_KEY structure and helper functions. | ||
| struct nistdsa_st { | ||
| const NISTDSA *nistdsa; | ||
| uint8_t *public_key; | ||
| uint8_t *secret_key; | ||
| }; | ||
|
|
||
| int NISTDSA_KEY_init(NISTDSA_KEY *key, const NISTDSA *nistdsa); | ||
| const NISTDSA * SIG_find_dsa_by_nid(int nid); | ||
| const NISTDSA *NISTDSA_KEY_get0_sig(NISTDSA_KEY* key); | ||
| NISTDSA_KEY *NISTDSA_KEY_new(void); | ||
| void NISTDSA_KEY_free(NISTDSA_KEY *key); | ||
|
|
||
| #if defined(__cplusplus) | ||
| } // extern C | ||
| #endif | ||
|
|
||
| #endif // AWSLC_HEADER_DSA_TEST_INTERNAL_H | ||
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should change the name NISTDSA, maybe to NIST_PQDSA or something like that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Happy to change the name -- originally wanted to use DSA but it was taken. I chose to add
NISTbecause of the consistency between the FIPS 204, 205 standards, it seems as though any subsequent signature scheme standardizaed by NIST should follow these conventions. I didn't want to limit this to only signature schemes aimed towards PQ-secure use-cases.