Skip to content

Commit

Permalink
Adds Hash-SLH-DSA
Browse files Browse the repository at this point in the history
  • Loading branch information
@codespree
codespree committed Nov 4, 2024
1 parent d473b19 commit b3de0d6
Show file tree
Hide file tree
Showing 15 changed files with 407 additions and 52 deletions.
4 changes: 2 additions & 2 deletions src/asn1/certificate.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -560,8 +560,8 @@ mod tests {
continue;
}

// TODO: Add support for pre hash SLH DSA / ML DSA
if path.contains(dsa_prehash) {
// TODO: Check for bug in BC ML-DSA Prehash or bug in our code
if path.contains(dsa_prehash) && !path.contains(slh_dsa_prefix) {
continue;
}

Expand Down
53 changes: 52 additions & 1 deletion src/dsa/api/algorithm.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ pub enum DsaAlgorithm {
HashMlDsa87EcdsaBrainpoolP384r1Sha512,
HashMlDsa87Ed448Sha512,

// Pure DSAs
// Pure SLH-DSAs
SlhDsaSha2_128s,
SlhDsaSha2_128f,
SlhDsaSha2_192s,
Expand All @@ -61,6 +61,20 @@ pub enum DsaAlgorithm {
SlhDsaShake192f,
SlhDsaShake256s,
SlhDsaShake256f,

// Prehash SLH-DSAs
HashSlhDsaSha2_128s,
HashSlhDsaSha2_128f,
HashSlhDsaSha2_192s,
HashSlhDsaSha2_192f,
HashSlhDsaSha2_256s,
HashSlhDsaSha2_256f,
HashSlhDsaShake128s,
HashSlhDsaShake128f,
HashSlhDsaShake192s,
HashSlhDsaShake192f,
HashSlhDsaShake256s,
HashSlhDsaShake256f,
}

impl DsaAlgorithm {
Expand Down Expand Up @@ -161,6 +175,19 @@ impl DsaAlgorithm {
DsaAlgorithm::SlhDsaShake192f => Some(PrehashDsaType::SlhDsaShake192f),
DsaAlgorithm::SlhDsaShake256s => Some(PrehashDsaType::SlhDsaShake256s),
DsaAlgorithm::SlhDsaShake256f => Some(PrehashDsaType::SlhDsaShake256f),

DsaAlgorithm::HashSlhDsaSha2_128s => Some(PrehashDsaType::HashSlhDsaSha2_128s),
DsaAlgorithm::HashSlhDsaSha2_128f => Some(PrehashDsaType::HashSlhDsaSha2_128f),
DsaAlgorithm::HashSlhDsaSha2_192s => Some(PrehashDsaType::HashSlhDsaSha2_192s),
DsaAlgorithm::HashSlhDsaSha2_192f => Some(PrehashDsaType::HashSlhDsaSha2_192f),
DsaAlgorithm::HashSlhDsaSha2_256s => Some(PrehashDsaType::HashSlhDsaSha2_256s),
DsaAlgorithm::HashSlhDsaSha2_256f => Some(PrehashDsaType::HashSlhDsaSha2_256f),
DsaAlgorithm::HashSlhDsaShake128s => Some(PrehashDsaType::HashSlhDsaShake128s),
DsaAlgorithm::HashSlhDsaShake128f => Some(PrehashDsaType::HashSlhDsaShake128f),
DsaAlgorithm::HashSlhDsaShake192s => Some(PrehashDsaType::HashSlhDsaShake192s),
DsaAlgorithm::HashSlhDsaShake192f => Some(PrehashDsaType::HashSlhDsaShake192f),
DsaAlgorithm::HashSlhDsaShake256s => Some(PrehashDsaType::HashSlhDsaShake256s),
DsaAlgorithm::HashSlhDsaShake256f => Some(PrehashDsaType::HashSlhDsaShake256f),
}
}

Expand All @@ -178,6 +205,30 @@ impl DsaAlgorithm {
| DsaAlgorithm::HashMlDsa44
| DsaAlgorithm::HashMlDsa65
| DsaAlgorithm::HashMlDsa87
| DsaAlgorithm::SlhDsaSha2_128s
| DsaAlgorithm::SlhDsaSha2_128f
| DsaAlgorithm::SlhDsaSha2_192s
| DsaAlgorithm::SlhDsaSha2_192f
| DsaAlgorithm::SlhDsaSha2_256s
| DsaAlgorithm::SlhDsaSha2_256f
| DsaAlgorithm::SlhDsaShake128s
| DsaAlgorithm::SlhDsaShake128f
| DsaAlgorithm::SlhDsaShake192s
| DsaAlgorithm::SlhDsaShake192f
| DsaAlgorithm::SlhDsaShake256s
| DsaAlgorithm::SlhDsaShake256f
| DsaAlgorithm::HashSlhDsaSha2_128s
| DsaAlgorithm::HashSlhDsaSha2_128f
| DsaAlgorithm::HashSlhDsaSha2_192s
| DsaAlgorithm::HashSlhDsaSha2_192f
| DsaAlgorithm::HashSlhDsaSha2_256s
| DsaAlgorithm::HashSlhDsaSha2_256f
| DsaAlgorithm::HashSlhDsaShake128s
| DsaAlgorithm::HashSlhDsaShake128f
| DsaAlgorithm::HashSlhDsaShake192s
| DsaAlgorithm::HashSlhDsaShake192f
| DsaAlgorithm::HashSlhDsaShake256s
| DsaAlgorithm::HashSlhDsaShake256f
)
}

Expand Down
14 changes: 14 additions & 0 deletions src/dsa/common/config/hash_type.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,20 @@ impl HashTypeConfig for PrehashDsaType {
PrehashDsaType::SlhDsaShake192f => None,
PrehashDsaType::SlhDsaShake256s => None,
PrehashDsaType::SlhDsaShake256f => None,

// Prehash SLH-DSA
PrehashDsaType::HashSlhDsaSha2_128s => Some(HashType::Sha256),
PrehashDsaType::HashSlhDsaSha2_128f => Some(HashType::Sha256),
PrehashDsaType::HashSlhDsaSha2_192s => Some(HashType::Sha512),
PrehashDsaType::HashSlhDsaSha2_192f => Some(HashType::Sha512),
PrehashDsaType::HashSlhDsaSha2_256s => Some(HashType::Sha512),
PrehashDsaType::HashSlhDsaSha2_256f => Some(HashType::Sha512),
PrehashDsaType::HashSlhDsaShake128s => Some(HashType::Shake128),
PrehashDsaType::HashSlhDsaShake128f => Some(HashType::Shake128),
PrehashDsaType::HashSlhDsaShake192s => Some(HashType::Shake256),
PrehashDsaType::HashSlhDsaShake192f => Some(HashType::Shake256),
PrehashDsaType::HashSlhDsaShake256s => Some(HashType::Shake256),
PrehashDsaType::HashSlhDsaShake256f => Some(HashType::Shake256),
}
}
}
14 changes: 14 additions & 0 deletions src/dsa/common/config/oids.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,20 @@ impl Oid for PrehashDsaType {
PrehashDsaType::SlhDsaShake192f => "2.16.840.1.101.3.4.3.29",
PrehashDsaType::SlhDsaShake256s => "2.16.840.1.101.3.4.3.30",
PrehashDsaType::SlhDsaShake256f => "2.16.840.1.101.3.4.3.31",

// Prehash SLH-DSA
PrehashDsaType::HashSlhDsaSha2_128s => "2.16.840.1.101.3.4.3.35",
PrehashDsaType::HashSlhDsaSha2_128f => "2.16.840.1.101.3.4.3.36",
PrehashDsaType::HashSlhDsaSha2_192s => "2.16.840.1.101.3.4.3.37",
PrehashDsaType::HashSlhDsaSha2_192f => "2.16.840.1.101.3.4.3.38",
PrehashDsaType::HashSlhDsaSha2_256s => "2.16.840.1.101.3.4.3.39",
PrehashDsaType::HashSlhDsaSha2_256f => "2.16.840.1.101.3.4.3.40",
PrehashDsaType::HashSlhDsaShake128s => "2.16.840.1.101.3.4.3.41",
PrehashDsaType::HashSlhDsaShake128f => "2.16.840.1.101.3.4.3.42",
PrehashDsaType::HashSlhDsaShake192s => "2.16.840.1.101.3.4.3.43",
PrehashDsaType::HashSlhDsaShake192f => "2.16.840.1.101.3.4.3.44",
PrehashDsaType::HashSlhDsaShake256s => "2.16.840.1.101.3.4.3.45",
PrehashDsaType::HashSlhDsaShake256f => "2.16.840.1.101.3.4.3.46",
}
.to_string()
}
Expand Down
15 changes: 15 additions & 0 deletions src/dsa/common/config/pk_len.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,7 @@ impl PKLen for PrehashDsaType {
PrehashDsaType::HashMlDsa87EcdsaBrainpoolP384r1Sha512 => Some(2592 + 97 + 12), // 2701
PrehashDsaType::HashMlDsa87Ed448Sha512 => Some(2592 + 57 + 12), // 2523

// Pure SLH-DSA
PrehashDsaType::SlhDsaSha2_128s => Some(32),
PrehashDsaType::SlhDsaSha2_128f => Some(32),
PrehashDsaType::SlhDsaSha2_192s => Some(48),
Expand All @@ -91,6 +92,20 @@ impl PKLen for PrehashDsaType {
PrehashDsaType::SlhDsaShake192f => Some(48),
PrehashDsaType::SlhDsaShake256s => Some(64),
PrehashDsaType::SlhDsaShake256f => Some(64),

// Prehash SLH-DSA
PrehashDsaType::HashSlhDsaSha2_128s => None,
PrehashDsaType::HashSlhDsaSha2_128f => None,
PrehashDsaType::HashSlhDsaSha2_192s => None,
PrehashDsaType::HashSlhDsaSha2_192f => None,
PrehashDsaType::HashSlhDsaSha2_256s => None,
PrehashDsaType::HashSlhDsaSha2_256f => None,
PrehashDsaType::HashSlhDsaShake128s => None,
PrehashDsaType::HashSlhDsaShake128f => None,
PrehashDsaType::HashSlhDsaShake192s => None,
PrehashDsaType::HashSlhDsaShake192f => None,
PrehashDsaType::HashSlhDsaShake256s => None,
PrehashDsaType::HashSlhDsaShake256f => None,
}
}
}
14 changes: 14 additions & 0 deletions src/dsa/common/config/sig_len.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,20 @@ impl SigLen for PrehashDsaType {
PrehashDsaType::SlhDsaShake192f => Some(35664),
PrehashDsaType::SlhDsaShake256s => Some(29792),
PrehashDsaType::SlhDsaShake256f => Some(49856),

// Prehash SLH-DSA
PrehashDsaType::HashSlhDsaSha2_128s => None,
PrehashDsaType::HashSlhDsaSha2_128f => None,
PrehashDsaType::HashSlhDsaSha2_192s => None,
PrehashDsaType::HashSlhDsaSha2_192f => None,
PrehashDsaType::HashSlhDsaSha2_256s => None,
PrehashDsaType::HashSlhDsaSha2_256f => None,
PrehashDsaType::HashSlhDsaShake128s => None,
PrehashDsaType::HashSlhDsaShake128f => None,
PrehashDsaType::HashSlhDsaShake192s => None,
PrehashDsaType::HashSlhDsaShake192f => None,
PrehashDsaType::HashSlhDsaShake256s => None,
PrehashDsaType::HashSlhDsaShake256f => None,
}
}
}
14 changes: 14 additions & 0 deletions src/dsa/common/config/sk_len.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,20 @@ impl SKLen for PrehashDsaType {
PrehashDsaType::SlhDsaShake192f => Some(48 * 2),
PrehashDsaType::SlhDsaShake256s => Some(64 * 2),
PrehashDsaType::SlhDsaShake256f => Some(64 * 2),

// Prehash SLH-DSA
PrehashDsaType::HashSlhDsaSha2_128s => None,
PrehashDsaType::HashSlhDsaSha2_128f => None,
PrehashDsaType::HashSlhDsaSha2_192s => None,
PrehashDsaType::HashSlhDsaSha2_192f => None,
PrehashDsaType::HashSlhDsaSha2_256s => None,
PrehashDsaType::HashSlhDsaSha2_256f => None,
PrehashDsaType::HashSlhDsaShake128s => None,
PrehashDsaType::HashSlhDsaShake128f => None,
PrehashDsaType::HashSlhDsaShake192s => None,
PrehashDsaType::HashSlhDsaShake192f => None,
PrehashDsaType::HashSlhDsaShake256s => None,
PrehashDsaType::HashSlhDsaShake256f => None,
}
}
}
15 changes: 14 additions & 1 deletion src/dsa/common/prehash_dsa_type.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,6 @@ pub enum PrehashDsaType {
HashMlDsa87Ed448Sha512,

// Pure SLH-DSA
// SLH DSA
SlhDsaSha2_128s,
SlhDsaSha2_128f,
SlhDsaSha2_192s,
Expand All @@ -61,6 +60,20 @@ pub enum PrehashDsaType {
SlhDsaShake192f,
SlhDsaShake256s,
SlhDsaShake256f,

// Prehash SLH-DSA
HashSlhDsaSha2_128s,
HashSlhDsaSha2_128f,
HashSlhDsaSha2_192s,
HashSlhDsaSha2_192f,
HashSlhDsaSha2_256s,
HashSlhDsaSha2_256f,
HashSlhDsaShake128s,
HashSlhDsaShake128f,
HashSlhDsaShake192s,
HashSlhDsaShake192f,
HashSlhDsaShake256s,
HashSlhDsaShake256f,
}

impl PrehashDsaType {
Expand Down
14 changes: 13 additions & 1 deletion src/dsa/dsa_manager.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ const COMPOSITE_DSA_TYPES: [PrehashDsaType; 28] = [
PrehashDsaType::HashMlDsa65Rsa4096Pkcs15Sha512,
];

const SLH_DSA_TYPES: [PrehashDsaType; 12] = [
const SLH_DSA_TYPES: [PrehashDsaType; 24] = [
PrehashDsaType::SlhDsaSha2_128s,
PrehashDsaType::SlhDsaSha2_128f,
PrehashDsaType::SlhDsaSha2_192s,
Expand All @@ -85,6 +85,18 @@ const SLH_DSA_TYPES: [PrehashDsaType; 12] = [
PrehashDsaType::SlhDsaShake192f,
PrehashDsaType::SlhDsaShake256s,
PrehashDsaType::SlhDsaShake256f,
PrehashDsaType::HashSlhDsaSha2_128s,
PrehashDsaType::HashSlhDsaSha2_128f,
PrehashDsaType::HashSlhDsaSha2_192s,
PrehashDsaType::HashSlhDsaSha2_192f,
PrehashDsaType::HashSlhDsaSha2_256s,
PrehashDsaType::HashSlhDsaSha2_256f,
PrehashDsaType::HashSlhDsaShake128s,
PrehashDsaType::HashSlhDsaShake128f,
PrehashDsaType::HashSlhDsaShake192s,
PrehashDsaType::HashSlhDsaShake192f,
PrehashDsaType::HashSlhDsaShake256s,
PrehashDsaType::HashSlhDsaShake256f,
];

// Implement clone
Expand Down
2 changes: 2 additions & 0 deletions src/dsa/ml_dsa.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ macro_rules! sign_ml {
let ph = match (hash_type) {
HashType::Sha256 => Ph::SHA256,
HashType::Sha512 => Ph::SHA512,
_ => return Err(QuantCryptError::NotImplemented),
};
// Try signing the message
sk.try_hash_sign($msg, $ctx, &ph)
Expand Down Expand Up @@ -72,6 +73,7 @@ macro_rules! verify_ml {
let ph = match (hash_type) {
HashType::Sha256 => Ph::SHA256,
HashType::Sha512 => Ph::SHA512,
_ => return Err(QuantCryptError::NotImplemented),
};

Ok(pk.hash_verify($msg, &sig_buf, $ctx, &ph))
Expand Down
Loading

0 comments on commit b3de0d6

Please sign in to comment.