* cipher/dilithium.c (dilithium_keypair, dilithium_sign)
(dilithium_verify): New.
* cipher/dilithium.h: Likewise.

--

GnuPG-bug-id: 7640
Signed-off-by: NIIBE Yutaka <gni...@fsij.org>
---
 cipher/dilithium.c | 96 ++++++++++++++++++++++++++++++++++++++++++++++
 cipher/dilithium.h | 19 +++++++++
 2 files changed, 115 insertions(+)

diff --git a/cipher/dilithium.c b/cipher/dilithium.c
index 452c1b26..955feb2a 100644
--- a/cipher/dilithium.c
+++ b/cipher/dilithium.c
@@ -120,6 +120,102 @@ static int crypto_sign_verify_internal_5 (const uint8_t *sig, size_t siglen,
                                           const uint8_t *pre, size_t prelen,
                                           const uint8_t *pk);
 
+int
+dilithium_keypair (int algo, uint8_t *pk, uint8_t *sk,
+                   const uint8_t seed[SEEDBYTES])
+{
+  switch (algo)
+    {
+    case GCRY_MLDSA44:
+      return crypto_sign_keypair_internal_2 (pk, sk, seed);
+    case GCRY_MLDSA65:
+    default:
+      return crypto_sign_keypair_internal_3 (pk, sk, seed);
+    case GCRY_MLDSA87:
+      return crypto_sign_keypair_internal_5 (pk, sk, seed);
+    }
+}
+
+int
+dilithium_sign (int algo, uint8_t *sig, size_t siglen,
+                const uint8_t *m, size_t mlen,
+                const uint8_t *ctx, size_t ctxlen,
+                const uint8_t *sk, const uint8_t rnd[RNDBYTES])
+{
+  size_t i;
+  uint8_t pre[257];
+  size_t prelen;
+
+  if (ctx == NULL && ctxlen == -1)
+    prelen = 0;
+  else
+    {
+      /* Prepare pre = (0, ctxlen, ctx) */
+      pre[0] = 0;
+      pre[1] = ctxlen;
+      for(i = 0; i < ctxlen; i++)
+        pre[2 + i] = ctx[i];
+      prelen = 2 + ctxlen;
+    }
+
+  switch (algo)
+    {
+    case GCRY_MLDSA44:
+      if (siglen != CRYPTO_BYTES_2)
+        return -1;
+      return crypto_sign_signature_internal_2 (sig, &siglen, m, mlen,
+                                               pre, prelen, rnd, sk);
+    case GCRY_MLDSA65:
+    default:
+      if (siglen != CRYPTO_BYTES_3)
+        return -1;
+      return crypto_sign_signature_internal_3 (sig, &siglen, m, mlen,
+                                               pre, prelen, rnd, sk);
+    case GCRY_MLDSA87:
+      if (siglen != CRYPTO_BYTES_5)
+        return -1;
+      return crypto_sign_signature_internal_5 (sig, &siglen, m, mlen,
+                                               pre, prelen, rnd, sk);
+    }
+}
+
+int
+dilithium_verify (int algo, const uint8_t *sig, size_t siglen,
+                  const uint8_t *m, size_t mlen,
+                  const uint8_t *ctx, size_t ctxlen,
+                  const uint8_t *pk)
+{
+  size_t i;
+  uint8_t pre[257];
+  size_t prelen;
+
+  if (ctx == NULL && ctxlen == -1)
+    prelen = 0;
+  else
+    {
+      /* Prepare pre = (0, ctxlen, ctx) */
+      pre[0] = 0;
+      pre[1] = ctxlen;
+      for(i = 0; i < ctxlen; i++)
+        pre[2 + i] = ctx[i];
+      prelen = 2 + ctxlen;
+    }
+
+  switch (algo)
+    {
+    case GCRY_MLDSA44:
+      return crypto_sign_verify_internal_2 (sig, siglen, m, mlen,
+                                            pre, prelen, pk);
+    case GCRY_MLDSA65:
+    default:
+      return crypto_sign_verify_internal_3 (sig, siglen, m, mlen,
+                                            pre, prelen, pk);
+    case GCRY_MLDSA87:
+      return crypto_sign_verify_internal_5 (sig, siglen, m, mlen,
+                                            pre, prelen, pk);
+    }
+}
+
 typedef struct {
   gcry_md_hd_t h;
 } keccak_state;
diff --git a/cipher/dilithium.h b/cipher/dilithium.h
index 7d3c9572..03a095c7 100644
--- a/cipher/dilithium.h
+++ b/cipher/dilithium.h
@@ -53,6 +53,25 @@
 #define SEEDBYTES 32
 #define RNDBYTES 32
 
+#ifdef _GCRYPT_IN_LIBGCRYPT
+/**** Start of the glue code to libgcrypt ****/
+#define dilithium_keypair   _gcry_mldsa_keypair
+#define dilithium_encap     _gcry_mldsa_encap
+#define dilithium_decap     _gcry_mldsa_decap
+/**** End of the glue code ****/
+
+int dilithium_keypair (int algo, uint8_t *pk, uint8_t *sk,
+                       const uint8_t seed[SEEDBYTES]);
+int dilithium_sign (int algo, uint8_t *sig, size_t siglen,
+                    const uint8_t *m, size_t mlen,
+                    const uint8_t *ctx, size_t ctxlen,
+                    const uint8_t *sk, const uint8_t rnd[RNDBYTES]);
+int dilithium_verify (int algo, const uint8_t *sig, size_t siglen,
+                      const uint8_t *m, size_t mlen,
+                      const uint8_t *ctx, size_t ctxlen,
+                      const uint8_t *pk);
+#endif
+
 #if defined(DILITHIUM_MODE)
 #ifndef DILITHIUM_INTERNAL_API_ONLY
 int crypto_sign_keypair (uint8_t *pk, uint8_t *sk);
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gcrypt-devel

Reply via email to