-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add lms to RustCrypto/signatures #801
Conversation
lms/src/lms/private.rs
Outdated
#[test] | ||
fn test_pk_tree_kat1() { | ||
let seed = hex!("558b8966c48ae9cb898b423c83443aae014a72f1b1ab5cc85cf1d892903b5439"); | ||
let id = hex!("d08fabd4a2091ff0a8cb4ed834e74534"); | ||
let expected_k = hex!("32a58885cd9ba0431235466bff9651c6c92124404d45fa53cf161c28f1ad5a8e"); | ||
|
||
let lms_priv = SigningKey::<LmsSha256M32H10<LmsOtsSha256N32W4>>::new_from_seed(id, seed); | ||
let lms_pub = lms_priv.public(); | ||
assert_eq!(lms_pub.k(), expected_k); | ||
assert_eq!(lms_pub.id(), &id); | ||
} | ||
|
||
#[test] | ||
fn test_pk_tree_kat2() { | ||
let seed = hex!("a1c4696e2608035a886100d05cd99945eb3370731884a8235e2fb3d4d71f2547"); | ||
let id = hex!("215f83b7ccb9acbcd08db97b0d04dc2b"); | ||
let expected_k = hex!("a1cd035833e0e90059603f26e07ad2aad152338e7a5e5984bcd5f7bb4eba40b7"); | ||
|
||
let lms_priv = SigningKey::<LmsSha256M32H5<LmsOtsSha256N32W8>>::new_from_seed(id, seed); | ||
let lms_pub = lms_priv.public(); | ||
assert_eq!(lms_pub.k(), expected_k); | ||
assert_eq!(lms_pub.id(), &id); | ||
} | ||
|
||
#[test] | ||
fn test_kat_2() { | ||
let expected_signature = [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you provide some information on the provenance of these KATs?
It appears to be RFC8554 Appendix F but I'm noticing test_pk_tree_kat1
appears to be "Test Case 2".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
…e that increases coverage
@tarcieri do you have opinions on large in-file KAT buffers like this? Debating whether we should
There will be a couple more large KATs eventually once HSS is implemented, and if we want to support the larger merkle tree sizes then they will start getting really big. |
@tjade273 we generally just check them in, but for very large ones omit them from the resulting https://github.com/RustCrypto/MACs/blob/43cc597/cmac/Cargo.toml#L14 |
utACK, let me know if you'd like to make any additional changes or otherwise we can get this merged |
Co-authored-by: Tony Arcieri <[email protected]>
We can probably get this merged. |
This adds the
lms
directory to RustCrypto/signatures under the crate namelms-signature
. The authors of the original RFC seem quite happy using the phrase so this keeps the naming in the signatures repository consistent. Hopefully I ported the Github workflow without any issues.There are two notable limitations to our implementation:
generic_array::GenericArray
from the olderdigest-0.10.7
instead of using thehybrid_array::Array
approach from the upcomingdigest-0.11
ecosystem.This PR also does not modify the main README in any way. I have also refrained from committing any changes to Cargo.lock.