Script updating gh-pages from 0e304ce. [ci skip]

lamps-wg · Oct 20, 2024 · 193b65c · 193b65c
1 parent 9c5692b
commit 193b65c
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 40 deletions.
diff --git a/ietf121_top-to-bottom/draft-ietf-lamps-pq-composite-sigs.html b/ietf121_top-to-bottom/draft-ietf-lamps-pq-composite-sigs.html
@@ -1652,39 +1652,39 @@ <h3 id="name-key-generation">
 <a href="#section-4.1" class="section-number selfRef">4.1. </a><a href="#name-key-generation" class="section-name selfRef">Key Generation</a>
         </h3>
 <p id="section-4.1-1">To generate a new keypair for Composite schemes, the <code>KeyGen() -&gt; (pk, sk)</code> function is used. The KeyGen() function calls the two key generation functions of the component algorithms for the Composite keypair in no particular order. Multi-process or multi-threaded applications might choose to execute the key generation functions in parallel for better key generation performance.<a href="#section-4.1-1" class="pilcrow">¶</a></p>
-<p id="section-4.1-2">The generated public key structure is described in <a href="#sec-composite-pub-keys" class="auto internal xref">Section 5.2</a>, while the corresponding composite secret key structure is defined in <a href="#sec-priv-key" class="auto internal xref">Section 5.3</a>.<a href="#section-4.1-2" class="pilcrow">¶</a></p>
-<p id="section-4.1-3">The following process is used to generate composite keypair values:<a href="#section-4.1-3" class="pilcrow">¶</a></p>
+<p id="section-4.1-2">The following process is used to generate composite keypair values:<a href="#section-4.1-2" class="pilcrow">¶</a></p>
 <span id="name-composite-keygenpk-sk"></span><div id="alg-composite-keygen">
 <figure id="figure-1">
-          <div class="alignLeft art-text artwork" id="section-4.1-4.1">
+          <div class="alignLeft art-text artwork" id="section-4.1-3.1">
 <pre>
 KeyGen() -&gt; (pk, sk)
 
-Input:
-     sk_1, sk_2         Private keys for each component.
+Explicit Inputs:
+     None
 
-     pk_1, pk_2         Public keys for each component.
+Implicit Input:
+  ML-DSA     A placeholder for the specific ML-DSA algorithm and
+             parameter set to use, for example, could be "ML-DSA-65".
 
-     A1, A2             Component signature algorithms.
+  Trad       A placeholder for the specific traditional algorithm and
+             parameter set to use, for example "RSASA-PSS"
+             or "Ed25519".
 
 Output:
-     (pk, sk)           The composite keypair.
+  (pk, sk)   The composite keypair.
 
 Function KeyGen():
 
-  (pk_1, sk_1) &lt;- A1.KeyGen()
-  (pk_2, sk_2) &lt;- A2.KeyGen()
+  (mldsaPK, mldsaSK) &lt;- ML-DSA.KeyGen()
+  (tradPK, tradSK) &lt;- Trad.KeyGen()
 
-  if NOT (pk_1, sk_1) or NOT (pk_2, sk_2):
+  if NOT (mldsaPK, mldsaSK) or NOT (tradPK, tradSK):
     // Component key generation failure
-    return NULL
+    output "Key generation error"
 
-  (pk, sk) &lt;- encode[(pk_1, sk_1), (pk_2, sk_2)]
-  if NOT (pk, sk):
-    // Encoding failure
-    return False
+  pk &lt;- CompositeSignaturePublicKey(mldsaPK, tradPK)
+  sk &lt;- CompositeSignaturePrivateKey(mldsaSK, tradSK)
 
-  // Success
   return (pk, sk)
 
 </pre>
@@ -1693,7 +1693,8 @@ <h3 id="name-key-generation">
 <a href="#name-composite-keygenpk-sk" class="selfRef">Composite KeyGen(pk, sk)</a>
           </figcaption></figure>
 </div>
-<p id="section-4.1-5">The key generation functions MUST be executed for both algorithms. Compliant parties MUST NOT use or import component keys that are used in other contexts, combinations, or by themselves (i.e., not only in X.509 certificates).<a href="#section-4.1-5" class="pilcrow">¶</a></p>
+<p id="section-4.1-4">The structures CompositeSignaturePublicKey and CompositeSignaturePrivateKey are described in <a href="#sec-composite-pub-keys" class="auto internal xref">Section 5.2</a> and <a href="#sec-priv-key" class="auto internal xref">Section 5.3</a> respectively.<a href="#section-4.1-4" class="pilcrow">¶</a></p>
+<p id="section-4.1-5">In order to ensure fresh keys, the key generation functions MUST be executed for both component algorithms. Compliant parties MUST NOT use or import component keys that are used in other contexts, combinations, or by themselves as keys for standalone algorithm use.<a href="#section-4.1-5" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="sec-comp-sig-gen">

diff --git a/ietf121_top-to-bottom/draft-ietf-lamps-pq-composite-sigs.txt b/ietf121_top-to-bottom/draft-ietf-lamps-pq-composite-sigs.txt
@@ -356,47 +356,48 @@ Table of Contents
    applications might choose to execute the key generation functions in
    parallel for better key generation performance.
 
-   The generated public key structure is described in Section 5.2, while
-   the corresponding composite secret key structure is defined in
-   Section 5.3.
-
    The following process is used to generate composite keypair values:
 
    KeyGen() -> (pk, sk)
 
-   Input:
-        sk_1, sk_2         Private keys for each component.
+   Explicit Inputs:
+        None
 
-        pk_1, pk_2         Public keys for each component.
+   Implicit Input:
+     ML-DSA     A placeholder for the specific ML-DSA algorithm and
+                parameter set to use, for example, could be "ML-DSA-65".
 
-        A1, A2             Component signature algorithms.
+     Trad       A placeholder for the specific traditional algorithm and
+                parameter set to use, for example "RSASA-PSS"
+                or "Ed25519".
 
    Output:
-        (pk, sk)           The composite keypair.
+     (pk, sk)   The composite keypair.
 
    Function KeyGen():
 
-     (pk_1, sk_1) <- A1.KeyGen()
-     (pk_2, sk_2) <- A2.KeyGen()
+     (mldsaPK, mldsaSK) <- ML-DSA.KeyGen()
+     (tradPK, tradSK) <- Trad.KeyGen()
 
-     if NOT (pk_1, sk_1) or NOT (pk_2, sk_2):
+     if NOT (mldsaPK, mldsaSK) or NOT (tradPK, tradSK):
        // Component key generation failure
-       return NULL
+       output "Key generation error"
 
-     (pk, sk) <- encode[(pk_1, sk_1), (pk_2, sk_2)]
-     if NOT (pk, sk):
-       // Encoding failure
-       return False
+     pk <- CompositeSignaturePublicKey(mldsaPK, tradPK)
+     sk <- CompositeSignaturePrivateKey(mldsaSK, tradSK)
 
-     // Success
      return (pk, sk)
 
                      Figure 1: Composite KeyGen(pk, sk)
 
-   The key generation functions MUST be executed for both algorithms.
-   Compliant parties MUST NOT use or import component keys that are used
-   in other contexts, combinations, or by themselves (i.e., not only in
-   X.509 certificates).
+   The structures CompositeSignaturePublicKey and
+   CompositeSignaturePrivateKey are described in Section 5.2 and
+   Section 5.3 respectively.
+
+   In order to ensure fresh keys, the key generation functions MUST be
+   executed for both component algorithms.  Compliant parties MUST NOT
+   use or import component keys that are used in other contexts,
+   combinations, or by themselves as keys for standalone algorithm use.
 
 4.2.  Pure Signature Generation