liboqs
Loading...
Searching...
No Matches
sig_stfl.h File Reference

Stateful Signature schemes. More...

#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
#include <oqs/oqs.h>

Go to the source code of this file.

Data Structures

struct  OQS_SIG_STFL_SECRET_KEY
 OQS_SIG_STFL_SECRET_KEY object for stateful signature schemes. More...

Macros

#define OQS_SIG_STFL_alg_xmss_sha256_h10   "XMSS-SHA2_10_256"
#define OQS_SIG_STFL_alg_xmss_sha256_h16   "XMSS-SHA2_16_256"
#define OQS_SIG_STFL_alg_xmss_sha256_h20   "XMSS-SHA2_20_256"
#define OQS_SIG_STFL_alg_xmss_shake128_h10   "XMSS-SHAKE_10_256"
#define OQS_SIG_STFL_alg_xmss_shake128_h16   "XMSS-SHAKE_16_256"
#define OQS_SIG_STFL_alg_xmss_shake128_h20   "XMSS-SHAKE_20_256"
#define OQS_SIG_STFL_alg_xmss_sha512_h10   "XMSS-SHA2_10_512"
#define OQS_SIG_STFL_alg_xmss_sha512_h16   "XMSS-SHA2_16_512"
#define OQS_SIG_STFL_alg_xmss_sha512_h20   "XMSS-SHA2_20_512"
#define OQS_SIG_STFL_alg_xmss_shake256_h10   "XMSS-SHAKE_10_512"
#define OQS_SIG_STFL_alg_xmss_shake256_h16   "XMSS-SHAKE_16_512"
#define OQS_SIG_STFL_alg_xmss_shake256_h20   "XMSS-SHAKE_20_512"
#define OQS_SIG_STFL_alg_xmss_sha256_h10_192   "XMSS-SHA2_10_192"
#define OQS_SIG_STFL_alg_xmss_sha256_h16_192   "XMSS-SHA2_16_192"
#define OQS_SIG_STFL_alg_xmss_sha256_h20_192   "XMSS-SHA2_20_192"
#define OQS_SIG_STFL_alg_xmss_shake256_h10_192   "XMSS-SHAKE256_10_192"
#define OQS_SIG_STFL_alg_xmss_shake256_h16_192   "XMSS-SHAKE256_16_192"
#define OQS_SIG_STFL_alg_xmss_shake256_h20_192   "XMSS-SHAKE256_20_192"
#define OQS_SIG_STFL_alg_xmss_shake256_h10_256   "XMSS-SHAKE256_10_256"
#define OQS_SIG_STFL_alg_xmss_shake256_h16_256   "XMSS-SHAKE256_16_256"
#define OQS_SIG_STFL_alg_xmss_shake256_h20_256   "XMSS-SHAKE256_20_256"
#define OQS_SIG_STFL_alg_xmssmt_sha256_h20_2   "XMSSMT-SHA2_20/2_256"
#define OQS_SIG_STFL_alg_xmssmt_sha256_h20_4   "XMSSMT-SHA2_20/4_256"
#define OQS_SIG_STFL_alg_xmssmt_sha256_h40_2   "XMSSMT-SHA2_40/2_256"
#define OQS_SIG_STFL_alg_xmssmt_sha256_h40_4   "XMSSMT-SHA2_40/4_256"
#define OQS_SIG_STFL_alg_xmssmt_sha256_h40_8   "XMSSMT-SHA2_40/8_256"
#define OQS_SIG_STFL_alg_xmssmt_sha256_h60_3   "XMSSMT-SHA2_60/3_256"
#define OQS_SIG_STFL_alg_xmssmt_sha256_h60_6   "XMSSMT-SHA2_60/6_256"
#define OQS_SIG_STFL_alg_xmssmt_sha256_h60_12   "XMSSMT-SHA2_60/12_256"
#define OQS_SIG_STFL_alg_xmssmt_shake128_h20_2   "XMSSMT-SHAKE_20/2_256"
#define OQS_SIG_STFL_alg_xmssmt_shake128_h20_4   "XMSSMT-SHAKE_20/4_256"
#define OQS_SIG_STFL_alg_xmssmt_shake128_h40_2   "XMSSMT-SHAKE_40/2_256"
#define OQS_SIG_STFL_alg_xmssmt_shake128_h40_4   "XMSSMT-SHAKE_40/4_256"
#define OQS_SIG_STFL_alg_xmssmt_shake128_h40_8   "XMSSMT-SHAKE_40/8_256"
#define OQS_SIG_STFL_alg_xmssmt_shake128_h60_3   "XMSSMT-SHAKE_60/3_256"
#define OQS_SIG_STFL_alg_xmssmt_shake128_h60_6   "XMSSMT-SHAKE_60/6_256"
#define OQS_SIG_STFL_alg_xmssmt_shake128_h60_12   "XMSSMT-SHAKE_60/12_256"
#define OQS_SIG_STFL_alg_lms_sha256_h5_w1   "LMS_SHA256_H5_W1"
#define OQS_SIG_STFL_alg_lms_sha256_h5_w2   "LMS_SHA256_H5_W2"
#define OQS_SIG_STFL_alg_lms_sha256_h5_w4   "LMS_SHA256_H5_W4"
#define OQS_SIG_STFL_alg_lms_sha256_h5_w8   "LMS_SHA256_H5_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w1   "LMS_SHA256_H10_W1"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w2   "LMS_SHA256_H10_W2"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w4   "LMS_SHA256_H10_W4"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w8   "LMS_SHA256_H10_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h15_w1   "LMS_SHA256_H15_W1"
#define OQS_SIG_STFL_alg_lms_sha256_h15_w2   "LMS_SHA256_H15_W2"
#define OQS_SIG_STFL_alg_lms_sha256_h15_w4   "LMS_SHA256_H15_W4"
#define OQS_SIG_STFL_alg_lms_sha256_h15_w8   "LMS_SHA256_H15_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h20_w1   "LMS_SHA256_H20_W1"
#define OQS_SIG_STFL_alg_lms_sha256_h20_w2   "LMS_SHA256_H20_W2"
#define OQS_SIG_STFL_alg_lms_sha256_h20_w4   "LMS_SHA256_H20_W4"
#define OQS_SIG_STFL_alg_lms_sha256_h20_w8   "LMS_SHA256_H20_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h25_w1   "LMS_SHA256_H25_W1"
#define OQS_SIG_STFL_alg_lms_sha256_h25_w2   "LMS_SHA256_H25_W2"
#define OQS_SIG_STFL_alg_lms_sha256_h25_w4   "LMS_SHA256_H25_W4"
#define OQS_SIG_STFL_alg_lms_sha256_h25_w8   "LMS_SHA256_H25_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8   "LMS_SHA256_H5_W8_H5_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8   "LMS_SHA256_H10_W4_H5_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8   "LMS_SHA256_H10_W8_H5_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2   "LMS_SHA256_H10_W2_H10_W2"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4   "LMS_SHA256_H10_W4_H10_W4"
#define OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8   "LMS_SHA256_H10_W8_H10_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8   "LMS_SHA256_H15_W8_H5_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8   "LMS_SHA256_H15_W8_H10_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8   "LMS_SHA256_H15_W8_H15_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8   "LMS_SHA256_H20_W8_H5_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8   "LMS_SHA256_H20_W8_H10_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8   "LMS_SHA256_H20_W8_H15_W8"
#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8   "LMS_SHA256_H20_W8_H20_W8"
#define OQS_SIG_STFL_algs_length   70
#define OQS_SIG_STFL   OQS_SIG

Typedefs

typedef struct OQS_SIG_STFL_SECRET_KEY OQS_SIG_STFL_SECRET_KEY
 OQS_SIG_STFL_SECRET_KEY object for stateful signature schemes.
typedef OQS_STATUS(* secure_store_sk) (uint8_t *sk_buf, size_t buf_len, void *context)
typedef OQS_STATUS(* lock_key) (void *mutex)
typedef OQS_STATUS(* unlock_key) (void *mutex)

Functions

OQS_API const char * OQS_SIG_STFL_alg_identifier (size_t i)
OQS_API int OQS_SIG_STFL_alg_count (void)
OQS_API int OQS_SIG_STFL_alg_is_enabled (const char *method_name)
OQS_API OQS_SIG_STFLOQS_SIG_STFL_new (const char *method_name)
OQS_API OQS_STATUS OQS_SIG_STFL_keypair (const OQS_SIG_STFL *sig, uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key)
OQS_API OQS_STATUS OQS_SIG_STFL_sign (const OQS_SIG_STFL *sig, uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, OQS_SIG_STFL_SECRET_KEY *secret_key)
OQS_API OQS_STATUS OQS_SIG_STFL_verify (const OQS_SIG_STFL *sig, const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key)
OQS_API OQS_STATUS OQS_SIG_STFL_sigs_remaining (const OQS_SIG_STFL *sig, unsigned long long *remain, const OQS_SIG_STFL_SECRET_KEY *secret_key)
OQS_API OQS_STATUS OQS_SIG_STFL_sigs_total (const OQS_SIG_STFL *sig, unsigned long long *max, const OQS_SIG_STFL_SECRET_KEY *secret_key)
OQS_API void OQS_SIG_STFL_free (OQS_SIG_STFL *sig)
OQS_API OQS_SIG_STFL_SECRET_KEYOQS_SIG_STFL_SECRET_KEY_new (const char *method_name)
OQS_API void OQS_SIG_STFL_SECRET_KEY_free (OQS_SIG_STFL_SECRET_KEY *sk)
OQS_API void OQS_SIG_STFL_SECRET_KEY_SET_lock (OQS_SIG_STFL_SECRET_KEY *sk, lock_key lock)
OQS_API void OQS_SIG_STFL_SECRET_KEY_SET_unlock (OQS_SIG_STFL_SECRET_KEY *sk, unlock_key unlock)
OQS_API void OQS_SIG_STFL_SECRET_KEY_SET_mutex (OQS_SIG_STFL_SECRET_KEY *sk, void *mutex)
OQS_STATUS OQS_SIG_STFL_SECRET_KEY_lock (OQS_SIG_STFL_SECRET_KEY *sk)
OQS_STATUS OQS_SIG_STFL_SECRET_KEY_unlock (OQS_SIG_STFL_SECRET_KEY *sk)
OQS_API void OQS_SIG_STFL_SECRET_KEY_SET_store_cb (OQS_SIG_STFL_SECRET_KEY *sk, secure_store_sk store_cb, void *context)
OQS_API OQS_STATUS OQS_SIG_STFL_SECRET_KEY_serialize (uint8_t **sk_buf_ptr, size_t *sk_buf_len, const OQS_SIG_STFL_SECRET_KEY *sk)
OQS_API OQS_STATUS OQS_SIG_STFL_SECRET_KEY_deserialize (OQS_SIG_STFL_SECRET_KEY *sk, const uint8_t *sk_buf, size_t sk_buf_len, void *context)

Detailed Description

Stateful Signature schemes.

The file tests/example_sig_stfl.c contains an example on using the OQS_SIG_STFL API.

SPDX-License-Identifier: MIT

Macro Definition Documentation

◆ OQS_SIG_STFL

#define OQS_SIG_STFL   OQS_SIG

Stateful signature scheme object

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w1

#define OQS_SIG_STFL_alg_lms_sha256_h10_w1   "LMS_SHA256_H10_W1"

Algorithm identifier for LMS-SHA256_H10_W1

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w2

#define OQS_SIG_STFL_alg_lms_sha256_h10_w2   "LMS_SHA256_H10_W2"

Algorithm identifier for LMS-SHA256_H10_W2

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2

#define OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2   "LMS_SHA256_H10_W2_H10_W2"

Algorithm identifier for LMS-SHA256_H10_W2_H10_W2

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w4

#define OQS_SIG_STFL_alg_lms_sha256_h10_w4   "LMS_SHA256_H10_W4"

Algorithm identifier for LMS-SHA256_H10_W4

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4

#define OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4   "LMS_SHA256_H10_W4_H10_W4"

Algorithm identifier for LMS-SHA256_H10_W4_H10_W4

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8

#define OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8   "LMS_SHA256_H10_W4_H5_W8"

Algorithm identifier for LMS-SHA256_H10_W4_H5_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w8

#define OQS_SIG_STFL_alg_lms_sha256_h10_w8   "LMS_SHA256_H10_W8"

Algorithm identifier for LMS-SHA256_H10_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8

#define OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8   "LMS_SHA256_H10_W8_H10_W8"

Algorithm identifier for LMS-SHA256_H10_W8_H10_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8

#define OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8   "LMS_SHA256_H10_W8_H5_W8"

Algorithm identifier for LMS-SHA256_H10_W8_H5_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h15_w1

#define OQS_SIG_STFL_alg_lms_sha256_h15_w1   "LMS_SHA256_H15_W1"

Algorithm identifier for LMS-SHA256_H15_W1

◆ OQS_SIG_STFL_alg_lms_sha256_h15_w2

#define OQS_SIG_STFL_alg_lms_sha256_h15_w2   "LMS_SHA256_H15_W2"

Algorithm identifier for LMS-SHA256_H15_W2

◆ OQS_SIG_STFL_alg_lms_sha256_h15_w4

#define OQS_SIG_STFL_alg_lms_sha256_h15_w4   "LMS_SHA256_H15_W4"

Algorithm identifier for LMS-SHA256_H15_W4

◆ OQS_SIG_STFL_alg_lms_sha256_h15_w8

#define OQS_SIG_STFL_alg_lms_sha256_h15_w8   "LMS_SHA256_H15_W8"

Algorithm identifier for LMS-SHA256_H15_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8

#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8   "LMS_SHA256_H15_W8_H10_W8"

Algorithm identifier for LMS-SHA256_H15_W8_H10_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8

#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8   "LMS_SHA256_H15_W8_H15_W8"

Algorithm identifier for LMS-SHA256_H15_W8_H15_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8

#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8   "LMS_SHA256_H15_W8_H5_W8"

Algorithm identifier for LMS-SHA256_H15_W8_H5_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h20_w1

#define OQS_SIG_STFL_alg_lms_sha256_h20_w1   "LMS_SHA256_H20_W1"

Algorithm identifier for LMS-SHA256_H20_W1

◆ OQS_SIG_STFL_alg_lms_sha256_h20_w2

#define OQS_SIG_STFL_alg_lms_sha256_h20_w2   "LMS_SHA256_H20_W2"

Algorithm identifier for LMS-SHA256_H20_W2

◆ OQS_SIG_STFL_alg_lms_sha256_h20_w4

#define OQS_SIG_STFL_alg_lms_sha256_h20_w4   "LMS_SHA256_H20_W4"

Algorithm identifier for LMS-SHA256_H20_W4

◆ OQS_SIG_STFL_alg_lms_sha256_h20_w8

#define OQS_SIG_STFL_alg_lms_sha256_h20_w8   "LMS_SHA256_H20_W8"

Algorithm identifier for LMS-SHA256_H20_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8

#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8   "LMS_SHA256_H20_W8_H10_W8"

Algorithm identifier for LMS-SHA256_H20_W8_H10_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8

#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8   "LMS_SHA256_H20_W8_H15_W8"

Algorithm identifier for LMS-SHA256_H20_W8_H15_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8

#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8   "LMS_SHA256_H20_W8_H20_W8"

Algorithm identifier for LMS-SHA256_H20_W8_H20_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8

#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8   "LMS_SHA256_H20_W8_H5_W8"

Algorithm identifier for LMS-SHA256_H20_W8_H5_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h25_w1

#define OQS_SIG_STFL_alg_lms_sha256_h25_w1   "LMS_SHA256_H25_W1"

Algorithm identifier for LMS-SHA256_H25_W1

◆ OQS_SIG_STFL_alg_lms_sha256_h25_w2

#define OQS_SIG_STFL_alg_lms_sha256_h25_w2   "LMS_SHA256_H25_W2"

Algorithm identifier for LMS-SHA256_H25_W2

◆ OQS_SIG_STFL_alg_lms_sha256_h25_w4

#define OQS_SIG_STFL_alg_lms_sha256_h25_w4   "LMS_SHA256_H25_W4"

Algorithm identifier for LMS-SHA256_H25_W4

◆ OQS_SIG_STFL_alg_lms_sha256_h25_w8

#define OQS_SIG_STFL_alg_lms_sha256_h25_w8   "LMS_SHA256_H25_W8"

Algorithm identifier for LMS-SHA256_H25_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h5_w1

#define OQS_SIG_STFL_alg_lms_sha256_h5_w1   "LMS_SHA256_H5_W1"

Algorithm identifier for LMS-SHA256_H5_W1

◆ OQS_SIG_STFL_alg_lms_sha256_h5_w2

#define OQS_SIG_STFL_alg_lms_sha256_h5_w2   "LMS_SHA256_H5_W2"

Algorithm identifier for LMS-SHA256_H5_W2

◆ OQS_SIG_STFL_alg_lms_sha256_h5_w4

#define OQS_SIG_STFL_alg_lms_sha256_h5_w4   "LMS_SHA256_H5_W4"

Algorithm identifier for LMS-SHA256_H5_W4

◆ OQS_SIG_STFL_alg_lms_sha256_h5_w8

#define OQS_SIG_STFL_alg_lms_sha256_h5_w8   "LMS_SHA256_H5_W8"

Algorithm identifier for LMS-SHA256_H5_W8

◆ OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8

#define OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8   "LMS_SHA256_H5_W8_H5_W8"

Algorithm identifier for LMS-SHA256_H5_W8_H5_W8

◆ OQS_SIG_STFL_alg_xmss_sha256_h10

#define OQS_SIG_STFL_alg_xmss_sha256_h10   "XMSS-SHA2_10_256"

Algorithm identifier for XMSS-SHA2_10_256

◆ OQS_SIG_STFL_alg_xmss_sha256_h10_192

#define OQS_SIG_STFL_alg_xmss_sha256_h10_192   "XMSS-SHA2_10_192"

Algorithm identifier for XMSS-SHA2_10_192

◆ OQS_SIG_STFL_alg_xmss_sha256_h16

#define OQS_SIG_STFL_alg_xmss_sha256_h16   "XMSS-SHA2_16_256"

Algorithm identifier for XMSS-SHA2_16_256

◆ OQS_SIG_STFL_alg_xmss_sha256_h16_192

#define OQS_SIG_STFL_alg_xmss_sha256_h16_192   "XMSS-SHA2_16_192"

Algorithm identifier for XMSS-SHA2_16_192

◆ OQS_SIG_STFL_alg_xmss_sha256_h20

#define OQS_SIG_STFL_alg_xmss_sha256_h20   "XMSS-SHA2_20_256"

Algorithm identifier for XMSS-SHA2_20_256

◆ OQS_SIG_STFL_alg_xmss_sha256_h20_192

#define OQS_SIG_STFL_alg_xmss_sha256_h20_192   "XMSS-SHA2_20_192"

Algorithm identifier for XMSS-SHA2_20_192

◆ OQS_SIG_STFL_alg_xmss_sha512_h10

#define OQS_SIG_STFL_alg_xmss_sha512_h10   "XMSS-SHA2_10_512"

Algorithm identifier for XMSS-SHA2_10_512

◆ OQS_SIG_STFL_alg_xmss_sha512_h16

#define OQS_SIG_STFL_alg_xmss_sha512_h16   "XMSS-SHA2_16_512"

Algorithm identifier for XMSS-SHA2_16_512

◆ OQS_SIG_STFL_alg_xmss_sha512_h20

#define OQS_SIG_STFL_alg_xmss_sha512_h20   "XMSS-SHA2_20_512"

Algorithm identifier for XMSS-SHA2_20_512

◆ OQS_SIG_STFL_alg_xmss_shake128_h10

#define OQS_SIG_STFL_alg_xmss_shake128_h10   "XMSS-SHAKE_10_256"

Algorithm identifier for XMSS-SHAKE_10_256

◆ OQS_SIG_STFL_alg_xmss_shake128_h16

#define OQS_SIG_STFL_alg_xmss_shake128_h16   "XMSS-SHAKE_16_256"

Algorithm identifier for XMSS-SHAKE_16_256

◆ OQS_SIG_STFL_alg_xmss_shake128_h20

#define OQS_SIG_STFL_alg_xmss_shake128_h20   "XMSS-SHAKE_20_256"

Algorithm identifier for XMSS-SHAKE_20_256

◆ OQS_SIG_STFL_alg_xmss_shake256_h10

#define OQS_SIG_STFL_alg_xmss_shake256_h10   "XMSS-SHAKE_10_512"

Algorithm identifier for XMSS-SHAKE_10_512

◆ OQS_SIG_STFL_alg_xmss_shake256_h10_192

#define OQS_SIG_STFL_alg_xmss_shake256_h10_192   "XMSS-SHAKE256_10_192"

Algorithm identifier for XMSS-SHAKE256_10_192

◆ OQS_SIG_STFL_alg_xmss_shake256_h10_256

#define OQS_SIG_STFL_alg_xmss_shake256_h10_256   "XMSS-SHAKE256_10_256"

Algorithm identifier for XMSS-SHAKE256_10_256

◆ OQS_SIG_STFL_alg_xmss_shake256_h16

#define OQS_SIG_STFL_alg_xmss_shake256_h16   "XMSS-SHAKE_16_512"

Algorithm identifier for XMSS-SHAKE_16_512

◆ OQS_SIG_STFL_alg_xmss_shake256_h16_192

#define OQS_SIG_STFL_alg_xmss_shake256_h16_192   "XMSS-SHAKE256_16_192"

Algorithm identifier for XMSS-SHAKE256_16_192

◆ OQS_SIG_STFL_alg_xmss_shake256_h16_256

#define OQS_SIG_STFL_alg_xmss_shake256_h16_256   "XMSS-SHAKE256_16_256"

Algorithm identifier for XMSS-SHAKE256_16_256

◆ OQS_SIG_STFL_alg_xmss_shake256_h20

#define OQS_SIG_STFL_alg_xmss_shake256_h20   "XMSS-SHAKE_20_512"

Algorithm identifier for XMSS-SHAKE_20_512

◆ OQS_SIG_STFL_alg_xmss_shake256_h20_192

#define OQS_SIG_STFL_alg_xmss_shake256_h20_192   "XMSS-SHAKE256_20_192"

Algorithm identifier for XMSS-SHAKE256_20_192

◆ OQS_SIG_STFL_alg_xmss_shake256_h20_256

#define OQS_SIG_STFL_alg_xmss_shake256_h20_256   "XMSS-SHAKE256_20_256"

Algorithm identifier for XMSS-SHAKE256_20_256

◆ OQS_SIG_STFL_alg_xmssmt_sha256_h20_2

#define OQS_SIG_STFL_alg_xmssmt_sha256_h20_2   "XMSSMT-SHA2_20/2_256"

Algorithm identifier for XMSSMT-SHA2_20/2_256

◆ OQS_SIG_STFL_alg_xmssmt_sha256_h20_4

#define OQS_SIG_STFL_alg_xmssmt_sha256_h20_4   "XMSSMT-SHA2_20/4_256"

Algorithm identifier for XMSSMT-SHA2_20/4_256

◆ OQS_SIG_STFL_alg_xmssmt_sha256_h40_2

#define OQS_SIG_STFL_alg_xmssmt_sha256_h40_2   "XMSSMT-SHA2_40/2_256"

Algorithm identifier for XMSSMT-SHA2_40/2_256

◆ OQS_SIG_STFL_alg_xmssmt_sha256_h40_4

#define OQS_SIG_STFL_alg_xmssmt_sha256_h40_4   "XMSSMT-SHA2_40/4_256"

Algorithm identifier for XMSSMT-SHA2_40/4_256

◆ OQS_SIG_STFL_alg_xmssmt_sha256_h40_8

#define OQS_SIG_STFL_alg_xmssmt_sha256_h40_8   "XMSSMT-SHA2_40/8_256"

Algorithm identifier for XMSSMT-SHA2_40/8_256

◆ OQS_SIG_STFL_alg_xmssmt_sha256_h60_12

#define OQS_SIG_STFL_alg_xmssmt_sha256_h60_12   "XMSSMT-SHA2_60/12_256"

Algorithm identifier for XMSSMT-SHA2_60/12_256

◆ OQS_SIG_STFL_alg_xmssmt_sha256_h60_3

#define OQS_SIG_STFL_alg_xmssmt_sha256_h60_3   "XMSSMT-SHA2_60/3_256"

Algorithm identifier for XMSSMT-SHA2_60/3_256

◆ OQS_SIG_STFL_alg_xmssmt_sha256_h60_6

#define OQS_SIG_STFL_alg_xmssmt_sha256_h60_6   "XMSSMT-SHA2_60/6_256"

Algorithm identifier for XMSSMT-SHA2_60/6_256

◆ OQS_SIG_STFL_alg_xmssmt_shake128_h20_2

#define OQS_SIG_STFL_alg_xmssmt_shake128_h20_2   "XMSSMT-SHAKE_20/2_256"

Algorithm identifier for XMSSMT-SHAKE_20/2_256

◆ OQS_SIG_STFL_alg_xmssmt_shake128_h20_4

#define OQS_SIG_STFL_alg_xmssmt_shake128_h20_4   "XMSSMT-SHAKE_20/4_256"

Algorithm identifier for XMSSMT-SHAKE_20/4_256

◆ OQS_SIG_STFL_alg_xmssmt_shake128_h40_2

#define OQS_SIG_STFL_alg_xmssmt_shake128_h40_2   "XMSSMT-SHAKE_40/2_256"

Algorithm identifier for XMSSMT-SHAKE_40/2_256

◆ OQS_SIG_STFL_alg_xmssmt_shake128_h40_4

#define OQS_SIG_STFL_alg_xmssmt_shake128_h40_4   "XMSSMT-SHAKE_40/4_256"

Algorithm identifier for XMSSMT-SHAKE_40/4_256

◆ OQS_SIG_STFL_alg_xmssmt_shake128_h40_8

#define OQS_SIG_STFL_alg_xmssmt_shake128_h40_8   "XMSSMT-SHAKE_40/8_256"

Algorithm identifier for XMSSMT-SHAKE_40/8_256

◆ OQS_SIG_STFL_alg_xmssmt_shake128_h60_12

#define OQS_SIG_STFL_alg_xmssmt_shake128_h60_12   "XMSSMT-SHAKE_60/12_256"

Algorithm identifier for XMSSMT-SHAKE_60/12_256

◆ OQS_SIG_STFL_alg_xmssmt_shake128_h60_3

#define OQS_SIG_STFL_alg_xmssmt_shake128_h60_3   "XMSSMT-SHAKE_60/3_256"

Algorithm identifier for XMSSMT-SHAKE_60/3_256

◆ OQS_SIG_STFL_alg_xmssmt_shake128_h60_6

#define OQS_SIG_STFL_alg_xmssmt_shake128_h60_6   "XMSSMT-SHAKE_60/6_256"

Algorithm identifier for XMSSMT-SHAKE_60/6_256

◆ OQS_SIG_STFL_algs_length

#define OQS_SIG_STFL_algs_length   70

Total number of stateful variants defined above, used to create the tracking array

Typedef Documentation

◆ lock_key

typedef OQS_STATUS(* lock_key) (void *mutex)

Application provided function to lock secret key object serialize access

Parameters
[in]mutexpointer to mutex struct return OQS_SUCCESS if successful, otherwise OQS_ERROR

◆ secure_store_sk

typedef OQS_STATUS(* secure_store_sk) (uint8_t *sk_buf, size_t buf_len, void *context)

Application provided function to securely store data

Parameters
[in]sk_bufpointer to the data to be saved
[in]buf_lenlength of the data to be stored
[out]contextpass back application data related to secret key data storage. return OQS_SUCCESS if successful, otherwise OQS_ERROR

◆ unlock_key

typedef OQS_STATUS(* unlock_key) (void *mutex)

Application provided function to unlock secret key object

Parameters
[in]mutexpointer to mutex struct return OQS_SUCCESS if successful, otherwise OQS_ERROR

Function Documentation

◆ OQS_SIG_STFL_alg_count()

OQS_API int OQS_SIG_STFL_alg_count ( void )

Returns the number of stateful signature mechanisms in liboqs. They can be enumerated with OQS_SIG_STFL_alg_identifier.

Note that some mechanisms may be disabled at compile time.

Returns
The number of stateful signature mechanisms.

◆ OQS_SIG_STFL_alg_identifier()

OQS_API const char * OQS_SIG_STFL_alg_identifier ( size_t i)

Returns identifiers for available signature schemes in liboqs. Used with OQS_SIG_STFL_new.

Note that algorithm identifiers are present in this list even when the algorithm is disabled at compile time.

Parameters
[in]iIndex of the algorithm identifier to return, 0 <= i < OQS_SIG_algs_length
Returns
Algorithm identifier as a string, or NULL.

◆ OQS_SIG_STFL_alg_is_enabled()

OQS_API int OQS_SIG_STFL_alg_is_enabled ( const char * method_name)

Indicates whether the specified algorithm was enabled at compile-time or not.

Parameters
[in]method_nameName of the desired algorithm; one of the names in OQS_SIG_STFL_algs.
Returns
1 if enabled, 0 if disabled or not found

◆ OQS_SIG_STFL_free()

OQS_API void OQS_SIG_STFL_free ( OQS_SIG_STFL * sig)

Free an OQS_SIG_STFL object that was constructed by OQS_SIG_STFL_new.

◆ OQS_SIG_STFL_keypair()

OQS_API OQS_STATUS OQS_SIG_STFL_keypair ( const OQS_SIG_STFL * sig,
uint8_t * public_key,
OQS_SIG_STFL_SECRET_KEY * secret_key )

Keypair generation algorithm.

Caller is responsible for allocating sufficient memory for public_key based on the length_* members in this object or the per-scheme compile-time macros OQS_SIG_STFL_*_length_*. The caller is also responsible for initializing secret_key using the OQS_SIG_STFL_SECRET_KEY(*) function.

Parameters
[in]sigThe OQS_SIG_STFL object representing the signature scheme.
[out]public_keyThe public key is represented as a byte string.
[out]secret_keyThe secret key object pointer.
Returns
OQS_SUCCESS or OQS_ERROR

◆ OQS_SIG_STFL_new()

OQS_API OQS_SIG_STFL * OQS_SIG_STFL_new ( const char * method_name)

Constructs an OQS_SIG_STFL object for a particular algorithm.

Callers should always check whether the return value is NULL, which indicates either than an invalid algorithm name was provided, or that the requested algorithm was disabled at compile-time.

Parameters
[in]method_nameName of the desired algorithm; one of the names in OQS_SIG_STFL_algs.
Returns
An OQS_SIG_STFL for the particular algorithm, or NULL if the algorithm has been disabled at compile-time.

◆ OQS_SIG_STFL_SECRET_KEY_deserialize()

OQS_API OQS_STATUS OQS_SIG_STFL_SECRET_KEY_deserialize ( OQS_SIG_STFL_SECRET_KEY * sk,
const uint8_t * sk_buf,
size_t sk_buf_len,
void * context )

Deserialize a byte array into an OQS_SIG_STFL_SECRET_KEY object.

Transforms a binary representation of a secret key into an OQS_SIG_STFL_SECRET_KEY structure. After deserialization, the secret key object can be used for subsequent cryptographic operations.

Parameters
[out]skA pointer to the secret key object that will be populated from the binary data.
[in]sk_bufThe buffer containing the serialized secret key data.
[in]sk_buf_lenThe length of the binary secret key data in bytes.
[in]contextApplication-specific data used to maintain context about the secret key.
Returns
OQS_SUCCESS if deserialization was successful; otherwise, OQS_ERROR.
Attention
The caller is responsible for freeing the sk_buf memory when it is no longer needed.

◆ OQS_SIG_STFL_SECRET_KEY_free()

OQS_API void OQS_SIG_STFL_SECRET_KEY_free ( OQS_SIG_STFL_SECRET_KEY * sk)

Free an OQS_SIG_STFL_SECRET_KEY object that was constructed by OQS_SECRET_KEY_new.

Parameters
[in]skThe OQS_SIG_STFL_SECRET_KEY object to free.

◆ OQS_SIG_STFL_SECRET_KEY_lock()

OQS_STATUS OQS_SIG_STFL_SECRET_KEY_lock ( OQS_SIG_STFL_SECRET_KEY * sk)

Lock the secret key to ensure exclusive access in a concurrent environment.

If the mutex is not set, this lock operation will fail. This lock operation is essential in multi-threaded or multi-process contexts to prevent simultaneous Signing operations that could compromise the stateful signature security.

Warning
If the lock function is set and mutex is not set, this lock operation will fail.
Parameters
[in]skPointer to the secret key to be locked.
Returns
OQS_SUCCESS if the lock is successfully applied; OQS_ERROR otherwise.
Note
It's not necessary to use this function in either Keygen or Verifying operations. In a concurrent environment, the user is responsible for locking and unlocking the private key, to make sure that only one thread can access the private key during a Signing operation.
If the lock function and mutex are both set, proceed to lock the private key.

◆ OQS_SIG_STFL_SECRET_KEY_new()

OQS_API OQS_SIG_STFL_SECRET_KEY * OQS_SIG_STFL_SECRET_KEY_new ( const char * method_name)

Construct an OQS_SIG_STFL_SECRET_KEY object for a particular algorithm.

Callers should always check whether the return value is NULL, which indicates either than an invalid algorithm name was provided, or that the requested algorithm was disabled at compile-time.

Parameters
[in]method_nameName of the desired algorithm; one of the names in OQS_SIG_STFL_algs.
Returns
An OQS_SIG_STFL_SECRET_KEY for the particular algorithm, or NULL if the algorithm has been disabled at compile-time.

◆ OQS_SIG_STFL_SECRET_KEY_serialize()

OQS_API OQS_STATUS OQS_SIG_STFL_SECRET_KEY_serialize ( uint8_t ** sk_buf_ptr,
size_t * sk_buf_len,
const OQS_SIG_STFL_SECRET_KEY * sk )

Serialize the stateful secret key data into a byte array.

Converts an OQS_SIG_STFL_SECRET_KEY object into a byte array for storage or transmission.

Parameters
[out]sk_buf_ptrPointer to the allocated byte array containing the serialized key.
[out]sk_buf_lenLength of the serialized key byte array.
[in]skPointer to the OQS_SIG_STFL_SECRET_KEY object to be serialized.
Returns
OQS_SUCCESS on success, or an OQS error code on failure.
Note
The function allocates memory for the byte array, and it is the caller's responsibility to free this memory after use.

◆ OQS_SIG_STFL_SECRET_KEY_SET_lock()

OQS_API void OQS_SIG_STFL_SECRET_KEY_SET_lock ( OQS_SIG_STFL_SECRET_KEY * sk,
lock_key lock )

Attach a locking mechanism to a secret key object.

This allows for proper synchronization in a multi-threaded or multi-process environment, by ensuring that a secret key is not used concurrently by multiple entities, which could otherwise lead to security issues.

Parameters
[in]skPointer to the secret key object whose lock function is to be set.
[in]lockFunction pointer to the locking routine provided by the application.
Note
It's not required to set the lock and unlock functions in a single-threaded environment.
Once the lock function is set, users must also set the mutex and unlock functions.
By default, the internal value of sk->lock is NULL, which does nothing to lock the private key.

◆ OQS_SIG_STFL_SECRET_KEY_SET_mutex()

OQS_API void OQS_SIG_STFL_SECRET_KEY_SET_mutex ( OQS_SIG_STFL_SECRET_KEY * sk,
void * mutex )

Assign a mutex function to handle concurrency control over the secret key.

This is to ensure that only one process can access or modify the key at any given time.

Parameters
[in]skA pointer to the secret key that the mutex functionality will protect.
[in]mutexA function pointer to the desired concurrency control mechanism.
Note
It's not required to set the lock and unlock functions in a single-threaded environment.
By default, the internal value of sk->mutex is NULL, it must be set to be used in lock or unlock the private key.

◆ OQS_SIG_STFL_SECRET_KEY_SET_store_cb()

OQS_API void OQS_SIG_STFL_SECRET_KEY_SET_store_cb ( OQS_SIG_STFL_SECRET_KEY * sk,
secure_store_sk store_cb,
void * context )

Set the callback and context for securely storing a stateful secret key.

This function is designed to be called after a new stateful secret key has been generated. It enables the library to securely store secret key and update it every time a Signing operation occurs. Without properly setting this callback and context, signature generation will not succeed as the updated state of the secret key cannot be preserved.

Parameters
[in]skPointer to the stateful secret key to be managed.
[in]store_cbCallback function that handles the secure storage of the key.
[in]contextApplication-specific context that assists in the storage of secret key data. This context is managed by the application, which allocates it, keeps track of it, and deallocates it as necessary.

◆ OQS_SIG_STFL_SECRET_KEY_SET_unlock()

OQS_API void OQS_SIG_STFL_SECRET_KEY_SET_unlock ( OQS_SIG_STFL_SECRET_KEY * sk,
unlock_key unlock )

Attach an unlock mechanism to a secret key object.

This allows for proper synchronization in a multi-threaded or multi-process environment, by ensuring that a secret key is not used concurrently by multiple entities, which could otherwise lead to security issues.

Parameters
[in]skPointer to the secret key object whose unlock function is to be set.
[in]unlockFunction pointer to the unlock routine provided by the application.
Note
It's not required to set the lock and unlock functions in a single-threaded environment.
Once the unlock function is set, users must also set the mutex and lock functions.
By default, the internal value of sk->unlock is NULL, which does nothing to unlock the private key.

◆ OQS_SIG_STFL_SECRET_KEY_unlock()

OQS_STATUS OQS_SIG_STFL_SECRET_KEY_unlock ( OQS_SIG_STFL_SECRET_KEY * sk)

Unlock the secret key, making it accessible to other processes.

This function is crucial in environments where multiple processes need to coordinate access to the secret key, as it allows a process to signal that it has finished using the key, so others can safely use it.

Warning
If the unlock function is set and mutex is not set, this unlock operation will fail.
Parameters
[in]skPointer to the secret key whose lock should be released.
Returns
OQS_SUCCESS if the lock was successfully released; otherwise, OQS_ERROR.
Note
It's not necessary to use this function in either Keygen or Verifying operations. In a concurrent environment, the user is responsible for locking and unlocking the private key, to make sure that only one thread can access the private key during a Signing operation.
If the unlock function and mutex are both set, proceed to unlock the private key.

◆ OQS_SIG_STFL_sign()

OQS_API OQS_STATUS OQS_SIG_STFL_sign ( const OQS_SIG_STFL * sig,
uint8_t * signature,
size_t * signature_len,
const uint8_t * message,
size_t message_len,
OQS_SIG_STFL_SECRET_KEY * secret_key )

Signature generation algorithm.

For stateful signatures, there is always a limited number of signatures that can be used, The private key signature counter is increased by one once a signature is successfully generated, When the signature counter reaches the maximum number of available signatures, the signature generation always fails.

Caller is responsible for allocating sufficient memory for signature, based on the length_* members in this object or the per-scheme compile-time macros OQS_SIG_STFL_*_length_*.

Parameters
[in]sigThe OQS_SIG_STFL object representing the signature scheme.
[out]signatureThe signature on the message is represented as a byte string.
[out]signature_lenThe length of the signature.
[in]messageThe message to sign is represented as a byte string.
[in]message_lenThe length of the message to sign.
[in]secret_keyThe secret key object pointer.
Returns
OQS_SUCCESS or OQS_ERROR
Note
Internally, if lock/unlock functions and mutex are set, it will attempt to lock the private key and unlock the private key after the Signing operation is completed.

◆ OQS_SIG_STFL_sigs_remaining()

OQS_API OQS_STATUS OQS_SIG_STFL_sigs_remaining ( const OQS_SIG_STFL * sig,
unsigned long long * remain,
const OQS_SIG_STFL_SECRET_KEY * secret_key )

Query the number of remaining signatures.

The remaining signatures are the number of signatures available before the private key runs out of its total signature and expires.

Parameters
[in]sigThe OQS_SIG_STFL object representing the signature scheme.
[in]remainThe number of remaining signatures.
[in]secret_keyThe secret key object.
Returns
OQS_SUCCESS or OQS_ERROR

◆ OQS_SIG_STFL_sigs_total()

OQS_API OQS_STATUS OQS_SIG_STFL_sigs_total ( const OQS_SIG_STFL * sig,
unsigned long long * max,
const OQS_SIG_STFL_SECRET_KEY * secret_key )

Query the total number of signatures.

The total number of signatures is the constant number present in how many signatures can be generated from a private key.

Parameters
[in]sigThe OQS_SIG_STFL object representing the signature scheme.
[out]maxThe number of remaining signatures
[in]secret_keyThe secret key object.
Returns
OQS_SUCCESS or OQS_ERROR

◆ OQS_SIG_STFL_verify()

OQS_API OQS_STATUS OQS_SIG_STFL_verify ( const OQS_SIG_STFL * sig,
const uint8_t * message,
size_t message_len,
const uint8_t * signature,
size_t signature_len,
const uint8_t * public_key )

Signature verification algorithm.

Parameters
[in]sigThe OQS_SIG_STFL object representing the signature scheme.
[in]messageThe message is represented as a byte string.
[in]message_lenThe length of the message.
[in]signatureThe signature on the message is represented as a byte string.
[in]signature_lenThe length of the signature.
[in]public_keyThe public key is represented as a byte string.
Returns
OQS_SUCCESS or OQS_ERROR