Move public header content from lmots.h to lms.h

Signed-off-by: Raef Coles <raef.coles@arm.com>
2025-07-29 11:41:15 +03:00 · 2022-09-28 17:12:41 +01:00
parent b4568c5423
commit ab300f15e8
2 changed files with 84 additions and 83 deletions
--- a/library/lmots.h
+++ b/library/lmots.h
@ -30,18 +30,14 @@

 #include "psa/crypto.h"

+#include "mbedtls/lms.h"
+
 #include <stdint.h>
 #include <stddef.h>

-/* Currently only defined for SHA256, 32 is the max hash output size */
-#define MBEDTLS_LMOTS_N_HASH_LEN_MAX           (32u)
-#define MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT_MAX    (34u)
-#define MBEDTLS_LMOTS_N_HASH_LEN(type)         (type == MBEDTLS_LMOTS_SHA256_N32_W8 ? 32u : 0)
 #define MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT(type)  (type == MBEDTLS_LMOTS_SHA256_N32_W8 ? 34u : 0)
 #define MBEDTLS_LMOTS_C_RANDOM_VALUE_LEN(type) (MBEDTLS_LMOTS_N_HASH_LEN(type))
 #define MBEDTLS_LMOTS_TYPE_LEN                 (4u)
-#define MBEDTLS_LMOTS_I_KEY_ID_LEN             (16u)
-#define MBEDTLS_LMOTS_Q_LEAF_ID_LEN            (4u)

 #define MBEDTLS_LMOTS_SIG_LEN(type) (MBEDTLS_LMOTS_TYPE_LEN + \
                                     MBEDTLS_LMOTS_C_RANDOM_VALUE_LEN(type) + \
@ -63,81 +59,6 @@
 extern "C" {
 #endif

-/** The Identifier of the LMS parameter set, as per
- *  https://www.iana.org/assignments/leighton-micali-signatures/leighton-micali-signatures.xhtml.
- *  We are only implementing a subset of the types, particularly N32_W8, for the sake of simplicty.
- */
-typedef enum {
-    MBEDTLS_LMOTS_SHA256_N32_W8 = 4
-} mbedtls_lmots_algorithm_type_t;
-
-
-/** LMOTS parameters structure.
- *
- * This contains the metadata associated with an LMOTS key, detailing the
- * algorithm type, the key ID, and the leaf identifier should be key be part of
- * a LMS key.
- */
-typedef struct {
-    unsigned char MBEDTLS_PRIVATE(I_key_identifier[MBEDTLS_LMOTS_I_KEY_ID_LEN]); /*!< The key
-                                                     identifier. */
-    unsigned char MBEDTLS_PRIVATE(q_leaf_identifier[MBEDTLS_LMOTS_Q_LEAF_ID_LEN]); /*!< Which
-                                                      leaf of the LMS key this is.
-                                                      0 if the key is not part of an LMS key. */
-    mbedtls_lmots_algorithm_type_t MBEDTLS_PRIVATE(type); /*!< The LM-OTS key type identifier as
-                                                               per IANA. Only SHA256_N32_W8 is
-                                                               currently supported. */
-} mbedtls_lmots_parameters_t;
-
-/** LMOTS public context structure.
- *
- * A LMOTS public key is a hash output, and the applicable parameter set.
- *
- * The context must be initialized before it is used. A public key must either
- * be imported or generated from a private context.
- *
- * \dot
- * digraph lmots_public_t {
- *   UNINITIALIZED -> INIT [label="init"];
- *   HAVE_PUBLIC_KEY -> INIT [label="free"];
- *   INIT -> HAVE_PUBLIC_KEY [label="import_public_key"];
- *   INIT -> HAVE_PUBLIC_KEY [label="calculate_public_key from private key"];
- *   HAVE_PUBLIC_KEY -> HAVE_PUBLIC_KEY [label="export_public_key"];
- * }
- * \enddot
- */
-typedef struct {
-    mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params);
-    unsigned char MBEDTLS_PRIVATE(public_key)[MBEDTLS_LMOTS_N_HASH_LEN_MAX];
-    unsigned char MBEDTLS_PRIVATE(have_public_key); /*!< Whether the context contains a public key.
-                                                     Boolean values only. */
-} mbedtls_lmots_public_t;
-
-#ifdef MBEDTLS_LMS_PRIVATE
-/** LMOTS private context structure.
- *
- * A LMOTS private key is one hash output for each of digit of the digest +
- * checksum, and the applicable parameter set.
- *
- * The context must be initialized before it is used. A public key must either
- * be imported or generated from a private context.
- *
- * \dot
- * digraph lmots_public_t {
- *   UNINITIALIZED -> INIT [label="init"];
- *   HAVE_PRIVATE_KEY -> INIT [label="free"];
- *   INIT -> HAVE_PRIVATE_KEY [label="generate_private_key"];
- *   HAVE_PRIVATE_KEY -> INIT [label="sign"];
- * }
- * \enddot
- */
-typedef struct {
-    mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params);
-    unsigned char MBEDTLS_PRIVATE(private_key)[MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT_MAX][MBEDTLS_LMOTS_N_HASH_LEN_MAX];
-    unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key.
-                                                     Boolean values only. */
-} mbedtls_lmots_private_t;
-#endif /* MBEDTLS_LMS_PRIVATE */

 #if defined(MBEDTLS_TEST_HOOKS)
 extern int( *mbedtls_lmots_sign_private_key_invalidated_hook )( unsigned char * );