The FIPS 205 implementation of the Sphincs+ Asymmetric Signature Scheme. More...

#include "qsccommon.h"

Macros
#define	QSC_SPHINCSPLUS_GENERATE_SEED_SIZE 48
	The byte size of the key generation seed.
#define	QSC_SPHINCSPLUS_SIGN_SEED_SIZE 16
	The byte size of the signing key array.
#define	QSC_SPHINCSPLUS_SIGNATURE_SIZE 7856
	The byte size of the signature array.
#define	QSC_SPHINCSPLUS_PRIVATEKEY_SIZE 64
	The byte size of the secret private-key array.
#define	QSC_SPHINCSPLUS_PUBLICKEY_SIZE 32
	The byte size of the public-key array.
#define	QSC_SPHINCSPLUS_ALGNAME "SPHINCSPLUS-S1S128SHAKERS"
	The formal algorithm name.

Functions
QSC_EXPORT_API bool	qsc_sphincsplus_generate_keypair (uint8_t publickey, uint8_t privatekey, bool(rng_generate)(uint8_t , size_t))
	Generates a Sphincs+ public/private key-pair.
QSC_EXPORT_API bool	qsc_sphincsplus_generate_seeded_keypair (uint8_t publickey, uint8_t privatekey, const uint8_t seed[QSC_SPHINCSPLUS_GENERATE_SEED_SIZE])
	Generates a Sphincs+ public/private key-pair using a seed.
QSC_EXPORT_API bool	qsc_sphincsplus_sign (uint8_t signedmsg, size_t smsglen, const uint8_t message, size_t msglen, const uint8_t privatekey, bool(rng_generate)(uint8_t , size_t))
	Takes the message as input and returns an array containing the signature followed by the message.
QSC_EXPORT_API bool	qsc_sphincsplus_sign_ex (uint8_t signedmsg, size_t smsglen, const uint8_t message, size_t msglen, const uint8_t context, size_t ctxlen, const uint8_t privatekey, bool(rng_generate)(uint8_t *, size_t))
	Takes the message as input with the additional context parameter and returns an array containing the signature followed by the message.
QSC_EXPORT_API bool	qsc_sphincsplus_seeded_sign_ex (uint8_t signedmsg, size_t smsglen, const uint8_t message, size_t msglen, const uint8_t context, size_t ctxlen, const uint8_t privatekey, const uint8_t seed)
	Takes the message and a seed as input and returns an array containing the signature followed by the message.
QSC_EXPORT_API bool	qsc_sphincsplus_verify (uint8_t message, size_t msglen, const uint8_t signedmsg, size_t smsglen, const uint8_t publickey)
	Verifies a signature-message pair with the public key.
QSC_EXPORT_API bool	qsc_sphincsplus_verify_ex (uint8_t message, size_t msglen, const uint8_t context, size_t ctxlen, const uint8_t signedmsg, size_t smsglen, const uint8_t *publickey)
	Verifies a signature-message pair and context parameter with the public key.

Detailed Description

The FIPS 205 implementation of the Sphincs+ Asymmetric Signature Scheme.

This header defines the primary public API for the FIPS 205 Sphincs+ asymmetric signature scheme implementation. It provides functions for generating key pairs, signing messages, and verifying signatures. The implementation is based on the C reference branch of SPHINCS+ from the FIPS 205 implementation.

// Example usage:
#define MSGLEN 32
uint8_t pk[QSC_SPHINCSPLUS_PUBLICKEY_SIZE];
uint8_t sk[QSC_SPHINCSPLUS_PRIVATEKEY_SIZE];
uint8_t msg[MSGLEN];
uint8_t smsg[QSC_SPHINCSPLUS_SIGNATURE_SIZE + MSGLEN];
uint8_t rmsg[MSGLEN];
uint32_t smsglen = 0;
uint32_t rmsglen = 0;
 
// Generate the key pair
qsc_sphincsplus_generate_keypair(pk, sk, rng_generate);
 
// Sign the message
qsc_sphincsplus_sign(smsg, &smsglen, msg, MSGLEN, sk, rng_generate);
 
// Verify the signature and recover the message
if (!qsc_sphincsplus_verify(rmsg, &rmsglen, smsg, smsglen, pk))
{
    // Signature verification failed; handle error.
}

Reference Links:

NIST FIPS-205 SPHINCS+ Specification SPHINCS+ Website

Function Documentation

◆ qsc_sphincsplus_generate_keypair()

QSC_EXPORT_API bool qsc_sphincsplus_generate_keypair	(	uint8_t *	publickey,
		uint8_t *	privatekey,
		bool(*	rng_generate )(uint8_t *, size_t) )

Generates a Sphincs+ public/private key-pair.

Warning: Arrays must be sized to QSC_SPHINCSPLUS_PUBLICKEY_SIZE and QSC_SPHINCSPLUS_SECRETKEY_SIZE.

Parameters

publickey	[uint8_t*] Pointer to the public verification-key array
privatekey	[uint8_t*] Pointer to the private signature-key array
rng_generate	[(uint8_t*, size_t)] Pointer to the random generator

Returns: [bool] Returns true for success

◆ qsc_sphincsplus_generate_seeded_keypair()

QSC_EXPORT_API bool qsc_sphincsplus_generate_seeded_keypair	(	uint8_t *	publickey,
		uint8_t *	privatekey,
		const uint8_t	seed[QSC_SPHINCSPLUS_GENERATE_SEED_SIZE] )

Generates a Sphincs+ public/private key-pair using a seed.

Warning: Arrays must be sized to QSC_SPHINCSPLUS_PUBLICKEY_SIZE and QSC_SPHINCSPLUS_SECRETKEY_SIZE, seed to QSC_SPHINCSPLUS_GENERATE_SEED_SIZE.

Parameters

publickey	[uint8_t*] Pointer to the public verification-key array
privatekey	[uint8_t*] Pointer to the private signature-key array
seed	[const uint8_t*] Pointer to the random generator

Returns: [bool] Returns true for success

◆ qsc_sphincsplus_seeded_sign_ex()

QSC_EXPORT_API bool qsc_sphincsplus_seeded_sign_ex	(	uint8_t *	signedmsg,
		size_t *	smsglen,
		const uint8_t *	message,
		size_t	msglen,
		const uint8_t *	context,
		size_t	ctxlen,
		const uint8_t *	privatekey,
		const uint8_t *	seed )

Takes the message and a seed as input and returns an array containing the signature followed by the message.

Warning: Signature array must be sized to the size of the message plus QSC_SPHINCSPLUS_SIGNATURE_SIZE.

Parameters

signedmsg	[uint8_t*] Pointer to the signed-message array
smsglen	[size_t*] Pointer to the signed message length
message	[const uint8_t*] Pointer to the message array
msglen	[size_t] The message length
context	[const uint8_t*] Pointer to the context array.
ctxlen	[size_t] The context array length.
privatekey	[const uint8_t*] Pointer to the private signature-key array
seed	[const uint8_t*] Pointer to the random seed

Returns: [bool] Returns true for success

◆ qsc_sphincsplus_sign()

QSC_EXPORT_API bool qsc_sphincsplus_sign	(	uint8_t *	signedmsg,
		size_t *	smsglen,
		const uint8_t *	message,
		size_t	msglen,
		const uint8_t *	privatekey,
		bool(*	rng_generate )(uint8_t *, size_t) )

Takes the message as input and returns an array containing the signature followed by the message.

Warning: Signature array must be sized to the size of the message plus QSC_SPHINCSPLUS_SIGNATURE_SIZE.

Parameters

signedmsg	[uint8_t*] Pointer to the signed-message array
smsglen	[size_t*] Pointer to the signed message length
message	[const uint8_t*] Pointer to the message array
msglen	[size_t] The message length
privatekey	[const uint8_t*] Pointer to the private signature-key array
rng_generate	[(uint8_t*, size_t)] Pointer to the random generator

Returns: [bool] Returns true for success

◆ qsc_sphincsplus_sign_ex()

QSC_EXPORT_API bool qsc_sphincsplus_sign_ex	(	uint8_t *	signedmsg,
		size_t *	smsglen,
		const uint8_t *	message,
		size_t	msglen,
		const uint8_t *	context,
		size_t	ctxlen,
		const uint8_t *	privatekey,
		bool(*	rng_generate )(uint8_t *, size_t) )

Takes the message as input with the additional context parameter and returns an array containing the signature followed by the message.

Warning: The signed-message array must be sized to the size of the message plus QSC_SPHINCSPLUS_SIGNATURE_SIZE.

Parameters

signedmsg	[uint8_t*] Pointer to the signed-message array.
smsglen	[size_t*] Pointer to the signed message length.
message	[const uint8_t*] Pointer to the message array.
msglen	[size_t] The message array length.
context	[const uint8_t*] Pointer to the context array.
ctxlen	[size_t] The context array length.
privatekey	[const uint8_t*] Pointer to the private signature-key.
seed	[const uint8_t*] Pointer to the random generator.

Returns: [bool] Returns true if the message was signed successfully.

◆ qsc_sphincsplus_verify()

QSC_EXPORT_API bool qsc_sphincsplus_verify	(	uint8_t *	message,
		size_t *	msglen,
		const uint8_t *	signedmsg,
		size_t	smsglen,
		const uint8_t *	publickey )

Verifies a signature-message pair with the public key.

Parameters

message	[uint8_t*] Pointer to the message array to be signed
msglen	[size_t*] Pointer to the message length
signedmsg	[const uint8_t*] Pointer to the signed message array
smsglen	[size_t] The signed message length
publickey	[const uint8_t*] Pointer to the public verification-key array

Returns: [bool] Returns true for success

◆ qsc_sphincsplus_verify_ex()

QSC_EXPORT_API bool qsc_sphincsplus_verify_ex	(	uint8_t *	message,
		size_t *	msglen,
		const uint8_t *	context,
		size_t	ctxlen,
		const uint8_t *	signedmsg,
		size_t	smsglen,
		const uint8_t *	publickey )

Verifies a signature-message pair and context parameter with the public key.

Parameters

message	[uint8_t*] Pointer to the message output array.
msglen	[size_t*] Pointer to the length of the message array.
context	[const uint8_t*] Pointer to the context array.
ctxlen	[size_t] The context array length.
signedmsg	[const uint8_t*] Pointer to the signed message array.
smsglen	[size_t] The signed message length.
publickey	[const uint8_t*] Pointer to the public verification-key array.

Returns: [bool] Returns true if the signature is valid.

Macros

Functions

Detailed Description

Reference Links:

Function Documentation

◆ qsc_sphincsplus_generate_keypair()

◆ qsc_sphincsplus_generate_seeded_keypair()

◆ qsc_sphincsplus_seeded_sign_ex()

◆ qsc_sphincsplus_sign()

◆ qsc_sphincsplus_sign_ex()

◆ qsc_sphincsplus_verify()

◆ qsc_sphincsplus_verify_ex()