Functions
static int	lc_dilithium_ed25519_ctx_alloc (struct lc_dilithium_ed25519_ctx **ctx)
	Allocates Dilithium-ED25519 context on heap.

static void	lc_dilithium_ed25519_ctx_zero_free (struct lc_dilithium_ed25519_ctx *ctx)
	Zeroizes and frees Dilithium-ED25519 context on heap.

static void	lc_dilithium_ed25519_ctx_zero (struct lc_dilithium_ed25519_ctx *ctx)
	Zeroizes Dilithium-ED25519 context either on heap or on stack.

static enum lc_dilithium_type	lc_dilithium_ed25519_sk_type (const struct lc_dilithium_ed25519_sk *sk)
	Obtain Dilithium type from secret key.

static enum lc_dilithium_type	lc_dilithium_ed25519_pk_type (const struct lc_dilithium_ed25519_pk *pk)
	Obtain Dilithium type from public key.

static enum lc_dilithium_type	lc_dilithium_ed25519_sig_type (const struct lc_dilithium_ed25519_sig *sig)
	Obtain Dilithium type from signature.

static LC_PURE unsigned int	lc_dilithium_ed25519_sk_size (enum lc_dilithium_type dilithium_type)
	Return the size of the Dilithium secret key.

static LC_PURE unsigned int	lc_dilithium_ed25519_pk_size (enum lc_dilithium_type dilithium_type)
	Return the size of the Dilithium public key.

static LC_PURE unsigned int	lc_dilithium_ed25519_sig_size (enum lc_dilithium_type dilithium_type)
	Return the size of the Dilithium signature.

static int	lc_dilithium_ed25519_sk_load (struct lc_dilithium_ed25519_sk sk, const uint8_t dilithium_src_key, size_t dilithium_src_key_len, const uint8_t *ed25519_src_key, size_t ed25519_src_key_len)
	Load a Dilithium secret key provided with a buffer into the leancrypto data structure.

static int	lc_dilithium_ed25519_pk_load (struct lc_dilithium_ed25519_pk pk, const uint8_t dilithium_src_key, size_t dilithium_src_key_len, const uint8_t *ed25519_src_key, size_t ed25519_src_key_len)
	Load a Dilithium public key provided with a buffer into the leancrypto data structure.

static int	lc_dilithium_ed25519_sig_load (struct lc_dilithium_ed25519_sig sig, const uint8_t dilithium_src_sig, size_t dilithium_src_sig_len, const uint8_t *ed25519_src_sig, size_t ed25519_src_sig_len)
	Load a Dilithium signature provided with a buffer into the leancrypto data structure.

static int	lc_dilithium_ed25519_sk_ptr (uint8_t *dilithium_key, size_t dilithium_key_len, uint8_t *ed25519_key, size_t ed25519_key_len, struct lc_dilithium_ed25519_sk *sk)
	Obtain the reference to the Dilithium key and its length.

static int	lc_dilithium_ed25519_pk_ptr (uint8_t *dilithium_key, size_t dilithium_key_len, uint8_t *ed25519_key, size_t ed25519_key_len, struct lc_dilithium_ed25519_pk *pk)
	Obtain the reference to the Dilithium key and its length.

static int	lc_dilithium_ed25519_sig_ptr (uint8_t *dilithium_sig, size_t dilithium_sig_len, uint8_t *ed25519_sig, size_t ed25519_sig_len, struct lc_dilithium_ed25519_sig *sig)
	Obtain the reference to the Dilithium signature and its length.

static int	lc_dilithium_ed25519_keypair (struct lc_dilithium_ed25519_pk pk, struct lc_dilithium_ed25519_sk sk, struct lc_rng_ctx *rng_ctx, enum lc_dilithium_type dilithium_type)
	Generates Dilithium public and private key.

static int	lc_dilithium_ed25519_sign (struct lc_dilithium_ed25519_sig sig, const uint8_t m, size_t mlen, const struct lc_dilithium_ed25519_sk sk, struct lc_rng_ctx rng_ctx)
	Computes signature in one shot.

static int	lc_dilithium_ed25519_sign_init (struct lc_dilithium_ed25519_ctx ctx, const struct lc_dilithium_ed25519_sk sk)
	Initializes signature operation in stream mode.

static int	lc_dilithium_ed25519_sign_update (struct lc_dilithium_ed25519_ctx ctx, const uint8_t m, size_t mlen)
	Updates signature in stream mode.

static int	lc_dilithium_ed25519_sign_final (struct lc_dilithium_ed25519_sig sig, struct lc_dilithium_ed25519_ctx ctx, const struct lc_dilithium_ed25519_sk sk, struct lc_rng_ctx rng_ctx)
	Computes signature in stream mode.

static int	lc_dilithium_ed25519_verify (const struct lc_dilithium_ed25519_sig sig, const uint8_t m, size_t mlen, const struct lc_dilithium_ed25519_pk *pk)
	Verifies signature in one shot.

static int	lc_dilithium_ed25519_verify_init (struct lc_dilithium_ed25519_ctx ctx, const struct lc_dilithium_ed25519_pk pk)
	Initializes signature verification operation in stream mode.

static int	lc_dilithium_ed25519_verify_update (struct lc_dilithium_ed25519_ctx ctx, const uint8_t m, size_t mlen)
	Updates signature verification in stream mode.

static int	lc_dilithium_ed25519_verify_final (const struct lc_dilithium_ed25519_sig sig, struct lc_dilithium_ed25519_ctx ctx, const struct lc_dilithium_ed25519_pk *pk)
	Verifies signature in stream mode.

Detailed Description

The Dilithium hybrid API performs signature operations with Dilithium and the classic ED25519 algorithm at the same time. The API is identical to the Dilithium API and can be used as a drop-in replacement.

ED25519ph is used for the hybrid signature operation compliant to RFC8032 using a NULL context. This approach is taken to support the stream mode operation with init / update / final.

To support the stream mode of the Dilithium signature operation, a context structure is required. This context structure can be allocated either on the stack or heap with LC_DILITHIUM_ED25519_CTX_ON_STACK or lc_dilithium_ed25519_ctx_alloc. The context should be zeroized and freed (only for heap) with lc_dilithium_ed25519_ctx_zero or lc_dilithium_ed25519_ctx_zero_free.

Function Documentation

◆ lc_dilithium_ed25519_ctx_alloc()

static int lc_dilithium_ed25519_ctx_alloc ( struct lc_dilithium_ed25519_ctx ** ctx )

inlinestatic

Allocates Dilithium-ED25519 context on heap.

Parameters

[out] ctx Dilithium-ED25519 context pointer

Returns: 0 (success) or < 0 on error

Definition at line 1221 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_ctx_zero()

static void lc_dilithium_ed25519_ctx_zero ( struct lc_dilithium_ed25519_ctx * ctx )

inlinestatic

Zeroizes Dilithium-ED25519 context either on heap or on stack.

Parameters

[out] ctx Dilithium-ED25519 context pointer

Definition at line 1265 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_ctx_zero_free()

static void lc_dilithium_ed25519_ctx_zero_free ( struct lc_dilithium_ed25519_ctx * ctx )

inlinestatic

Zeroizes and frees Dilithium-ED25519 context on heap.

Parameters

[out] ctx Dilithium-ED25519 context pointer

Definition at line 1244 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_keypair()

static int lc_dilithium_ed25519_keypair	(	struct lc_dilithium_ed25519_pk *	pk,
		struct lc_dilithium_ed25519_sk *	sk,
		struct lc_rng_ctx *	rng_ctx,
		enum lc_dilithium_type	dilithium_type )

inlinestatic

Generates Dilithium public and private key.

Parameters

[out]	pk	pointer to allocated output public key
[out]	sk	pointer to allocated output private key
[in]	rng_ctx	pointer to seeded random number generator context
[in]	dilithium_type	type of the Dilithium key to generate

Returns: 0 (success) or < 0 on error

Definition at line 1821 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_pk_load()

static int lc_dilithium_ed25519_pk_load	(	struct lc_dilithium_ed25519_pk *	pk,
		const uint8_t *	dilithium_src_key,
		size_t	dilithium_src_key_len,
		const uint8_t *	ed25519_src_key,
		size_t	ed25519_src_key_len )

inlinestatic

Load a Dilithium public key provided with a buffer into the leancrypto data structure.

Parameters

[out]	pk	Secret key to be filled (the caller must have it allocated)
[in]	dilithium_src_key	Buffer that holds the Dilithium key to be imported
[in]	dilithium_src_key_len	Buffer length that holds the key to be imported
[in]	ed25519_src_key	Buffer that holds the ED25519 key to be imported
[in]	ed25519_src_key_len	Buffer length that holds the key to be imported

Returns: 0 on success or < 0 on error

Definition at line 1526 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_pk_ptr()

static int lc_dilithium_ed25519_pk_ptr	(	uint8_t **	dilithium_key,
		size_t *	dilithium_key_len,
		uint8_t **	ed25519_key,
		size_t *	ed25519_key_len,
		struct lc_dilithium_ed25519_pk *	pk )

inlinestatic

Obtain the reference to the Dilithium key and its length.

NOTE: Only pointer references into the leancrypto data structure are returned which implies that any modification will modify the leancrypto key, too.

Parameters

[out]	dilithium_key	Dilithium key pointer
[out]	dilithium_key_len	Length of the key buffer
[out]	ed25519_key	ED25519 key pointer
[out]	ed25519_key_len	ED25519 of the key buffer
[in]	pk	Dilithium publi key from which the references are obtained

Returns: 0 on success, != 0 on error

Definition at line 1709 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_pk_size()

static LC_PURE unsigned int lc_dilithium_ed25519_pk_size ( enum lc_dilithium_type dilithium_type )

inlinestatic

Return the size of the Dilithium public key.

Parameters

[in] dilithium_type Dilithium type for which the size is requested

Returns: requested size

Definition at line 1378 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_pk_type()

static enum lc_dilithium_type lc_dilithium_ed25519_pk_type ( const struct lc_dilithium_ed25519_pk * pk )

inlinestatic

Obtain Dilithium type from public key.

Parameters

[in] pk Public key from which the type is to be obtained

Returns: key type

Definition at line 1305 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sig_load()

static int lc_dilithium_ed25519_sig_load	(	struct lc_dilithium_ed25519_sig *	sig,
		const uint8_t *	dilithium_src_sig,
		size_t	dilithium_src_sig_len,
		const uint8_t *	ed25519_src_sig,
		size_t	ed25519_src_sig_len )

inlinestatic

Load a Dilithium signature provided with a buffer into the leancrypto data structure.

Parameters

[out]	sig	Secret key to be filled (the caller must have it allocated)
[in]	dilithium_src_sig	Buffer that holds the Dilithium signature to be imported
[in]	dilithium_src_sig_len	Buffer length that holds the Dilithium signature to be imported
[in]	ed25519_src_sig	Buffer that holds the ED25519 signature to be imported
[in]	ed25519_src_sig_len	Buffer length that holds the ED25519 signature to be imported

Returns: 0 on success or < 0 on error

Definition at line 1589 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sig_ptr()

static int lc_dilithium_ed25519_sig_ptr	(	uint8_t **	dilithium_sig,
		size_t *	dilithium_sig_len,
		uint8_t **	ed25519_sig,
		size_t *	ed25519_sig_len,
		struct lc_dilithium_ed25519_sig *	sig )

inlinestatic

Obtain the reference to the Dilithium signature and its length.

NOTE: Only pointer references into the leancrypto data structure are returned which implies that any modification will modify the leancrypto signature, too.

Parameters

[out]	dilithium_sig	Dilithium signature pointer
[out]	dilithium_sig_len	Length of the signature buffer
[out]	ed25519_sig	ED25519 signature pointer
[out]	ed25519_sig_len	ED25519 of the signature buffer
[in]	sig	Dilithium signature from which the references are obtained

Returns: 0 on success, != 0 on error

Definition at line 1768 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sig_size()

static LC_PURE unsigned int lc_dilithium_ed25519_sig_size ( enum lc_dilithium_type dilithium_type )

inlinestatic

Return the size of the Dilithium signature.

Parameters

[in] dilithium_type Dilithium type for which the size is requested

Returns: requested size

Definition at line 1418 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sig_type()

static enum lc_dilithium_type lc_dilithium_ed25519_sig_type ( const struct lc_dilithium_ed25519_sig * sig )

inlinestatic

Obtain Dilithium type from signature.

Parameters

[in] sig Signature from which the type is to be obtained

Returns: key type

Definition at line 1321 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sign()

static int lc_dilithium_ed25519_sign	(	struct lc_dilithium_ed25519_sig *	sig,
		const uint8_t *	m,
		size_t	mlen,
		const struct lc_dilithium_ed25519_sk *	sk,
		struct lc_rng_ctx *	rng_ctx )

inlinestatic

Computes signature in one shot.

Parameters

[out]	sig	pointer to output signature
[in]	m	pointer to message to be signed
[in]	mlen	length of message
[in]	sk	pointer to bit-packed secret key
[in]	rng_ctx	pointer to seeded random number generator context - when pointer is non-NULL, perform a randomized signing. Otherwise use deterministic signing.

Returns: 0 (success) or < 0 on error

Definition at line 1876 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sign_final()

static int lc_dilithium_ed25519_sign_final	(	struct lc_dilithium_ed25519_sig *	sig,
		struct lc_dilithium_ed25519_ctx *	ctx,
		const struct lc_dilithium_ed25519_sk *	sk,
		struct lc_rng_ctx *	rng_ctx )

inlinestatic

Computes signature in stream mode.

Parameters

[out]	sig	pointer to output signature
[in]	ctx	Dilithium-ED25519 context pointer
[in]	sk	pointer to bit-packed secret key
[in]	rng_ctx	pointer to seeded random number generator context - when pointer is non-NULL, perform a randomized signing. Otherwise use deterministic signing.

Returns: 0 (success) or < 0 on error

Definition at line 1995 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sign_init()

static int lc_dilithium_ed25519_sign_init	(	struct lc_dilithium_ed25519_ctx *	ctx,
		const struct lc_dilithium_ed25519_sk *	sk )

inlinestatic

Initializes signature operation in stream mode.

Parameters

[in]	ctx	Dilithium-ED25519 context pointer
[in]	sk	pointer to bit-packed secret key

Returns: 0 (success) or < 0 on error

Definition at line 1923 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sign_update()

static int lc_dilithium_ed25519_sign_update	(	struct lc_dilithium_ed25519_ctx *	ctx,
		const uint8_t *	m,
		size_t	mlen )

inlinestatic

Updates signature in stream mode.

Parameters

[in]	ctx	Dilithium-ED25519 context pointer
[in]	m	pointer to message to be signed
[in]	mlen	length of message

Returns: 0 (success) or < 0 on error

Definition at line 1965 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sk_load()

static int lc_dilithium_ed25519_sk_load	(	struct lc_dilithium_ed25519_sk *	sk,
		const uint8_t *	dilithium_src_key,
		size_t	dilithium_src_key_len,
		const uint8_t *	ed25519_src_key,
		size_t	ed25519_src_key_len )

inlinestatic

Load a Dilithium secret key provided with a buffer into the leancrypto data structure.

Parameters

[out]	sk	Secret key to be filled (the caller must have it allocated)
[in]	dilithium_src_key	Buffer that holds the Dilithium key to be imported
[in]	dilithium_src_key_len	Buffer length that holds the key to be imported
[in]	ed25519_src_key	Buffer that holds the ED25519 key to be imported
[in]	ed25519_src_key_len	Buffer length that holds the key to be imported

Returns: 0 on success or < 0 on error

Definition at line 1464 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sk_ptr()

static int lc_dilithium_ed25519_sk_ptr	(	uint8_t **	dilithium_key,
		size_t *	dilithium_key_len,
		uint8_t **	ed25519_key,
		size_t *	ed25519_key_len,
		struct lc_dilithium_ed25519_sk *	sk )

inlinestatic

Obtain the reference to the Dilithium key and its length.

NOTE: Only pointer references into the leancrypto data structure are returned which implies that any modification will modify the leancrypto key, too.

Parameters

[out]	dilithium_key	Dilithium key pointer
[out]	dilithium_key_len	Length of the key buffer
[out]	ed25519_key	ED25519 key pointer
[out]	ed25519_key_len	ED25519 of the key buffer
[in]	sk	Dilithium secret key from which the references are obtained

Returns: 0 on success, != 0 on error

Definition at line 1651 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sk_size()

static LC_PURE unsigned int lc_dilithium_ed25519_sk_size ( enum lc_dilithium_type dilithium_type )

inlinestatic

Return the size of the Dilithium secret key.

Parameters

[in] dilithium_type Dilithium type for which the size is requested

Returns: requested size

Definition at line 1338 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_sk_type()

static enum lc_dilithium_type lc_dilithium_ed25519_sk_type ( const struct lc_dilithium_ed25519_sk * sk )

inlinestatic

Obtain Dilithium type from secret key.

Parameters

[in] sk Secret key from which the type is to be obtained

Returns: key type

Definition at line 1289 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_verify()

static int lc_dilithium_ed25519_verify	(	const struct lc_dilithium_ed25519_sig *	sig,
		const uint8_t *	m,
		size_t	mlen,
		const struct lc_dilithium_ed25519_pk *	pk )

inlinestatic

Verifies signature in one shot.

Parameters

[in]	sig	pointer to input signature
[in]	m	pointer to message
[in]	mlen	length of message
[in]	pk	pointer to bit-packed public key

Returns: 0 if signature could be verified correctly and -EBADMSG when signature cannot be verified, < 0 on other errors

Definition at line 2050 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_verify_final()

static int lc_dilithium_ed25519_verify_final	(	const struct lc_dilithium_ed25519_sig *	sig,
		struct lc_dilithium_ed25519_ctx *	ctx,
		const struct lc_dilithium_ed25519_pk *	pk )

inlinestatic

Verifies signature in stream mode.

Parameters

[in]	sig	pointer to input signatur
[in]	ctx	Dilithium-ED25519 context pointer
[in]	pk	pointer to bit-packed public key

Returns: 0 if signature could be verified correctly and -EBADMSG when signature cannot be verified, < 0 on other errors

Definition at line 2164 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_verify_init()

static int lc_dilithium_ed25519_verify_init	(	struct lc_dilithium_ed25519_ctx *	ctx,
		const struct lc_dilithium_ed25519_pk *	pk )

inlinestatic

Initializes signature verification operation in stream mode.

Parameters

[in]	ctx	Dilithium-ED25519 context pointer
[in]	pk	pointer to bit-packed public key

Returns: 0 (success) or < 0 on error

Definition at line 2094 of file lc_dilithium.h.

◆ lc_dilithium_ed25519_verify_update()

static int lc_dilithium_ed25519_verify_update	(	struct lc_dilithium_ed25519_ctx *	ctx,
		const uint8_t *	m,
		size_t	mlen )

inlinestatic

Updates signature verification in stream mode.

Parameters

[in]	ctx	Dilithium-ED25519 context pointer
[in]	m	pointer to message to be signed
[in]	mlen	length of message

Returns: 0 (success) or < 0 on error

Definition at line 2136 of file lc_dilithium.h.

Functions

Detailed Description

Function Documentation

◆ lc_dilithium_ed25519_ctx_alloc()

◆ lc_dilithium_ed25519_ctx_zero()

◆ lc_dilithium_ed25519_ctx_zero_free()

◆ lc_dilithium_ed25519_keypair()

◆ lc_dilithium_ed25519_pk_load()

◆ lc_dilithium_ed25519_pk_ptr()

◆ lc_dilithium_ed25519_pk_size()

◆ lc_dilithium_ed25519_pk_type()

◆ lc_dilithium_ed25519_sig_load()

◆ lc_dilithium_ed25519_sig_ptr()

◆ lc_dilithium_ed25519_sig_size()

◆ lc_dilithium_ed25519_sig_type()

◆ lc_dilithium_ed25519_sign()

◆ lc_dilithium_ed25519_sign_final()

◆ lc_dilithium_ed25519_sign_init()

◆ lc_dilithium_ed25519_sign_update()

◆ lc_dilithium_ed25519_sk_load()

◆ lc_dilithium_ed25519_sk_ptr()

◆ lc_dilithium_ed25519_sk_size()

◆ lc_dilithium_ed25519_sk_type()

◆ lc_dilithium_ed25519_verify()

◆ lc_dilithium_ed25519_verify_final()

◆ lc_dilithium_ed25519_verify_init()

◆ lc_dilithium_ed25519_verify_update()