mldsa.c
Go to the documentation of this file.
1 /**
2  * @file mldsa.c
3  * @brief ML-DSA (Edwards-Curve Digital Signature Algorithm)
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2026 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.6.4
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pqc/mldsa.h"
37 #include "debug.h"
38 
39 //Check crypto library configuration
40 #if (MLDSA44_SUPPORT == ENABLED || MLDSA65_SUPPORT == ENABLED || \
41  MLDSA87_SUPPORT == ENABLED)
42 
43 //Dependencies (liboqs)
44 #include <oqs/oqs.h>
45 
46 //ML-DSA-44 object identifier (2.16.840.1.101.3.4.3.17)
47 const uint8_t MLDSA44_OID[9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x11};
48 //ML-DSA-65 object identifier (2.16.840.1.101.3.4.3.18)
49 const uint8_t MLDSA65_OID[9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x12};
50 //ML-DSA-87 object identifier (2.16.840.1.101.3.4.3.19)
51 const uint8_t MLDSA87_OID[9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x13};
52 
53 
54 /**
55  * @brief Initialize an ML-DSA public key
56  * @param[in] key Pointer to the ML-DSA public key to initialize
57  **/
58 
59 void mldsaInitPublicKey(MldsaPublicKey *key)
60 {
61  //Initialize security level
62  key->level = 0;
63 
64  //Initialize public key
65  key->pk = NULL;
66  key->pkLen = 0;
67 }
68 
69 
70 /**
71  * @brief Release an ML-DSA public key
72  * @param[in] key Pointer to the ML-DSA public key to free
73  **/
74 
75 void mldsaFreePublicKey(MldsaPublicKey *key)
76 {
77  //Release public key
78  if(key->pk != NULL)
79  {
80  osMemset(key->pk, 0, key->pkLen);
81  cryptoFreeMem(key->pk);
82  }
83 
84  //Clear public key structure
85  osMemset(key, 0, sizeof(MldsaPublicKey));
86 }
87 
88 
89 /**
90  * @brief Initialize an ML-DSA private key
91  * @param[in] key Pointer to the ML-DSA private key to initialize
92  **/
93 
94 void mldsaInitPrivateKey(MldsaPrivateKey *key)
95 {
96  //Initialize security level
97  key->level = 0;
98 
99  //Initialize seed
100  key->seed = NULL;
101  key->seedLen = 0;
102 
103  //Initialize secret key
104  key->sk = NULL;
105  key->skLen = 0;
106 }
107 
108 
109 /**
110  * @brief Release an ML-DSA private key
111  * @param[in] key Pointer to the ML-DSA public key to free
112  **/
113 
114 void mldsaFreePrivateKey(MldsaPrivateKey *key)
115 {
116  //Release seed
117  if(key->seed != NULL)
118  {
119  osMemset(key->seed, 0, key->seedLen);
120  cryptoFreeMem(key->seed);
121  }
122 
123  //Release secret key
124  if(key->sk != NULL)
125  {
126  osMemset(key->sk, 0, key->skLen);
127  cryptoFreeMem(key->sk);
128  }
129 
130  //Clear private key structure
131  osMemset(key, 0, sizeof(MldsaPrivateKey));
132 }
133 
134 
135 /**
136  * @brief Import an ML-DSA public key
137  * @param[out] key ML-DSA public key
138  * @param[in] level Security level
139  * @param[in] input Pointer to the octet string
140  * @param[in] length Length of the octet string, in bytes
141  * @return Error code
142  **/
143 
144 error_t mldsaImportPublicKey(MldsaPublicKey *key, uint_t level,
145  const uint8_t *input, size_t length)
146 {
147  size_t pkLen;
148 
149  //Check parameters
150  if(key == NULL || input == NULL)
151  return ERROR_INVALID_PARAMETER;
152 
153 #if (MLDSA44_SUPPORT == ENABLED)
154  //ML-DSA-44 parameter set?
155  if(level == MLDSA44_SECURITY_LEVEL)
156  {
157  //The public key is a 1312-byte octet string
158  pkLen = MLDSA44_PUBLIC_KEY_LEN;
159  }
160  else
161 #endif
162 #if (MLDSA65_SUPPORT == ENABLED)
163  //ML-DSA-65 parameter set?
164  if(level == MLDSA65_SECURITY_LEVEL)
165  {
166  //The public key is a 1952-byte octet string
167  pkLen = MLDSA65_PUBLIC_KEY_LEN;
168  }
169  else
170 #endif
171 #if (MLDSA87_SUPPORT == ENABLED)
172  //ML-DSA-87 parameter set?
173  if(level == MLDSA87_SECURITY_LEVEL)
174  {
175  //The public key is a 2592-byte octet string
176  pkLen = MLDSA87_PUBLIC_KEY_LEN;
177  }
178 #endif
179  //Invalid parameter set?
180  else
181  {
182  //Report an error
183  return ERROR_INVALID_PARAMETER;
184  }
185 
186  //Check the length of the public key
187  if(length != pkLen)
188  return ERROR_INVALID_LENGTH;
189 
190  //Release the public key, if any
191  if(key->pk != NULL)
192  {
193  osMemset(key->pk, 0, key->pkLen);
194  cryptoFreeMem(key->pk);
195  key->pk = NULL;
196  key->pkLen = 0;
197  }
198 
199  //Allocate a memory block to hold the public key
200  key->pk = cryptoAllocMem(pkLen);
201  //Failed to allocate memory?
202  if(key->pk == NULL)
203  return ERROR_OUT_OF_MEMORY;
204 
205  //Save security level
206  key->level = level;
207 
208  //Copy the public key
209  osMemcpy(key->pk, input, pkLen);
210  key->pkLen = pkLen;
211 
212  //Successful processing
213  return NO_ERROR;
214 }
215 
216 
217 /**
218  * @brief Export an ML-DSA public key
219  * @param[in] key ML-DSA public key
220  * @param[out] output Pointer to the octet string (optional parameter)
221  * @param[out] written Length of the resulting octet string, in bytes
222  * @return Error code
223  **/
224 
225 error_t mldsaExportPublicKey(const MldsaPublicKey *key, uint8_t *output,
226  size_t *written)
227 {
228  error_t error;
229 
230  //Initialize status code
231  error = NO_ERROR;
232 
233  //Check parameters
234  if(key != NULL && written != NULL)
235  {
236  //Valid parameter set?
237  if(key->level != 0 && key->pkLen != 0)
238  {
239  //If the output parameter is NULL, then the function calculates the
240  //length of the octet string without copying any data
241  if(output != NULL)
242  {
243  //Copy the private key
244  osMemcpy(output, key->pk, key->pkLen);
245  }
246 
247  //Length of the resulting octet string
248  *written = key->pkLen;
249  }
250  else
251  {
252  //Invalid parameter set
253  error = ERROR_INVALID_KEY;
254  }
255  }
256  else
257  {
258  //Report an error
259  error = ERROR_INVALID_PARAMETER;
260  }
261 
262  //Return status code
263  return error;
264 }
265 
266 
267 /**
268  * @brief Import an ML-DSA private key
269  * @param[out] key ML-DSA private key
270  * @param[in] level Security level
271  * @param[in] input Pointer to the octet string
272  * @param[in] length Length of the octet string, in bytes
273  * @return Error code
274  **/
275 
276 error_t mldsaImportPrivateKey(MldsaPrivateKey *key, uint_t level,
277  const uint8_t *input, size_t length)
278 {
279  size_t skLen;
280 
281  //Check parameters
282  if(key == NULL || input == NULL)
283  return ERROR_INVALID_PARAMETER;
284 
285 #if (MLDSA44_SUPPORT == ENABLED)
286  //ML-DSA-44 parameter set?
287  if(level == MLDSA44_SECURITY_LEVEL)
288  {
289  //The private key is a 2560-byte octet string
290  skLen = MLDSA44_PRIVATE_KEY_LEN;
291  }
292  else
293 #endif
294 #if (MLDSA65_SUPPORT == ENABLED)
295  //ML-DSA-65 parameter set?
296  if(level == MLDSA65_SECURITY_LEVEL)
297  {
298  //The private key is a 4032-byte octet string
299  skLen = MLDSA65_PRIVATE_KEY_LEN;
300  }
301  else
302 #endif
303 #if (MLDSA87_SUPPORT == ENABLED)
304  //ML-DSA-87 parameter set?
305  if(level == MLDSA87_SECURITY_LEVEL)
306  {
307  //The private key is a 4896-byte octet string
308  skLen = MLDSA87_PRIVATE_KEY_LEN;
309  }
310 #endif
311  //Invalid parameter set?
312  else
313  {
314  //Report an error
315  return ERROR_INVALID_PARAMETER;
316  }
317 
318  //Check the length of the private key
319  if(length != skLen)
320  return ERROR_INVALID_LENGTH;
321 
322  //Release the private key, if any
323  if(key->sk != NULL)
324  {
325  osMemset(key->sk, 0, key->skLen);
326  cryptoFreeMem(key->sk);
327  key->sk = NULL;
328  key->skLen = 0;
329  }
330 
331  //Allocate a memory block to hold the private key
332  key->sk = cryptoAllocMem(skLen);
333  //Failed to allocate memory?
334  if(key->sk == NULL)
335  return ERROR_OUT_OF_MEMORY;
336 
337  //Save security level
338  key->level = level;
339 
340  //Copy the private key
341  osMemcpy(key->sk, input, skLen);
342  key->skLen = skLen;
343 
344  //Successful processing
345  return NO_ERROR;
346 }
347 
348 
349 /**
350  * @brief Export an ML-DSA private key
351  * @param[in] key ML-DSA private key
352  * @param[out] output Pointer to the octet string (optional parameter)
353  * @param[out] written Length of the octet string, in bytes
354  * @return Error code
355  **/
356 
357 error_t mldsaExportPrivateKey(const MldsaPrivateKey *key, uint8_t *output,
358  size_t *written)
359 {
360  error_t error;
361 
362  //Initialize status code
363  error = NO_ERROR;
364 
365  //Check parameters
366  if(key != NULL && written != NULL)
367  {
368  //Valid parameter set?
369  if(key->level != 0 && key->skLen != 0)
370  {
371  //If the output parameter is NULL, then the function calculates the
372  //length of the octet string without copying any data
373  if(output != NULL)
374  {
375  //Copy the private key
376  osMemcpy(output, key->sk, key->skLen);
377  }
378 
379  //Length of the resulting octet string
380  *written = key->skLen;
381  }
382  else
383  {
384  //Invalid parameter set
385  error = ERROR_INVALID_KEY;
386  }
387  }
388  else
389  {
390  //Report an error
391  error = ERROR_INVALID_PARAMETER;
392  }
393 
394  //Return status code
395  return error;
396 }
397 
398 
399 /**
400  * @brief Import an ML-DSA seed
401  * @param[out] key ML-DSA private key
402  * @param[in] level Security level
403  * @param[in] input Pointer to the octet string
404  * @param[in] length Length of the octet string, in bytes
405  * @return Error code
406  **/
407 
408 error_t mldsaImportSeed(MldsaPrivateKey *key, uint_t level,
409  const uint8_t *input, size_t length)
410 {
411  size_t seedLen;
412 
413  //Check parameters
414  if(key == NULL || input == NULL)
415  return ERROR_INVALID_PARAMETER;
416 
417 #if (MLDSA44_SUPPORT == ENABLED)
418  //ML-DSA-44 parameter set?
419  if(level == MLDSA44_SECURITY_LEVEL)
420  {
421  //The seed is a fixed 32-byte octet string
422  seedLen = MLDSA44_SEED_LEN;
423  }
424  else
425 #endif
426 #if (MLDSA65_SUPPORT == ENABLED)
427  //ML-DSA-65 parameter set?
428  if(level == MLDSA65_SECURITY_LEVEL)
429  {
430  //The seed is a fixed 32-byte octet string
431  seedLen = MLDSA65_SEED_LEN;
432  }
433  else
434 #endif
435 #if (MLDSA87_SUPPORT == ENABLED)
436  //ML-DSA-87 parameter set?
437  if(level == MLDSA87_SECURITY_LEVEL)
438  {
439  //The seed is a fixed 32-byte octet string
440  seedLen = MLDSA87_SEED_LEN;
441  }
442 #endif
443  //Invalid parameter set?
444  else
445  {
446  //Report an error
447  return ERROR_INVALID_PARAMETER;
448  }
449 
450  //Check the length of the seed
451  if(length != seedLen)
452  return ERROR_INVALID_LENGTH;
453 
454  //Release the seed, if any
455  if(key->seed != NULL)
456  {
457  osMemset(key->seed, 0, key->seedLen);
458  cryptoFreeMem(key->seed);
459  key->seed = NULL;
460  key->seedLen = 0;
461  }
462 
463  //Allocate a memory block to hold the seed
464  key->seed = cryptoAllocMem(seedLen);
465  //Failed to allocate memory?
466  if(key->seed == NULL)
467  return ERROR_OUT_OF_MEMORY;
468 
469  //Save security level
470  key->level = level;
471 
472  //Copy the seed
473  osMemcpy(key->seed, input, seedLen);
474  key->seedLen = seedLen;
475 
476  //Successful processing
477  return NO_ERROR;
478 }
479 
480 
481 /**
482  * @brief Export an ML-DSA seed
483  * @param[in] key ML-DSA private key
484  * @param[out] output Pointer to the octet string (optional parameter)
485  * @param[out] written Length of the octet string, in bytes
486  * @return Error code
487  **/
488 
489 error_t mldsaExportSeed(const MldsaPrivateKey *key, uint8_t *output,
490  size_t *written)
491 {
492  error_t error;
493 
494  //Initialize status code
495  error = NO_ERROR;
496 
497  //Check parameters
498  if(key != NULL && written != NULL)
499  {
500  //Valid parameter set?
501  if(key->level != 0 && key->seedLen != 0)
502  {
503  //If the output parameter is NULL, then the function calculates the
504  //length of the octet string without copying any data
505  if(output != NULL)
506  {
507  //Copy the seed
508  osMemcpy(output, key->seed, key->seedLen);
509  }
510 
511  //Length of the resulting octet string
512  *written = key->seedLen;
513  }
514  else
515  {
516  //Invalid parameter set
517  error = ERROR_INVALID_KEY;
518  }
519  }
520  else
521  {
522  //Report an error
523  error = ERROR_INVALID_PARAMETER;
524  }
525 
526  //Return status code
527  return error;
528 }
529 
530 
531 /**
532  * @brief ML-DSA-44 signature generation
533  * @param[in] secretKey Pointer to the secret key (2560 bytes)
534  * @param[in] message Pointer to the message to be signed
535  * @param[in] messageLen Length of the message, in bytes
536  * @param[in] context Context string (a byte string of 255 or fewer bytes)
537  * @param[in] contextLen Length of the context, in bytes
538  * @param[out] signature ML-DSA-44 signature (2420 bytes)
539  * @return Error code
540  **/
541 
542 error_t mldsa44GenerateSignature(const uint8_t *secretKey, const void *message,
543  size_t messageLen, const void *context, uint8_t contextLen,
544  uint8_t *signature)
545 {
546 #if (MLDSA44_SUPPORT == ENABLED)
547  OQS_STATUS status;
548  size_t signatureLen;
549 
550  //Generate ML-DSA-44 signature
551  status = OQS_SIG_ml_dsa_44_sign_with_ctx_str(signature, &signatureLen, message,
552  messageLen, context, contextLen, secretKey);
553 
554  //Return status code
555  return (status == OQS_SUCCESS) ? NO_ERROR : ERROR_FAILURE;
556 #else
557  //Not implemented
558  return ERROR_NOT_IMPLEMENTED;
559 #endif
560 }
561 
562 
563 /**
564  * @brief ML-DSA-65 signature generation
565  * @param[in] secretKey Pointer to the secret key (4032 bytes)
566  * @param[in] message Pointer to the message to be signed
567  * @param[in] messageLen Length of the message, in bytes
568  * @param[in] context Context string (a byte string of 255 or fewer bytes)
569  * @param[in] contextLen Length of the context, in bytes
570  * @param[out] signature ML-DSA-65 signature (3309 bytes)
571  * @return Error code
572  **/
573 
574 error_t mldsa65GenerateSignature(const uint8_t *secretKey, const void *message,
575  size_t messageLen, const void *context, uint8_t contextLen,
576  uint8_t *signature)
577 {
578 #if (MLDSA65_SUPPORT == ENABLED)
579  OQS_STATUS status;
580  size_t signatureLen;
581 
582  //Generate ML-DSA-65 signature
583  status = OQS_SIG_ml_dsa_65_sign_with_ctx_str(signature, &signatureLen, message,
584  messageLen, context, contextLen, secretKey);
585 
586  //Return status code
587  return (status == OQS_SUCCESS) ? NO_ERROR : ERROR_FAILURE;
588 #else
589  //Not implemented
590  return ERROR_NOT_IMPLEMENTED;
591 #endif
592 }
593 
594 
595 /**
596  * @brief ML-DSA-87 signature generation
597  * @param[in] secretKey Pointer to the secret key (4896 bytes)
598  * @param[in] message Pointer to the message to be signed
599  * @param[in] messageLen Length of the message, in bytes
600  * @param[out] signature ML-DSA-87 signature (4627 bytes)
601  * @return Error code
602  **/
603 
604 error_t mldsa87GenerateSignature(const uint8_t *secretKey, const void *message,
605  size_t messageLen, const void *context, uint8_t contextLen,
606  uint8_t *signature)
607 {
608 #if (MLDSA87_SUPPORT == ENABLED)
609  OQS_STATUS status;
610  size_t signatureLen;
611 
612  //Generate ML-DSA-87 signature
613  status = OQS_SIG_ml_dsa_87_sign_with_ctx_str(signature, &signatureLen, message,
614  messageLen, context, contextLen, secretKey);
615 
616  //Return status code
617  return (status == OQS_SUCCESS) ? NO_ERROR : ERROR_FAILURE;
618 #else
619  //Not implemented
620  return ERROR_NOT_IMPLEMENTED;
621 #endif
622 }
623 
624 
625 /**
626  * @brief ML-DSA-44 signature verification
627  * @param[in] publicKey Pointer to the public key (1312 bytes)
628  * @param[in] message Message whose signature is to be verified
629  * @param[in] messageLen Length of the message, in bytes
630  * @param[in] context Context string (a byte string of 255 or fewer bytes)
631  * @param[in] contextLen Length of the context, in bytes
632  * @param[in] signature ML-DSA-44 signature (2420 bytes)
633  * @return Error code
634  **/
635 
636 error_t mldsa44VerifySignature(const uint8_t *publicKey, const void *message,
637  size_t messageLen, const void *context, uint8_t contextLen,
638  const uint8_t *signature)
639 {
640 #if (MLDSA44_SUPPORT == ENABLED)
641  OQS_STATUS status;
642 
643  //Verify ML-DSA-44 signature
644  status = OQS_SIG_ml_dsa_44_verify_with_ctx_str(message, messageLen, signature,
645  MLDSA44_SIGNATURE_LEN, context, contextLen, publicKey);
646 
647  //Return status code
648  return (status == OQS_SUCCESS) ? NO_ERROR : ERROR_INVALID_SIGNATURE;
649 #else
650  //Not implemented
651  return ERROR_NOT_IMPLEMENTED;
652 #endif
653 }
654 
655 
656 /**
657  * @brief ML-DSA-65 signature verification
658  * @param[in] publicKey Pointer to the public key (1952 bytes)
659  * @param[in] message Message whose signature is to be verified
660  * @param[in] messageLen Length of the message, in bytes
661  * @param[in] context Context string (a byte string of 255 or fewer bytes)
662  * @param[in] contextLen Length of the context, in bytes
663  * @param[in] signature ML-DSA-65 signature (3309 bytes)
664  * @return Error code
665  **/
666 
667 error_t mldsa65VerifySignature(const uint8_t *publicKey, const void *message,
668  size_t messageLen, const void *context, uint8_t contextLen,
669  const uint8_t *signature)
670 {
671 #if (MLDSA65_SUPPORT == ENABLED)
672  OQS_STATUS status;
673 
674  //Verify ML-DSA-65 signature
675  status = OQS_SIG_ml_dsa_65_verify_with_ctx_str(message, messageLen, signature,
676  MLDSA65_SIGNATURE_LEN, context, contextLen, publicKey);
677 
678  //Return status code
679  return (status == OQS_SUCCESS) ? NO_ERROR : ERROR_INVALID_SIGNATURE;
680 #else
681  //Not implemented
682  return ERROR_NOT_IMPLEMENTED;
683 #endif
684 }
685 
686 
687 /**
688  * @brief ML-DSA-87 signature verification
689  * @param[in] publicKey Pointer to the public key (2592 bytes)
690  * @param[in] message Message whose signature is to be verified
691  * @param[in] messageLen Length of the message, in bytes
692  * @param[in] context Context string (a byte string of 255 or fewer bytes)
693  * @param[in] contextLen Length of the context, in bytes
694  * @param[in] signature ML-DSA-87 signature (4627 bytes)
695  * @return Error code
696  **/
697 
698 error_t mldsa87VerifySignature(const uint8_t *publicKey, const void *message,
699  size_t messageLen, const void *context, uint8_t contextLen,
700  const uint8_t *signature)
701 {
702 #if (MLDSA87_SUPPORT == ENABLED)
703  OQS_STATUS status;
704 
705  //Verify ML-DSA-87 signature
706  status = OQS_SIG_ml_dsa_87_verify_with_ctx_str(message, messageLen, signature,
707  MLDSA87_SIGNATURE_LEN, context, contextLen, publicKey);
708 
709  //Return status code
710  return (status == OQS_SUCCESS) ? NO_ERROR : ERROR_INVALID_SIGNATURE;
711 #else
712  //Not implemented
713  return ERROR_NOT_IMPLEMENTED;
714 #endif
715 }
716 
717 #endif
mldsaImportPrivateKey
error_t mldsaImportPrivateKey(MldsaPrivateKey *key, uint_t level, const uint8_t *input, size_t length)
Import an ML-DSA private key.
Definition: mldsa.c:276
MLDSA44_OID
const uint8_t MLDSA44_OID[9]
Definition: mldsa.c:47
mldsaExportPrivateKey
error_t mldsaExportPrivateKey(const MldsaPrivateKey *key, uint8_t *output, size_t *written)
Export an ML-DSA private key.
Definition: mldsa.c:357
mldsa87VerifySignature
error_t mldsa87VerifySignature(const uint8_t *publicKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, const uint8_t *signature)
ML-DSA-87 signature verification.
Definition: mldsa.c:698
mldsaInitPublicKey
void mldsaInitPublicKey(MldsaPublicKey *key)
Initialize an ML-DSA public key.
Definition: mldsa.c:59
MLDSA65_SIGNATURE_LEN
#define MLDSA65_SIGNATURE_LEN
Definition: mldsa.h:58
MLDSA65_OID
const uint8_t MLDSA65_OID[9]
Definition: mldsa.c:49
ERROR_NOT_IMPLEMENTED
@ ERROR_NOT_IMPLEMENTED
Definition: error.h:66
MldsaPrivateKey::seed
uint8_t * seed
Seed.
Definition: mldsa.h:96
mldsaFreePrivateKey
void mldsaFreePrivateKey(MldsaPrivateKey *key)
Release an ML-DSA private key.
Definition: mldsa.c:114
message
uint8_t message[]
Definition: chap.h:154
mldsaFreePublicKey
void mldsaFreePublicKey(MldsaPublicKey *key)
Release an ML-DSA public key.
Definition: mldsa.c:75
mldsa87GenerateSignature
error_t mldsa87GenerateSignature(const uint8_t *secretKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, uint8_t *signature)
ML-DSA-87 signature generation.
Definition: mldsa.c:604
mldsaImportSeed
error_t mldsaImportSeed(MldsaPrivateKey *key, uint_t level, const uint8_t *input, size_t length)
Import an ML-DSA seed.
Definition: mldsa.c:408
mldsaExportSeed
error_t mldsaExportSeed(const MldsaPrivateKey *key, uint8_t *output, size_t *written)
Export an ML-DSA seed.
Definition: mldsa.c:489
ERROR_OUT_OF_MEMORY
@ ERROR_OUT_OF_MEMORY
Definition: error.h:63
MldsaPrivateKey::level
uint_t level
Security level.
Definition: mldsa.h:95
MLDSA87_SECURITY_LEVEL
#define MLDSA87_SECURITY_LEVEL
Definition: mldsa.h:61
mldsa65VerifySignature
error_t mldsa65VerifySignature(const uint8_t *publicKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, const uint8_t *signature)
ML-DSA-65 signature verification.
Definition: mldsa.c:667
MLDSA65_SECURITY_LEVEL
#define MLDSA65_SECURITY_LEVEL
Definition: mldsa.h:50
MLDSA65_PRIVATE_KEY_LEN
#define MLDSA65_PRIVATE_KEY_LEN
Definition: mldsa.h:54
MLDSA44_SEED_LEN
#define MLDSA44_SEED_LEN
Definition: mldsa.h:41
MLDSA44_SECURITY_LEVEL
#define MLDSA44_SECURITY_LEVEL
Definition: mldsa.h:39
MldsaPrivateKey::seedLen
size_t seedLen
Length of the seed, in bytes.
Definition: mldsa.h:97
MldsaPublicKey
ML-DSA public key.
Definition: mldsa.h:82
ERROR_INVALID_PARAMETER
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
osMemcpy
#define osMemcpy(dest, src, length)
Definition: os_port.h:147
error_t
error_t
Error codes.
Definition: error.h:43
MLDSA65_SEED_LEN
#define MLDSA65_SEED_LEN
Definition: mldsa.h:52
ERROR_FAILURE
@ ERROR_FAILURE
Generic error code.
Definition: error.h:45
MldsaPrivateKey::sk
uint8_t * sk
Secret key.
Definition: mldsa.h:98
mldsaExportPublicKey
error_t mldsaExportPublicKey(const MldsaPublicKey *key, uint8_t *output, size_t *written)
Export an ML-DSA public key.
Definition: mldsa.c:225
MLDSA44_SIGNATURE_LEN
#define MLDSA44_SIGNATURE_LEN
Definition: mldsa.h:47
ERROR_INVALID_LENGTH
@ ERROR_INVALID_LENGTH
Definition: error.h:111
crypto.h
General definitions for cryptographic algorithms.
mldsa.h
ML-DSA (Edwards-Curve Digital Signature Algorithm)
MLDSA44_PUBLIC_KEY_LEN
#define MLDSA44_PUBLIC_KEY_LEN
Definition: mldsa.h:45
mldsaInitPrivateKey
void mldsaInitPrivateKey(MldsaPrivateKey *key)
Initialize an ML-DSA private key.
Definition: mldsa.c:94
length
uint8_t length
Definition: tcp.h:375
MLDSA44_PRIVATE_KEY_LEN
#define MLDSA44_PRIVATE_KEY_LEN
Definition: mldsa.h:43
cryptoFreeMem
#define cryptoFreeMem(p)
Definition: crypto.h:875
MldsaPublicKey::pkLen
size_t pkLen
Length of the public key, in bytes.
Definition: mldsa.h:85
MLDSA65_PUBLIC_KEY_LEN
#define MLDSA65_PUBLIC_KEY_LEN
Definition: mldsa.h:56
mldsa65GenerateSignature
error_t mldsa65GenerateSignature(const uint8_t *secretKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, uint8_t *signature)
ML-DSA-65 signature generation.
Definition: mldsa.c:574
MldsaPrivateKey
ML-DSA private key.
Definition: mldsa.h:94
cryptoAllocMem
#define cryptoAllocMem(size)
Definition: crypto.h:870
MldsaPublicKey::pk
uint8_t * pk
Public key.
Definition: mldsa.h:84
MldsaPrivateKey::skLen
size_t skLen
Length of the secret key, in bytes.
Definition: mldsa.h:99
mldsa44VerifySignature
error_t mldsa44VerifySignature(const uint8_t *publicKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, const uint8_t *signature)
ML-DSA-44 signature verification.
Definition: mldsa.c:636
uint_t
unsigned int uint_t
Definition: compiler_port.h:57
MLDSA87_OID
const uint8_t MLDSA87_OID[9]
Definition: mldsa.c:51
osMemset
#define osMemset(p, value, length)
Definition: os_port.h:141
MldsaPublicKey::level
uint_t level
Security level.
Definition: mldsa.h:83
mldsa44GenerateSignature
error_t mldsa44GenerateSignature(const uint8_t *secretKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, uint8_t *signature)
ML-DSA-44 signature generation.
Definition: mldsa.c:542
ERROR_INVALID_SIGNATURE
@ ERROR_INVALID_SIGNATURE
Definition: error.h:228
mldsaImportPublicKey
error_t mldsaImportPublicKey(MldsaPublicKey *key, uint_t level, const uint8_t *input, size_t length)
Import an ML-DSA public key.
Definition: mldsa.c:144
MLDSA87_PUBLIC_KEY_LEN
#define MLDSA87_PUBLIC_KEY_LEN
Definition: mldsa.h:67
ERROR_INVALID_KEY
@ ERROR_INVALID_KEY
Definition: error.h:106
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
debug.h
Debugging facilities.
MLDSA87_SIGNATURE_LEN
#define MLDSA87_SIGNATURE_LEN
Definition: mldsa.h:69
MLDSA87_SEED_LEN
#define MLDSA87_SEED_LEN
Definition: mldsa.h:63
MLDSA87_PRIVATE_KEY_LEN
#define MLDSA87_PRIVATE_KEY_LEN
Definition: mldsa.h:65