RubyGems - pq_crypto - Versions diffs - 0.3.2 → 0.4.2 - Mend

pq_crypto 0.3.2 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (114) hide show

data/ext/pqcrypto/mldsa_api.h CHANGED Viewed

@@ -5,46 +5,116 @@
 #include <stddef.h>
 #include <stdint.h>
+#define PQCLEAN_MLDSA44_CLEAN_CRYPTO_PUBLICKEYBYTES 1312
+#define PQCLEAN_MLDSA44_CLEAN_CRYPTO_SECRETKEYBYTES 2560
+#define PQCLEAN_MLDSA44_CLEAN_CRYPTO_BYTES          2420
+#define PQCLEAN_MLDSA44_CLEAN_CRYPTO_ALGNAME "ML-DSA-44"
+#define PQCLEAN_MLDSA65_CLEAN_CRYPTO_PUBLICKEYBYTES 1952
+#define PQCLEAN_MLDSA65_CLEAN_CRYPTO_SECRETKEYBYTES 4032
+#define PQCLEAN_MLDSA65_CLEAN_CRYPTO_BYTES          3309
 #define PQCLEAN_MLDSA65_CLEAN_CRYPTO_ALGNAME "ML-DSA-65"
+#define PQCLEAN_MLDSA87_CLEAN_CRYPTO_PUBLICKEYBYTES 2592
+#define PQCLEAN_MLDSA87_CLEAN_CRYPTO_SECRETKEYBYTES 4896
+#define PQCLEAN_MLDSA87_CLEAN_CRYPTO_BYTES          4627
+#define PQCLEAN_MLDSA87_CLEAN_CRYPTO_ALGNAME "ML-DSA-87"
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign_signature_ctx(uint8_t *sig, size_t *siglen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *ctx, size_t ctxlen,
+        const uint8_t *sk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign_signature_ctx(uint8_t *sig, size_t *siglen,
         const uint8_t *m, size_t mlen,
         const uint8_t *ctx, size_t ctxlen,
         const uint8_t *sk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign_signature_ctx(uint8_t *sig, size_t *siglen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *ctx, size_t ctxlen,
+        const uint8_t *sk);
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign_ctx(uint8_t *sm, size_t *smlen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *ctx, size_t ctxlen,
+        const uint8_t *sk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign_ctx(uint8_t *sm, size_t *smlen,
         const uint8_t *m, size_t mlen,
         const uint8_t *ctx, size_t ctxlen,
         const uint8_t *sk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign_ctx(uint8_t *sm, size_t *smlen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *ctx, size_t ctxlen,
+        const uint8_t *sk);
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign_verify_ctx(const uint8_t *sig, size_t siglen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *ctx, size_t ctxlen,
+        const uint8_t *pk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign_verify_ctx(const uint8_t *sig, size_t siglen,
         const uint8_t *m, size_t mlen,
         const uint8_t *ctx, size_t ctxlen,
         const uint8_t *pk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign_verify_ctx(const uint8_t *sig, size_t siglen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *ctx, size_t ctxlen,
+        const uint8_t *pk);
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign_open_ctx(uint8_t *m, size_t *mlen,
+        const uint8_t *sm, size_t smlen,
+        const uint8_t *ctx, size_t ctxlen,
+        const uint8_t *pk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign_open_ctx(uint8_t *m, size_t *mlen,
         const uint8_t *sm, size_t smlen,
         const uint8_t *ctx, size_t ctxlen,
         const uint8_t *pk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign_open_ctx(uint8_t *m, size_t *mlen,
+        const uint8_t *sm, size_t smlen,
+        const uint8_t *ctx, size_t ctxlen,
+        const uint8_t *pk);
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *sk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen,
         const uint8_t *m, size_t mlen,
         const uint8_t *sk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *sk);
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
+                                      const uint8_t *m, size_t mlen,
+                                      const uint8_t *sk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
                                       const uint8_t *m, size_t mlen,
                                       const uint8_t *sk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
+                                      const uint8_t *m, size_t mlen,
+                                      const uint8_t *sk);
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *pk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen,
         const uint8_t *m, size_t mlen,
         const uint8_t *pk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen,
+        const uint8_t *m, size_t mlen,
+        const uint8_t *pk);
+int PQCLEAN_MLDSA44_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
+        const uint8_t *sm, size_t smlen,
+        const uint8_t *pk);
 int PQCLEAN_MLDSA65_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
         const uint8_t *sm, size_t smlen,
         const uint8_t *pk);
+int PQCLEAN_MLDSA87_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
+        const uint8_t *sm, size_t smlen,
+        const uint8_t *pk);
 #endif

data/ext/pqcrypto/mlkem_api.h CHANGED Viewed

@@ -4,6 +4,18 @@
 #ifdef HAVE_PQCLEAN
 #include <stdint.h>
+#define PQCLEAN_MLKEM512_CLEAN_CRYPTO_SECRETKEYBYTES  1632
+#define PQCLEAN_MLKEM512_CLEAN_CRYPTO_PUBLICKEYBYTES  800
+#define PQCLEAN_MLKEM512_CLEAN_CRYPTO_CIPHERTEXTBYTES 768
+#define PQCLEAN_MLKEM512_CLEAN_CRYPTO_BYTES           32
+#define PQCLEAN_MLKEM512_CLEAN_CRYPTO_ALGNAME "ML-KEM-512"
+int PQCLEAN_MLKEM512_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
+int PQCLEAN_MLKEM512_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+int PQCLEAN_MLKEM512_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
+int PQCLEAN_MLKEM512_CLEAN_crypto_kem_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins);
+int PQCLEAN_MLKEM512_CLEAN_crypto_kem_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins);
 #define PQCLEAN_MLKEM768_CLEAN_CRYPTO_SECRETKEYBYTES  2400
 #define PQCLEAN_MLKEM768_CLEAN_CRYPTO_PUBLICKEYBYTES  1184
 #define PQCLEAN_MLKEM768_CLEAN_CRYPTO_CIPHERTEXTBYTES 1088
@@ -16,6 +28,18 @@ int PQCLEAN_MLKEM768_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const
 int PQCLEAN_MLKEM768_CLEAN_crypto_kem_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins);
 int PQCLEAN_MLKEM768_CLEAN_crypto_kem_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins);
+#define PQCLEAN_MLKEM1024_CLEAN_CRYPTO_SECRETKEYBYTES  3168
+#define PQCLEAN_MLKEM1024_CLEAN_CRYPTO_PUBLICKEYBYTES  1568
+#define PQCLEAN_MLKEM1024_CLEAN_CRYPTO_CIPHERTEXTBYTES 1568
+#define PQCLEAN_MLKEM1024_CLEAN_CRYPTO_BYTES           32
+#define PQCLEAN_MLKEM1024_CLEAN_CRYPTO_ALGNAME "ML-KEM-1024"
+int PQCLEAN_MLKEM1024_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
+int PQCLEAN_MLKEM1024_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+int PQCLEAN_MLKEM1024_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
+int PQCLEAN_MLKEM1024_CLEAN_crypto_kem_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins);
+int PQCLEAN_MLKEM1024_CLEAN_crypto_kem_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins);
 #endif
 #endif

data/ext/pqcrypto/pq_externalmu.c CHANGED Viewed

@@ -1,5 +1,9 @@
 #include "pqcrypto_secure.h"
+#undef PQCLEAN_MLDSA65_CLEAN_CRYPTO_PUBLICKEYBYTES
+#undef PQCLEAN_MLDSA65_CLEAN_CRYPTO_SECRETKEYBYTES
+#undef PQCLEAN_MLDSA65_CLEAN_CRYPTO_BYTES
 #include <stdint.h>
 #include <stddef.h>
 #include <string.h>
@@ -74,7 +78,16 @@ int pq_sign_mu(uint8_t *signature, size_t *signature_len, const uint8_t *mu,
     memcpy(mu_local, mu, CRHBYTES);
-    randombytes(rnd, RNDBYTES);
+    if (randombytes(rnd, RNDBYTES) != 0) {
+        pq_secure_wipe(rho, sizeof(rho));
+        pq_secure_wipe(key, sizeof(key));
+        pq_secure_wipe(rnd, sizeof(rnd));
+        pq_secure_wipe(mu_local, sizeof(mu_local));
+        pq_secure_wipe(&s1, sizeof(s1));
+        pq_secure_wipe(&s2, sizeof(s2));
+        pq_secure_wipe(&t0, sizeof(t0));
+        return PQ_ERROR_RANDOM;
+    }
     {
         uint8_t kr[SEEDBYTES + RNDBYTES + CRHBYTES];