68 lines
2.1 KiB
C
68 lines
2.1 KiB
C
|
#ifndef MT_CRYPTO_H
|
|||
|
|
#define MT_CRYPTO_H
|
|||
|
|
|
|||
|
|
#include <stddef.h>
|
|||
|
|
#include <stdint.h>
|
|||
|
|
|
|||
|
|
#define MT_OK 0
|
|||
|
|
#define MT_ERR_INVALID_INPUT 1
|
|||
|
|
#define MT_ERR_OPENSSL_INIT 2
|
|||
|
|
#define MT_ERR_KEYGEN_FAILED 3
|
|||
|
|
#define MT_ERR_SIGN_FAILED 4
|
|||
|
|
#define MT_ERR_VERIFY_FAILED 5
|
|||
|
|
#define MT_ERR_KAT_MISMATCH 6
|
|||
|
|
#define MT_ERR_PARAM_QUERY_FAILED 7
|
|||
|
|
#define MT_ERR_PARAM_SIZE_MISMATCH 8
|
|||
|
|
#define MT_ERR_PARAM_FETCH_FAILED 9
|
|||
|
|
#define MT_ERR_INVALID_SECRET_KEY 10
|
|||
|
|
#define MT_ERR_INVALID_PUBLIC_KEY 11
|
|||
|
|
#define MT_ERR_SIGN_LENGTH_MISMATCH 12
|
|||
|
|
|
|||
|
|
#define MT_MLDSA65_PUBKEY_SIZE 1952
|
|||
|
|
#define MT_MLDSA65_SECRETKEY_SIZE 4032
|
|||
|
|
#define MT_MLDSA65_SIGNATURE_SIZE 3309
|
|||
|
|
#define MT_MLDSA65_SEED_SIZE 32
|
|||
|
|
|
|||
|
|
#define MT_MLKEM768_PUBKEY_SIZE 1184
|
|||
|
|
#define MT_MLKEM768_SECRETKEY_SIZE 2400
|
|||
|
|
#define MT_MLKEM768_SEED_SIZE 64
|
|||
|
|
|
|||
|
|
int mt_keypair_from_seed_mldsa(
|
|||
|
|
const uint8_t seed[MT_MLDSA65_SEED_SIZE],
|
|||
|
|
uint8_t pk_out[MT_MLDSA65_PUBKEY_SIZE],
|
|||
|
|
uint8_t sk_out[MT_MLDSA65_SECRETKEY_SIZE]
|
|||
|
|
);
|
|||
|
|
|
|||
|
|
int mt_keypair_from_seed_mlkem(
|
|||
|
|
const uint8_t seed[MT_MLKEM768_SEED_SIZE],
|
|||
|
|
uint8_t pk_out[MT_MLKEM768_PUBKEY_SIZE],
|
|||
|
|
uint8_t sk_out[MT_MLKEM768_SECRETKEY_SIZE]
|
|||
|
|
);
|
|||
|
|
|
|||
|
|
int mt_sign_mldsa(
|
|||
|
|
const uint8_t sk[MT_MLDSA65_SECRETKEY_SIZE],
|
|||
|
|
const uint8_t* msg, size_t msg_len,
|
|||
|
|
uint8_t sig_out[MT_MLDSA65_SIGNATURE_SIZE]
|
|||
|
|
);
|
|||
|
|
|
|||
|
|
/* mt_sign_mldsa_ctx — FIPS 204 Algorithm 2 deterministic Sign с FIPS context.
|
|||
|
|
* Montana usage pattern: empty context (0-length) — equivalent к mt_sign_mldsa.
|
|||
|
|
* Non-empty context используется для NIST conformance testing с ACVP non-empty
|
|||
|
|
* context cases. ctx_len limit per FIPS 204: 255 bytes max. */
|
|||
|
|
int mt_sign_mldsa_ctx(
|
|||
|
|
const uint8_t sk[MT_MLDSA65_SECRETKEY_SIZE],
|
|||
|
|
const uint8_t* msg, size_t msg_len,
|
|||
|
|
const uint8_t* ctx, size_t ctx_len,
|
|||
|
|
uint8_t sig_out[MT_MLDSA65_SIGNATURE_SIZE]
|
|||
|
|
);
|
|||
|
|
|
|||
|
|
int mt_verify_mldsa(
|
|||
|
|
const uint8_t pk[MT_MLDSA65_PUBKEY_SIZE],
|
|||
|
|
const uint8_t* msg, size_t msg_len,
|
|||
|
|
const uint8_t sig[MT_MLDSA65_SIGNATURE_SIZE]
|
|||
|
|
);
|
|||
|
|
|
|||
|
|
int mt_self_test(void);
|
|||
|
|
|
|||
|
|
#endif
|