-
Notifications
You must be signed in to change notification settings - Fork 473
Minimal example of a post quantum signature
xvzcf edited this page Mar 18, 2020
·
2 revisions
Given below is a small program that performs signature generation and verification using the implementation of the Dilithium-2 post-quantum signature provided by liboqs. The source is available in tests/example_sig.c.
/*
* example_sig.c
*
* Minimal example of using a post-quantum signature implemented in liboqs.
*
*/
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <oqs/oqs.h>
#define MESSAGE_LEN 50
/* Cleaning up memory etc */
void cleanup_stack(uint8_t *secret_key, size_t secret_key_len);
void cleanup_heap(uint8_t *public_key, uint8_t *secret_key,
uint8_t *message, uint8_t *signature,
OQS_SIG *sig);
/* This function gives an example of the signing operations
* using only compile-time macros and allocating variables
* statically on the stack, calling a specific algorithm's functions
* directly.
*
* The macros OQS_SIG_dilithium_2_length_* and the functions OQS_SIG_dilithium_2_*
* are only defined if the algorithm dilithium_2 was enabled at compile-time
* which must be checked using the OQS_ENABLE_SIG_dilithium_2 macro.
*
* <oqs/oqsconfig.h>, which is included in <oqs/oqs.h>, contains macros
* indicating which algorithms were enabled when this instance of liboqs
* was compiled.
*/
static OQS_STATUS example_stack(void) {
#ifdef OQS_ENABLE_SIG_dilithium_2
OQS_STATUS rc;
uint8_t public_key[OQS_SIG_dilithium_2_length_public_key];
uint8_t secret_key[OQS_SIG_dilithium_2_length_secret_key];
uint8_t message[MESSAGE_LEN];
uint8_t signature[OQS_SIG_dilithium_2_length_signature];
size_t message_len = MESSAGE_LEN;
size_t signature_len;
// let's create a random test message to sign
OQS_randombytes(message, message_len);
rc = OQS_SIG_dilithium_2_keypair(public_key, secret_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_SIG_dilithium_2_keypair failed!\n");
cleanup_stack(secret_key, OQS_SIG_dilithium_2_length_secret_key);
return OQS_ERROR;
}
rc = OQS_SIG_dilithium_2_sign(signature, &signature_len, message, message_len, secret_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_SIG_dilithium_2_sign failed!\n");
cleanup_stack(secret_key, OQS_SIG_dilithium_2_length_secret_key);
return OQS_ERROR;
}
rc = OQS_SIG_dilithium_2_verify(message, message_len, signature, signature_len, public_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_SIG_dilithium_2_verify failed!\n");
cleanup_stack(secret_key, OQS_SIG_dilithium_2_length_secret_key);
return OQS_ERROR;
}
printf("[example_stack] OQS_SIG_dilithium_2 operations completed.\n");
cleanup_stack(secret_key, OQS_SIG_dilithium_2_length_secret_key);
return OQS_SUCCESS; // success!
#else
printf("[example_stack] OQS_SIG_dilithium_2 was not enabled at compile-time.\n");
return OQS_ERROR;
#endif
}
/* This function gives an example of the signing operations,
* allocating variables dynamically on the heap and calling the generic
* OQS_SIG object.
*
* This does not require the use of compile-time macros to check if the
* algorithm in question was enabled at compile-time; instead, the caller
* must check that the OQS_SIG object returned is not NULL.
*/
static OQS_STATUS example_heap(void) {
OQS_SIG *sig = NULL;
uint8_t *public_key = NULL;
uint8_t *secret_key = NULL;
uint8_t *message = NULL;
uint8_t *signature = NULL;
size_t message_len = MESSAGE_LEN;
size_t signature_len;
OQS_STATUS rc;
sig = OQS_SIG_new(OQS_SIG_alg_dilithium_2);
if (sig == NULL) {
printf("[example_heap] OQS_SIG_alg_dilithium_2 was not enabled at compile-time.\n");
return OQS_ERROR;
}
public_key = malloc(sig->length_public_key);
secret_key = malloc(sig->length_secret_key);
message = malloc(message_len);
signature = malloc(sig->length_signature);
if ((public_key == NULL) || (secret_key == NULL) || (message == NULL) || (signature == NULL)) {
fprintf(stderr, "ERROR: malloc failed!\n");
cleanup_heap(public_key, secret_key, message, signature, sig);
return OQS_ERROR;
}
// let's create a random test message to sign
OQS_randombytes(message, message_len);
rc = OQS_SIG_keypair(sig, public_key, secret_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_SIG_keypair failed!\n");
cleanup_heap(public_key, secret_key, message, signature, sig);
return OQS_ERROR;
}
rc = OQS_SIG_sign(sig, signature, &signature_len, message, message_len, secret_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_SIG_sign failed!\n");
cleanup_heap(public_key, secret_key, message, signature, sig);
return OQS_ERROR;
}
rc = OQS_SIG_verify(sig, message, message_len, signature, signature_len, public_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_SIG_verify failed!\n");
cleanup_heap(public_key, secret_key, message, signature, sig);
return OQS_ERROR;
}
printf("[example_heap] OQS_SIG_dilithium_2 operations completed.\n");
cleanup_heap(public_key, secret_key, message, signature, sig);
return OQS_SUCCESS; // success
}
int main(void) {
if (example_stack() == OQS_SUCCESS && example_heap() == OQS_SUCCESS) {
return EXIT_SUCCESS;
} else {
return EXIT_FAILURE;
}
}
void cleanup_stack(uint8_t *secret_key, size_t secret_key_len) {
OQS_MEM_cleanse(secret_key, secret_key_len);
}
void cleanup_heap(uint8_t *public_key, uint8_t *secret_key,
uint8_t *message, uint8_t *signature,
OQS_SIG *sig) {
if (sig != NULL) {
OQS_MEM_secure_free(secret_key, sig->length_secret_key);
}
OQS_MEM_insecure_free(public_key);
OQS_MEM_insecure_free(message);
OQS_MEM_insecure_free(signature);
OQS_SIG_free(sig);
}
To compile this example in a POSIX-like environment (UNIX/Linux/cygwin etc.), first ensure you've built liboqs with Dilithium-2 enabled (which is the case by default). Then, from the top-level directory of liboqs, run:
$CC -Ibuild/include -Lbuild/lib tests/example_sig.c -o example_sig -loqs
where $CC
denotes your compiler of choice.