Functions
int	lc_sphincs_ctx_alloc (struct lc_sphincs_ctx **ctx)
	Allocates Sphincs context on heap.
void	lc_sphincs_ctx_zero_free (struct lc_sphincs_ctx *ctx)
	Zeroizes and frees Sphincs context on heap.
void	lc_sphincs_ctx_zero (struct lc_sphincs_ctx *ctx)
	Zeroizes Sphincs context either on heap or on stack.
void	lc_sphincs_ctx_internal (struct lc_sphincs_ctx *ctx)
	Mark the Sphincs context to execute SLH-DSA.Sign_internal / SLH-DSA.Verify_internal.
void	lc_sphincs_ctx_hash (struct lc_sphincs_ctx ctx, const struct lc_hash hash)
	Set the hash type that was used for pre-hashing the message. The message digest is used with the HashSLH-DSA. The message digest is to be provided via the message pointer in the sign/verify APIs.
void	lc_sphincs_ctx_userctx (struct lc_sphincs_ctx ctx, const uint8_t userctx, size_t userctxlen)
	Specify the optional user context string to be applied with the Sphincs signature operation.
enum lc_sphincs_type	lc_sphincs_sk_type (const struct lc_sphincs_sk *sk)
	Obtain Sphincs type from secret key.
enum lc_sphincs_type	lc_sphincs_pk_type (const struct lc_sphincs_pk *pk)
	Obtain Sphincs type from public key.
enum lc_sphincs_type	lc_sphincs_sig_type (const struct lc_sphincs_sig *sig)
	Obtain Sphincs type from signature.
LC_PURE unsigned int	lc_sphincs_sk_size (enum lc_sphincs_type sphincs_type)
	Return the size of the Sphincs secret key.
LC_PURE unsigned int	lc_sphincs_pk_size (enum lc_sphincs_type sphincs_type)
	Return the size of the Sphincs public key.
LC_PURE unsigned int	lc_sphincs_sig_size (enum lc_sphincs_type sphincs_type)
	Return the size of the Sphincs signature.
int	lc_sphincs_sk_load (struct lc_sphincs_sk sk, const uint8_t src_key, size_t src_key_len)
	Load a Sphincs secret key provided with a buffer into the leancrypto data structure.
int	lc_sphincs_sk_set_keytype_fast (struct lc_sphincs_sk *sk)
	Set Sphincs key type to fast.
int	lc_sphincs_sk_set_keytype_small (struct lc_sphincs_sk *sk)
	Set Sphincs key type to small.
int	lc_sphincs_pk_load (struct lc_sphincs_pk pk, const uint8_t src_key, size_t src_key_len)
	Load a Sphincs public key provided with a buffer into the leancrypto data structure.
int	lc_sphincs_pk_set_keytype_fast (struct lc_sphincs_pk *pk)
	Set Sphincs key type to fast.
int	lc_sphincs_pk_set_keytype_small (struct lc_sphincs_pk *pk)
	Set Sphincs key type to small.
int	lc_sphincs_sig_load (struct lc_sphincs_sig sig, const uint8_t src_sig, size_t src_sig_len)
	Load a Sphincs signature provided with a buffer into the leancrypto data structure.
int	lc_sphincs_sk_ptr (uint8_t *sphincs_key, size_t sphincs_key_len, struct lc_sphincs_sk *sk)
	Obtain the reference to the Sphincs key and its length.
int	lc_sphincs_pk_ptr (uint8_t *sphincs_key, size_t sphincs_key_len, struct lc_sphincs_pk *pk)
	Obtain the reference to the Sphincs key and its length.
int	lc_sphincs_sig_ptr (uint8_t *sphincs_sig, size_t sphincs_sig_len, struct lc_sphincs_sig *sig)
	Obtain the reference to the Sphincs signature and its length.
int	lc_sphincs_keypair (struct lc_sphincs_pk pk, struct lc_sphincs_sk sk, struct lc_rng_ctx *rng_ctx, enum lc_sphincs_type sphincs_type)
	Generates Sphincs public and private key.
int	lc_sphincs_keypair_from_seed (struct lc_sphincs_pk pk, struct lc_sphincs_sk sk, const uint8_t *seed, size_t seedlen, enum lc_sphincs_type sphincs_type)
	Generates Sphincs public and private key from a given seed.
int	lc_sphincs_sign (struct lc_sphincs_sig sig, const uint8_t m, size_t mlen, const struct lc_sphincs_sk sk, struct lc_rng_ctx rng_ctx)
	Computes signature in one shot.
int	lc_sphincs_sign_ctx (struct lc_sphincs_sig sig, struct lc_sphincs_ctx ctx, const uint8_t m, size_t mlen, const struct lc_sphincs_sk sk, struct lc_rng_ctx *rng_ctx)
	Computes signature woth user context in one shot.
int	lc_sphincs_sign_init (struct lc_sphincs_ctx ctx, const struct lc_sphincs_sk sk)
	Initializes a signature operation.
int	lc_sphincs_sign_update (struct lc_sphincs_ctx ctx, const uint8_t m, size_t mlen)
	Add more data to an already initialized signature state.
int	lc_sphincs_sign_final (struct lc_sphincs_sig sig, struct lc_sphincs_ctx ctx, const struct lc_sphincs_sk sk, struct lc_rng_ctx rng_ctx)
	Computes signature.
int	lc_sphincs_verify (const struct lc_sphincs_sig sig, const uint8_t m, size_t mlen, const struct lc_sphincs_pk *pk)
	Verifies signature in one shot.
int	lc_sphincs_verify_ctx (const struct lc_sphincs_sig sig, struct lc_sphincs_ctx ctx, const uint8_t m, size_t mlen, const struct lc_sphincs_pk pk)
	Verifies signature with Sphincs context in one shot.
int	lc_sphincs_verify_init (struct lc_sphincs_ctx ctx, const struct lc_sphincs_pk pk)
	Initializes a signature verification operation.
int	lc_sphincs_verify_update (struct lc_sphincs_ctx ctx, const uint8_t m, size_t mlen)
	Add more data to an already initialized signature state.
int	lc_sphincs_verify_final (const struct lc_sphincs_sig sig, struct lc_sphincs_ctx ctx, const struct lc_sphincs_pk *pk)
	Verifies signature.

Detailed Description

Note: Although the API uses the term "sphincs", the implementation provides Sphincs Plus and complies with FIPS 205. Thus the terms Sphincs and SLH-DSA are used interchangeably.

Sphincs API concept

The Sphincs API is accessible via the following header files with the mentioned purpose.

lc_sphincs.h: This API is the generic API allowing the caller to select which Sphincs type (Sphincs 256s, 256f, 192s, 192f, 128s, 128f) are to be used. The selection is made either with the flag specified during key generation or by matching the size of the imported data with the different lc_sphincs_*_load API calls. All remaining APIs take the information about the Sphincs type from the provided input data.

This header file only provides inline functions which selectively call the API provided with the header files below.
lc_sphincs_shake_256s.h: Direct access to Sphincs 256s using SHAKE.
lc_sphincs_shake_256f.h: Direct access to Sphincs 256f using SHAKE.
lc_sphincs_shake_192s.h: Direct access to Sphincs 192s using SHAKE.
lc_sphincs_shake_192f.h: Direct access to Sphincs 192f using SHAKE.
lc_sphincs_shake_128s.h: Direct access to Sphincs 128s using SHAKE.
lc_sphincs_shake_128f.h: Direct access to Sphincs 128f using SHAKE.

To support the stream mode of the Sphincs signature operation, a context structure is required. This context structure can be allocated either on the stack or heap with LC_SPHINCS_CTX_ON_STACK or lc_sphincs_ctx_alloc. The context should be zeroized and freed (only for heap) with lc_sphincs_ctx_zero or lc_sphincs_ctx_zero_free.

Function Documentation

◆ lc_sphincs_ctx_alloc()

int lc_sphincs_ctx_alloc ( struct lc_sphincs_ctx ** ctx )

Allocates Sphincs context on heap.

Parameters

[out] ctx Sphincs context pointer

Returns: 0 (success) or < 0 on error

◆ lc_sphincs_ctx_hash()

void lc_sphincs_ctx_hash	(	struct lc_sphincs_ctx *	ctx,
		const struct lc_hash *	hash )

Set the hash type that was used for pre-hashing the message. The message digest is used with the HashSLH-DSA. The message digest is to be provided via the message pointer in the sign/verify APIs.

Parameters

[in]	ctx	Sphincs context
[in]	hash	Hash context referencing the used hash for pre-hashing the message

◆ lc_sphincs_ctx_internal()

void lc_sphincs_ctx_internal ( struct lc_sphincs_ctx * ctx )

Mark the Sphincs context to execute SLH-DSA.Sign_internal / SLH-DSA.Verify_internal.

Parameters

[in] ctx Sphincs context

◆ lc_sphincs_ctx_userctx()

void lc_sphincs_ctx_userctx	(	struct lc_sphincs_ctx *	ctx,
		const uint8_t *	userctx,
		size_t	userctxlen )

Specify the optional user context string to be applied with the Sphincs signature operation.

Parameters

[in]	ctx	Sphincs context
[in]	userctx	User context string
[in]	userctxlen	Size of the user context string

◆ lc_sphincs_ctx_zero()

void lc_sphincs_ctx_zero ( struct lc_sphincs_ctx * ctx )

Zeroizes Sphincs context either on heap or on stack.

Parameters

[out] ctx Sphincs context pointer

◆ lc_sphincs_ctx_zero_free()

void lc_sphincs_ctx_zero_free ( struct lc_sphincs_ctx * ctx )

Zeroizes and frees Sphincs context on heap.

Parameters

[out] ctx Sphincs context pointer

◆ lc_sphincs_keypair()

int lc_sphincs_keypair	(	struct lc_sphincs_pk *	pk,
		struct lc_sphincs_sk *	sk,
		struct lc_rng_ctx *	rng_ctx,
		enum lc_sphincs_type	sphincs_type )

Generates Sphincs public and private key.

Parameters

[out]	pk	pointer to allocated output public key
[out]	sk	pointer to allocated output private key
[in]	rng_ctx	pointer to seeded random number generator context
[in]	sphincs_type	type of the Sphincs key to generate

Returns: 0 (success) or < 0 on error

◆ lc_sphincs_keypair_from_seed()

int lc_sphincs_keypair_from_seed	(	struct lc_sphincs_pk *	pk,
		struct lc_sphincs_sk *	sk,
		const uint8_t *	seed,
		size_t	seedlen,
		enum lc_sphincs_type	sphincs_type )

Generates Sphincs public and private key from a given seed.

Warning: FIPS 205 does not allow such a call. Therefore, this call will always return -EOPNOTSUPP. The call is provided to allow seampless switch from ML-DSA to SLH-DSA and back.

Parameters

[out]	pk	pointer to allocated output public key
[out]	sk	pointer to allocated output private key
[in]	seed	buffer with the seed data which must be exactly 32 bytes in size
[in]	seedlen	length of the seed buffer
[in]	sphincs_type	type of the Sphincs key to generate

Returns: 0 (success) or < 0 on error

◆ lc_sphincs_pk_load()

int lc_sphincs_pk_load	(	struct lc_sphincs_pk *	pk,
		const uint8_t *	src_key,
		size_t	src_key_len )

Load a Sphincs public key provided with a buffer into the leancrypto data structure.

Parameters

[out]	pk	Secret key to be filled (the caller must have it allocated)
[in]	src_key	Buffer that holds the key to be imported
[in]	src_key_len	Buffer length that holds the key to be imported

Returns: 0 on success or < 0 on error

◆ lc_sphincs_pk_ptr()

int lc_sphincs_pk_ptr	(	uint8_t **	sphincs_key,
		size_t *	sphincs_key_len,
		struct lc_sphincs_pk *	pk )

Obtain the reference to the Sphincs key and its length.

Note: Only pointer references into the leancrypto data structure are returned which implies that any modification will modify the leancrypto key, too.

Parameters

[out]	sphincs_key	Sphincs key pointer
[out]	sphincs_key_len	Length of the key buffer
[in]	pk	Sphincs publi key from which the references are obtained

Returns: 0 on success, != 0 on error

◆ lc_sphincs_pk_set_keytype_fast()

int lc_sphincs_pk_set_keytype_fast ( struct lc_sphincs_pk * pk )

Set Sphincs key type to fast.

When loading a public key, the load mechanism cannot detect whether the key is to be used for the fast or small Sphincs operation (e.g. 256f vs 256s). This API allows the caller to make the setting after key loading. The library uses that decision for further operations.

Parameters

[in] pk Public key to be set

Returns: 0 on success or < 0 on error

◆ lc_sphincs_pk_set_keytype_small()

int lc_sphincs_pk_set_keytype_small ( struct lc_sphincs_pk * pk )

Set Sphincs key type to small.

When loading a public key, the load mechanism cannot detect whether the key is to be used for the fast or small Sphincs operation (e.g. 256f vs 256s). This API allows the caller to make the setting after key loading. The library uses that decision for further operations.

Parameters

[in] pk Public key to be set

Returns: 0 on success or < 0 on error

◆ lc_sphincs_pk_size()

LC_PURE unsigned int lc_sphincs_pk_size ( enum lc_sphincs_type sphincs_type )

Return the size of the Sphincs public key.

Parameters

[in] sphincs_type Sphincs type for which the size is requested

Returns: requested size

◆ lc_sphincs_pk_type()

enum lc_sphincs_type lc_sphincs_pk_type ( const struct lc_sphincs_pk * pk )

Obtain Sphincs type from public key.

Parameters

[in] pk Public key from which the type is to be obtained

Returns: key type

◆ lc_sphincs_sig_load()

int lc_sphincs_sig_load	(	struct lc_sphincs_sig *	sig,
		const uint8_t *	src_sig,
		size_t	src_sig_len )

Load a Sphincs signature provided with a buffer into the leancrypto data structure.

Parameters

[out]	sig	Secret key to be filled (the caller must have it allocated)
[in]	src_sig	Buffer that holds the signature to be imported
[in]	src_sig_len	Buffer length that holds the signature to be imported

Returns: 0 on success or < 0 on error

◆ lc_sphincs_sig_ptr()

int lc_sphincs_sig_ptr	(	uint8_t **	sphincs_sig,
		size_t *	sphincs_sig_len,
		struct lc_sphincs_sig *	sig )

Obtain the reference to the Sphincs signature and its length.

Note: Only pointer references into the leancrypto data structure are returned which implies that any modification will modify the leancrypto signature, too.

Parameters

[out]	sphincs_sig	Sphincs signature pointer
[out]	sphincs_sig_len	Length of the signature buffer
[in]	sig	Sphincs signature from which the references are obtained

Returns: 0 on success, != 0 on error

◆ lc_sphincs_sig_size()

LC_PURE unsigned int lc_sphincs_sig_size ( enum lc_sphincs_type sphincs_type )

Return the size of the Sphincs signature.

Parameters

[in] sphincs_type Sphincs type for which the size is requested

Returns: requested size

◆ lc_sphincs_sig_type()

enum lc_sphincs_type lc_sphincs_sig_type ( const struct lc_sphincs_sig * sig )

Obtain Sphincs type from signature.

Parameters

[in] sig Signature from which the type is to be obtained

Returns: key type

◆ lc_sphincs_sign()

int lc_sphincs_sign	(	struct lc_sphincs_sig *	sig,
		const uint8_t *	m,
		size_t	mlen,
		const struct lc_sphincs_sk *	sk,
		struct lc_rng_ctx *	rng_ctx )

Computes signature in one shot.

Parameters

[out]	sig	pointer to output signature
[in]	m	pointer to message to be signed
[in]	mlen	length of message
[in]	sk	pointer to secret key
[in]	rng_ctx	pointer to seeded random number generator context - when pointer is non-NULL, perform a randomized signing. Otherwise use deterministic signing.

Returns: 0 (success) or < 0 on error

◆ lc_sphincs_sign_ctx()

int lc_sphincs_sign_ctx	(	struct lc_sphincs_sig *	sig,
		struct lc_sphincs_ctx *	ctx,
		const uint8_t *	m,
		size_t	mlen,
		const struct lc_sphincs_sk *	sk,
		struct lc_rng_ctx *	rng_ctx )

Computes signature woth user context in one shot.

This API allows the caller to provide an arbitrary context buffer which is hashed together with the message to form the message digest to be signed.

Using the ctx structure, the caller can select 3 different types of SLH-DSA:

ctx->sphincs_prehash_type set to a hash type, HashSLH-DSA is assumed which implies that the message m must be exactly digest size (FIPS 204 section 5.4)
ctx->ml_dsa_internal set to 1, the SLH-DSA.Sign_internal and .Verify_internal are executed (FIPS 204 chapter 6)
both aforementioned parameter set to NULL / 0, SLH-DSA.Sign and SLH-DSA.Verify are executed (FIPS 204 sections 5.2 and 5.3)

Parameters

[out]	sig	pointer to output signature
[in]	ctx	reference to the allocated Sphincs context handle
[in]	m	pointer to message to be signed
[in]	mlen	length of message
[in]	sk	pointer to secret key
[in]	rng_ctx	pointer to seeded random number generator context - when pointer is non-NULL, perform a randomized signing. Otherwise use deterministic signing.

Returns: 0 (success) or < 0 on error

◆ lc_sphincs_sign_final()

int lc_sphincs_sign_final	(	struct lc_sphincs_sig *	sig,
		struct lc_sphincs_ctx *	ctx,
		const struct lc_sphincs_sk *	sk,
		struct lc_rng_ctx *	rng_ctx )

Computes signature.

Parameters

[out]	sig	pointer to output signature
[in]	ctx	pointer to Sphincs context that was initialized with lc_sphincs_sign_init and filled with lc_sphincs_sign_update
[in]	sk	pointer to secret key
[in]	rng_ctx	pointer to seeded random number generator context - when pointer is non-NULL, perform a randomized signing. Otherwise use deterministic signing.

Returns: 0 (success) or < 0 on error

◆ lc_sphincs_sign_init()

int lc_sphincs_sign_init	(	struct lc_sphincs_ctx *	ctx,
		const struct lc_sphincs_sk *	sk )

Initializes a signature operation.

This call is intended to support messages that are located in non-contiguous places and even becomes available at different times. This call is to be used together with the lc_sphincs_sign_update and lc_sphincs_sign_final.

The use of the init/update/final API implies that automatically HashSLH-DSA is used. This is due to the fact that SLH-DSA cannot be used in the init/update/final mode due to mathematical issues. By default, the following hashes are used which are compliant to the requirement that the message digest must be twice as large as the parameter n:

Sphincs 256s/f: SHA3-512
Sphincs 192s/f: SHA3-384
Sphincs 128s/f: SHA3-256

It is permissible for the caller to select other message digest algorithms by using setting the requested algorithm in the ctx using the lc_sphincs_ctx_hash method before this init function is used. But mind the basic requirement that the message digest size must be at least twice the parameter n! This is checked by leancrypto during the signature generation.

Parameters

[in,out]	ctx	pointer Sphincs context
[in]	sk	pointer to secret key

Returns: 0 (success) or < 0 on error; -EOPNOTSUPP is returned if a different hash than lc_shake256 is used.

◆ lc_sphincs_sign_update()

int lc_sphincs_sign_update	(	struct lc_sphincs_ctx *	ctx,
		const uint8_t *	m,
		size_t	mlen )

Add more data to an already initialized signature state.

This call is intended to support messages that are located in non-contiguous places and even becomes available at different times. This call is to be used together with the lc_sphincs_sign_init and lc_sphincs_sign_final.

Parameters

[in]	ctx	pointer to Sphincs context that was initialized with lc_sphincs_sign_init
[in]	m	pointer to message to be signed
[in]	mlen	length of message

Returns: 0 (success) or < 0 on error

◆ lc_sphincs_sk_load()

int lc_sphincs_sk_load	(	struct lc_sphincs_sk *	sk,
		const uint8_t *	src_key,
		size_t	src_key_len )

Load a Sphincs secret key provided with a buffer into the leancrypto data structure.

Parameters

[out]	sk	Secret key to be filled (the caller must have it allocated)
[in]	src_key	Buffer that holds the key to be imported
[in]	src_key_len	Buffer length that holds the key to be imported

Returns: 0 on success or < 0 on error

◆ lc_sphincs_sk_ptr()

int lc_sphincs_sk_ptr	(	uint8_t **	sphincs_key,
		size_t *	sphincs_key_len,
		struct lc_sphincs_sk *	sk )

Obtain the reference to the Sphincs key and its length.

Note: Only pointer references into the leancrypto data structure are returned which implies that any modification will modify the leancrypto key, too.

Parameters

[out]	sphincs_key	Sphincs key pointer
[out]	sphincs_key_len	Length of the key buffer
[in]	sk	Sphincs secret key from which the references are obtained

Returns: 0 on success, != 0 on error

◆ lc_sphincs_sk_set_keytype_fast()

int lc_sphincs_sk_set_keytype_fast ( struct lc_sphincs_sk * sk )

Set Sphincs key type to fast.

When loading a secret key, the load mechanism cannot detect whether the key is to be used for the fast or small Sphincs operation (e.g. 256f vs 256s). This API allows the caller to make the setting after key loading. The library uses that decision for further operations.

Parameters

[in] sk Secret key to be set

Returns: 0 on success or < 0 on error

◆ lc_sphincs_sk_set_keytype_small()

int lc_sphincs_sk_set_keytype_small ( struct lc_sphincs_sk * sk )

Set Sphincs key type to small.

When loading a secret key, the load mechanism cannot detect whether the key is to be used for the fast or small Sphincs operation (e.g. 256f vs 256s). This API allows the caller to make the setting after key loading. The library uses that decision for further operations.

Parameters

[in] sk Secret key to be set

Returns: 0 on success or < 0 on error

◆ lc_sphincs_sk_size()

LC_PURE unsigned int lc_sphincs_sk_size ( enum lc_sphincs_type sphincs_type )

Return the size of the Sphincs secret key.

Parameters

[in] sphincs_type Sphincs type for which the size is requested

Returns: requested size

◆ lc_sphincs_sk_type()

enum lc_sphincs_type lc_sphincs_sk_type ( const struct lc_sphincs_sk * sk )

Obtain Sphincs type from secret key.

Parameters

[in] sk Secret key from which the type is to be obtained

Returns: key type

◆ lc_sphincs_verify()

int lc_sphincs_verify	(	const struct lc_sphincs_sig *	sig,
		const uint8_t *	m,
		size_t	mlen,
		const struct lc_sphincs_pk *	pk )

Verifies signature in one shot.

Parameters

[in]	sig	pointer to input signature
[in]	m	pointer to message
[in]	mlen	length of message
[in]	pk	pointer to public key

Returns: 0 if signature could be verified correctly and -EBADMSG when signature cannot be verified, < 0 on other errors

◆ lc_sphincs_verify_ctx()

int lc_sphincs_verify_ctx	(	const struct lc_sphincs_sig *	sig,
		struct lc_sphincs_ctx *	ctx,
		const uint8_t *	m,
		size_t	mlen,
		const struct lc_sphincs_pk *	pk )

Verifies signature with Sphincs context in one shot.

This API allows the caller to provide an arbitrary context buffer which is hashed together with the message to form the message digest to be signed.

Parameters

[in]	sig	pointer to input signature
[in]	ctx	reference to the allocated Sphincs context handle
[in]	m	pointer to message
[in]	mlen	length of message
[in]	pk	pointer to public key

Returns: 0 if signature could be verified correctly and -EBADMSG when signature cannot be verified, < 0 on other errors

◆ lc_sphincs_verify_final()

int lc_sphincs_verify_final	(	const struct lc_sphincs_sig *	sig,
		struct lc_sphincs_ctx *	ctx,
		const struct lc_sphincs_pk *	pk )

Verifies signature.

Parameters

[in]	sig	pointer to output signature
[in]	ctx	pointer to Sphincs context that was initialized with lc_sphincs_sign_init and filled with lc_sphincs_sign_update
[in]	pk	pointer to public key

Returns: 0 if signature could be verified correctly and -EBADMSG when signature cannot be verified, < 0 on other errors

◆ lc_sphincs_verify_init()

int lc_sphincs_verify_init	(	struct lc_sphincs_ctx *	ctx,
		const struct lc_sphincs_pk *	pk )

Initializes a signature verification operation.

This call is intended to support messages that are located in non-contiguous places and even becomes available at different times. This call is to be used together with the lc_sphincs_verify_update and lc_sphincs_verify_final.

The use of the init/update/final API implies that automatically HashSLH-DSA is used. This is due to the fact that SLH-DSA cannot be used in the init/update/final mode due to mathematical issues. By default, the following hashes are used which are compliant to the requirement that the message digest must be twice as large as the parameter n:

Sphincs 256s/f: SHA3-512
Sphincs 192s/f: SHA3-384
Sphincs 128s/f: SHA3-256

It is permissible for the caller to select other message digest algorithms by using setting the requested algorithm in the ctx using the lc_sphincs_ctx_hash method before this init function is used.But mind the basic requirement that the message digest size must be at least twice the parameter n! This is checked by leancrypto during the signature verification.

Parameters

[in,out]	ctx	pointer to an allocated Sphincs context
[in]	pk	pointer to public key

Returns: 0 (success) or < 0 on error; -EOPNOTSUPP is returned if a different hash than lc_shake256 is used.

◆ lc_sphincs_verify_update()

int lc_sphincs_verify_update	(	struct lc_sphincs_ctx *	ctx,
		const uint8_t *	m,
		size_t	mlen )

Add more data to an already initialized signature state.

This call is intended to support messages that are located in non-contiguous places and even becomes available at different times. This call is to be used together with the lc_sphincs_verify_init and lc_sphincs_verify_final.

Parameters

[in]	ctx	pointer to Sphincs context that was initialized with lc_sphincs_sign_init
[in]	m	pointer to message to be signed
[in]	mlen	length of message

Returns: 0 (success) or < 0 on error

Functions

Detailed Description

Function Documentation

◆ lc_sphincs_ctx_alloc()

◆ lc_sphincs_ctx_hash()

◆ lc_sphincs_ctx_internal()

◆ lc_sphincs_ctx_userctx()

◆ lc_sphincs_ctx_zero()

◆ lc_sphincs_ctx_zero_free()

◆ lc_sphincs_keypair()

◆ lc_sphincs_keypair_from_seed()

◆ lc_sphincs_pk_load()

◆ lc_sphincs_pk_ptr()

◆ lc_sphincs_pk_set_keytype_fast()

◆ lc_sphincs_pk_set_keytype_small()

◆ lc_sphincs_pk_size()

◆ lc_sphincs_pk_type()

◆ lc_sphincs_sig_load()

◆ lc_sphincs_sig_ptr()

◆ lc_sphincs_sig_size()

◆ lc_sphincs_sig_type()

◆ lc_sphincs_sign()

◆ lc_sphincs_sign_ctx()

◆ lc_sphincs_sign_final()

◆ lc_sphincs_sign_init()

◆ lc_sphincs_sign_update()

◆ lc_sphincs_sk_load()

◆ lc_sphincs_sk_ptr()

◆ lc_sphincs_sk_set_keytype_fast()

◆ lc_sphincs_sk_set_keytype_small()

◆ lc_sphincs_sk_size()

◆ lc_sphincs_sk_type()

◆ lc_sphincs_verify()

◆ lc_sphincs_verify_ctx()

◆ lc_sphincs_verify_final()

◆ lc_sphincs_verify_init()

◆ lc_sphincs_verify_update()