1 /* Copyright (c) 2024, Google LLC 2 * 3 * Permission to use, copy, modify, and/or distribute this software for any 4 * purpose with or without fee is hereby granted, provided that the above 5 * copyright notice and this permission notice appear in all copies. 6 * 7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 14 15 #ifndef OPENSSL_HEADER_CRYPTO_MLDSA_INTERNAL_H 16 #define OPENSSL_HEADER_CRYPTO_MLDSA_INTERNAL_H 17 18 #include <openssl/base.h> 19 #include <openssl/mldsa.h> 20 21 #if defined(__cplusplus) 22 extern "C" { 23 #endif 24 25 26 // MLDSA_SIGNATURE_RANDOMIZER_BYTES is the number of bytes of uniformly 27 // random entropy necessary to generate a signature in randomized mode. 28 #define MLDSA_SIGNATURE_RANDOMIZER_BYTES 32 29 30 31 // ML-DSA-65 32 33 // MLDSA65_generate_key_external_entropy generates a public/private key pair 34 // using the given seed, writes the encoded public key to 35 // |out_encoded_public_key| and sets |out_private_key| to the private key. 36 // It returns 1 on success and 0 on failure. 37 OPENSSL_EXPORT int MLDSA65_generate_key_external_entropy( 38 uint8_t out_encoded_public_key[MLDSA65_PUBLIC_KEY_BYTES], 39 struct MLDSA65_private_key *out_private_key, 40 const uint8_t entropy[MLDSA_SEED_BYTES]); 41 42 // MLDSA65_sign_internal signs |msg| using |private_key| and writes the 43 // signature to |out_encoded_signature|. The |context_prefix| and |context| are 44 // prefixed to the message, in that order, before signing. The |randomizer| 45 // value can be set to zero bytes in order to make a deterministic signature, or 46 // else filled with entropy for the usual |MLDSA_sign| behavior. It returns 1 on 47 // success and 0 on error. 48 OPENSSL_EXPORT int MLDSA65_sign_internal( 49 uint8_t out_encoded_signature[MLDSA65_SIGNATURE_BYTES], 50 const struct MLDSA65_private_key *private_key, const uint8_t *msg, 51 size_t msg_len, const uint8_t *context_prefix, size_t context_prefix_len, 52 const uint8_t *context, size_t context_len, 53 const uint8_t randomizer[MLDSA_SIGNATURE_RANDOMIZER_BYTES]); 54 55 // MLDSA65_verify_internal verifies that |encoded_signature| is a valid 56 // signature of |msg| by |public_key|. The |context_prefix| and |context| are 57 // prefixed to the message before verification, in that order. It returns 1 on 58 // success and 0 on error. 59 OPENSSL_EXPORT int MLDSA65_verify_internal( 60 const struct MLDSA65_public_key *public_key, 61 const uint8_t encoded_signature[MLDSA65_SIGNATURE_BYTES], 62 const uint8_t *msg, size_t msg_len, const uint8_t *context_prefix, 63 size_t context_prefix_len, const uint8_t *context, size_t context_len); 64 65 // MLDSA65_marshal_private_key serializes |private_key| to |out| in the 66 // NIST format for ML-DSA-65 private keys. It returns 1 on success or 0 67 // on allocation error. 68 OPENSSL_EXPORT int MLDSA65_marshal_private_key( 69 CBB *out, const struct MLDSA65_private_key *private_key); 70 71 72 #if defined(__cplusplus) 73 } // extern C 74 #endif 75 76 #endif // OPENSSL_HEADER_CRYPTO_MLDSA_INTERNAL_H 77