mceliece6960119-x25519 public key prehash support

author Sergey Matveev <stargrave@stargrave.org>

Tue, 2 Dec 2025 08:53:01 +0000 (11:53 +0300)

committer Sergey Matveev <stargrave@stargrave.org>

Tue, 2 Dec 2025 08:53:01 +0000 (11:53 +0300)
author Sergey Matveev <stargrave@stargrave.org>
Tue, 2 Dec 2025 08:53:01 +0000 (11:53 +0300)
committer Sergey Matveev <stargrave@stargrave.org>
Tue, 2 Dec 2025 08:53:01 +0000 (11:53 +0300)
diff --git a/go/cm/cmd/cmenctool/main.go b/go/cm/cmd/cmenctool/main.go

index f3fadc0f1588e0cb555a2421de58191247680f21d581cc8910dd0469bfb97343..50d624e6e7aa11e4e00a443ef8b4d19715ccd68e8f3f03ef09de8f20c5533abb 100644 (file)
--- a/go/cm/cmd/cmenctool/main.go
+++ b/go/cm/cmd/cmenctool/main.go
@@ -165,6 +165,7 @@ func main() {
         PubDir.Dir = *PubDirPth
         var pubs []cm.AV
         var pubIds [][]byte
         PubDir.Dir = *PubDirPth
         var pubs []cm.AV
         var pubIds [][]byte
+       var pubPrehashes [][][]byte
         for _, pth := range flag.Args() {
                 pubData, err := pubParse(pth)
                 if err != nil {
         for _, pth := range flag.Args() {
                 pubData, err := pubParse(pth)
                 if err != nil {
@@ -172,6 +173,7 @@ func main() {
                 }
                 pubs = append(pubs, pubData.Pub[0])
                 pubIds = append(pubIds, pubData.Id)
                 }
                 pubs = append(pubs, pubData.Pub[0])
                 pubIds = append(pubIds, pubData.Id)
+               pubPrehashes = append(pubPrehashes, pubData.Prehash)
         }
  
         var err error
         }
  
         var err error
@@ -561,19 +563,32 @@ func main() {
                                         log.Fatal(err)
                                 }
                                 {
                                         log.Fatal(err)
                                 }
                                 {
-                                       ourMcEliecePub := ourMcEliece.Public()
-                                       var ourMcEliecePubRaw []byte
-                                       ourMcEliecePubRaw, err = ourMcEliecePub.MarshalBinary()
-                                       if err != nil {
-                                               log.Fatal(err)
+                                       var pkHash []byte
+                                       if signed, _ := PubDir.Get(kem.To); signed != nil {
+                                               ourPub, err := pubDataFromSigned(signed)
+                                               if err != nil {
+                                                       log.Fatalln("our from:", err)
+                                               }
+                                               if len(ourPub.Prehash) > 0 {
+                                                       pkHash = ourPub.Prehash[0]
+                                               }
+                                       }
+                                       if pkHash == nil {
+                                               ourMcEliecePub := ourMcEliece.Public()
+                                               var ourMcEliecePubRaw []byte
+                                               ourMcEliecePubRaw, err = ourMcEliecePub.MarshalBinary()
+                                               if err != nil {
+                                                       log.Fatal(err)
+                                               }
+                                               hasher := cmhash.NewSHAKE256()
+                                               hasher.Write(ourMcEliecePubRaw)
+                                               hasher.Write(ourX25519.PublicKey().Bytes())
+                                               pkHash = hasher.Sum(nil)
                                         }
                                         }
-                                       pkHash := cmhash.NewSHAKE256()
-                                       pkHash.Write(ourMcEliecePubRaw)
-                                       pkHash.Write(ourX25519.PublicKey().Bytes())
                                         ikm := bytes.Join([][]byte{
                                                 keyMcEliece, keyX25519,
                                                 sha3.SumSHAKE256(kem.Encap, 64),
                                         ikm := bytes.Join([][]byte{
                                                 keyMcEliece, keyX25519,
                                                 sha3.SumSHAKE256(kem.Encap, 64),
-                                               pkHash.Sum(nil),
+                                               pkHash,
                                         }, []byte{})
                                         var prk []byte
                                         prk, err = hkdf.Extract(cmhash.NewSHAKE256, ikm, nil)
                                         }, []byte{})
                                         var prk []byte
                                         prk, err = hkdf.Extract(cmhash.NewSHAKE256, ikm, nil)
@@ -887,10 +902,16 @@ func main() {
                                         log.Fatal(err)
                                 }
                                 {
                                         log.Fatal(err)
                                 }
                                 {
+                                       var pkHash []byte
+                                       if len(pubPrehashes[pubId]) > 0 {
+                                               pkHash = pubPrehashes[pubId][0]
+                                       } else {
+                                               pkHash = sha3.SumSHAKE256(pub.V, 64)
+                                       }
                                         ikm := bytes.Join([][]byte{
                                                 keyMcEliece[:], keyX25519,
                                                 sha3.SumSHAKE256(kem.Encap, 64),
                                         ikm := bytes.Join([][]byte{
                                                 keyMcEliece[:], keyX25519,
                                                 sha3.SumSHAKE256(kem.Encap, 64),
-                                               sha3.SumSHAKE256(pub.V, 64),
+                                               pkHash,
                                         }, []byte{})
                                         var prk []byte
                                         prk, err = hkdf.Extract(cmhash.NewSHAKE256, ikm, nil)
                                         }, []byte{})
                                         var prk []byte
                                         prk, err = hkdf.Extract(cmhash.NewSHAKE256, ikm, nil)
diff --git a/go/cm/cmd/cmkeytool/main.go b/go/cm/cmd/cmkeytool/main.go

index f21f9fdd06fe5673800034133ee868eaffe24cc58ede5a0862ef7cb07cd8e174..9adc1f530f8e956ac0962ff41f2bcd7a478a61f18f9096e6a9330447646c79aa 100644 (file)
--- a/go/cm/cmd/cmkeytool/main.go
+++ b/go/cm/cmd/cmkeytool/main.go
@@ -225,8 +225,19 @@ func main() {
                         }
                         pubId = hasher.Sum(nil)
                         pubData["id"] = pubId
                         }
                         pubId = hasher.Sum(nil)
                         pubData["id"] = pubId
-                       if err != nil {
-                               log.Fatal(err)
+                       hasher = nil
+                       switch *algo {
+                       case sntrup761x25519.SNTRUP761X25519:
+                               hasher = cmhash.ByName(cmhash.BLAKE2b)
+                       case mceliece6960119x25519.ClassicMcEliece6960119X25519:
+                               hasher = cmhash.ByName(cmhash.SHAKE256)
+                       }
+                       if hasher != nil {
+                               _, err = hasher.Write(pub)
+                               if err != nil {
+                                       log.Fatal(err)
+                               }
+                               pubData["prehash"] = [][]byte{hasher.Sum(nil)}
                         }
                 }
                 if len(ku) > 0 {
                         }
                 }
                 if len(ku) > 0 {
diff --git a/go/cm/sign/pub.go b/go/cm/sign/pub.go

index 5e8cb01dcb476e2e8f7829dc9a7f70f639f9beadffcb869efd30c45eb7a41bb1..b5e8f5c0aab39b0e65d74d43db569ce3b1bc920aac1b29b3af8b499235e57aea 100644 (file)
--- a/go/cm/sign/pub.go
+++ b/go/cm/sign/pub.go
@@ -48,11 +48,12 @@ var (
  
  // Public key' contents.
  type PubData struct {
  
  // Public key' contents.
  type PubData struct {
-       KU   map[string]*struct{} `keks:"ku"`
-       Sub  map[string]string    `keks:"sub"`
-       Crit []map[string]any     `keks:"crit"`
-       Pub  []cm.AV              `keks:"pub"`
-       Id   []byte               `keks:"id"`
+       KU      map[string]*struct{} `keks:"ku"`
+       Sub     map[string]string    `keks:"sub"`
+       Crit    []map[string]any     `keks:"crit"`
+       Pub     []cm.AV              `keks:"pub"`
+       Id      []byte               `keks:"id"`
+       Prehash [][]byte             `keks:"prehash"`
  }
  
  // Parse KEKS-encoded data as Signed with the PubData (certificate) contents.
  }
  
  // Parse KEKS-encoded data as Signed with the PubData (certificate) contents.
@@ -83,9 +84,10 @@ func PubParse(data []byte) (signed *Signed, tail []byte, err error) {
         if err != nil {
                 return
         }
         if err != nil {
                 return
         }
-       tail = d.B
-       signed = &sd
-       if sd.TBS.T != "pub" {
+       if sd.TBS.T == "pub" {
+               tail = d.B
+               signed = &sd
+       } else {
                 err = errors.New("PubParse: wrong load type")
         }
         return
                 err = errors.New("PubParse: wrong load type")
         }
         return
diff --git a/go/cm/sign/storage.go b/go/cm/sign/storage.go

index d1efcb2b2ffcf1b75b8bffc0d7c9f17f70ac43ab6bea7c377d69bc325e8a7f96..810be75ba1804965a5c068ffaee12aeb5494a714d330a1c38e76ad584009a430 100644 (file)
--- a/go/cm/sign/storage.go
+++ b/go/cm/sign/storage.go
@@ -39,10 +39,10 @@ func (s *PubStorageDir) Get(id []byte) (signed *Signed, err error) {
         ))
         if err != nil {
                 if errors.Is(err, fs.ErrNotExist) {
         ))
         if err != nil {
                 if errors.Is(err, fs.ErrNotExist) {
-                       return nil, nil
+                       return
                 }
                 }
-               return nil, err
+               return
         }
         signed, _, err = PubParse(data)
         }
         signed, _, err = PubParse(data)
-       return signed, err
+       return
  }
  }
diff --git a/tcl/schemas/encrypted.tcl b/tcl/schemas/encrypted.tcl

index 3dbae4d5612b2058960f2654b15e4b72e4ec4854a49b4066cea9a14c215d4c1d..6e9ec8f12475a4f34c3a4f092a509c7177d5dae5dee06b4ae8ccaa3ca9d5d820 100644 (file)
--- a/tcl/schemas/encrypted.tcl
+++ b/tcl/schemas/encrypted.tcl
@@ -1,5 +1,5 @@
  encrypted {
  encrypted {
-    {field . {map}}
+    {field . {map} len=~}
      {field dem {with dem}}
      {field kem {list} {of kem} >0}
      {field id {hexlet} optional}
      {field dem {with dem}}
      {field kem {list} {of kem} >0}
      {field id {hexlet} optional}
diff --git a/tcl/schemas/pub-data.tcl b/tcl/schemas/pub-data.tcl

index 3bdfcf1a11171d8d252e5c7f7c3d0b82c6a5894c827a0a19738af89e2bb14c18..7a65c0d7be079acee4c093cc7532e48443fed3d7b2a59019627df9ec2f8f665f 100644 (file)
--- a/tcl/schemas/pub-data.tcl
+++ b/tcl/schemas/pub-data.tcl
@@ -1,8 +1,9 @@
  pub-data {
  pub-data {
-    {field . {map}}
+    {field . {map} len=~}
      {field id {with fpr}}
      {field crit {} !exists}
      {field ku {set} >0 optional}
      {field pub {list} {of av} >0}
      {field sub {map} {of type str} >0}
      {field id {with fpr}}
      {field crit {} !exists}
      {field ku {set} >0 optional}
      {field pub {list} {of av} >0}
      {field sub {map} {of type str} >0}
+    {field prehash {list} {of type bin} >0 optional}
  }
  }
diff --git a/tcl/schemas/signed.tcl b/tcl/schemas/signed.tcl

index da545bbfc6a991acfae9769a696b466774196a3272182814a2223e26722893de..dc6247ff4fa34d1e30698d4c59078db36fb64842174fd7bc5e8f6d9d4202a1a2 100644 (file)
--- a/tcl/schemas/signed.tcl
+++ b/tcl/schemas/signed.tcl
@@ -16,7 +16,7 @@ tbs {
  }
  
  sig {
  }
  
  sig {
-    {field . {map}}
+    {field . {map} len=~}
      {field tbs {with sig-tbs}}
      {field sign {with av}}
  }
      {field tbs {with sig-tbs}}
      {field sign {with av}}
  }
author	Sergey Matveev <stargrave@stargrave.org>
	Tue, 2 Dec 2025 08:53:01 +0000 (11:53 +0300)
committer	Sergey Matveev <stargrave@stargrave.org>
	Tue, 2 Dec 2025 08:53:01 +0000 (11:53 +0300)
go/cm/cmd/cmenctool/main.go		patch \| blob \| history
go/cm/cmd/cmkeytool/main.go		patch \| blob \| history
go/cm/sign/pub.go		patch \| blob \| history
go/cm/sign/storage.go		patch \| blob \| history
tcl/schemas/encrypted.tcl		patch \| blob \| history
tcl/schemas/pub-data.tcl		patch \| blob \| history
tcl/schemas/signed.tcl		patch \| blob \| history