echo "gost3410-512C gost3410-256A
ed25519-blake2b ed25519-blake2b
-sphincs+-shake-256s sphincs+-shake-256s" | while read caAlgo eeAlgo ; do
+sphincs+-shake-256f sphincs+-shake-256f" | while read caAlgo eeAlgo ; do
sub="-sub CN=CA -sub C=RU"
test_expect_success "$caAlgo: CA load generation" "cmkeytool \
gost.GOST3410512C,
sntrup4591761x25519.SNTRUP4591761X25519,
mceliece6960119x25519.ClassicMcEliece6960119X25519,
- spx.SPHINCSPlusSHAKE256s,
+ spx.SPHINCSPlusSHAKE256f,
}
sort.Strings(algos)
for _, s := range algos {
prvRaw, pub, err = sntrup4591761x25519.NewKeypair()
case mceliece6960119x25519.ClassicMcEliece6960119X25519:
prvRaw, pub, err = mceliece6960119x25519.NewKeypair()
- case spx.SPHINCSPlusSHAKE256s:
+ case spx.SPHINCSPlusSHAKE256f:
prvRaw, pub, err = spx.NewKeypair(*algo)
default:
err = errors.New("unknown -algo specified")
hasher = cmhash.ByName(cmhash.BLAKE2b256)
case gost.GOST3410256A, gost.GOST3410512C:
hasher = cmhash.ByName(cmhash.Streebog256)
- case mceliece6960119x25519.ClassicMcEliece6960119X25519, spx.SPHINCSPlusSHAKE256s:
+ case mceliece6960119x25519.ClassicMcEliece6960119X25519, spx.SPHINCSPlusSHAKE256f:
hasher = cmhash.ByName(cmhash.SHAKE128)
default:
log.Fatal("unsupported algorithm")
echo "gost3410-512C
gost3410-256A
ed25519-blake2b
-sphincs+-shake-256s" | while read keyalgo ; do
+sphincs+-shake-256f" | while read keyalgo ; do
sub="-sub what=ever"
typ="some-different-type"
return h
case SHAKE128:
return NewSHAKE128()
- case SHAKE256, SPHINCSPlusSHAKE256s, SPHINCSPlusSHAKE256sPh:
+ case SHAKE256, SPHINCSPlusSHAKE256f, SPHINCSPlusSHAKE256fPh:
return NewSHAKE256()
case SHAKE128Merkle:
return NewSHAKE128MerkleHasher(
merkle.DefaultChunkLen, DefaultNumCPU)
- case SHAKE256Merkle, SPHINCSPlusSHAKE256sMerkle:
+ case SHAKE256Merkle, SPHINCSPlusSHAKE256fMerkle:
return NewSHAKE256MerkleHasher(
merkle.DefaultChunkLen, DefaultNumCPU)
}
SHAKE128Merkle = "shake128-merkle"
SHAKE256Merkle = "shake256-merkle"
- SPHINCSPlusSHAKE256s = "sphincs+-shake-256s"
- SPHINCSPlusSHAKE256sPh = "sphincs+-shake-256s-ph"
- SPHINCSPlusSHAKE256sMerkle = "sphincs+-shake-256s-merkle"
+ SPHINCSPlusSHAKE256f = "sphincs+-shake-256f"
+ SPHINCSPlusSHAKE256fPh = "sphincs+-shake-256f-ph"
+ SPHINCSPlusSHAKE256fMerkle = "sphincs+-shake-256f-merkle"
)
type SHAKE struct {
prv, pub, err = ed25519blake2b.NewSigner(av.V)
case gost.GOST3410256A, gost.GOST3410512C:
prv, pub, err = gost.NewSigner(av.V)
- case spx.SPHINCSPlusSHAKE256s:
+ case spx.SPHINCSPlusSHAKE256f:
prv, pub, err = spx.NewSigner(av.V)
default:
err = fmt.Errorf("unknown private key algo: %s", av.A)
if !valid {
err = ErrSigInvalid
}
- case spx.SPHINCSPlusSHAKE256s:
- if algo != spx.SPHINCSPlusSHAKE256s {
+ case spx.SPHINCSPlusSHAKE256f:
+ if algo != spx.SPHINCSPlusSHAKE256f {
return ErrBadSigAlgo
}
valid, err = spx.Verify(key.A, key.V, signed, signature)
if !valid {
err = ErrSigInvalid
}
- case spx.SPHINCSPlusSHAKE256s:
+ case spx.SPHINCSPlusSHAKE256f:
switch algo {
- case spx.SPHINCSPlusSHAKE256sPh:
- case spx.SPHINCSPlusSHAKE256sMerkle:
+ case spx.SPHINCSPlusSHAKE256fPh:
+ case spx.SPHINCSPlusSHAKE256fMerkle:
default:
return ErrBadSigAlgo
}
)
const (
- SPHINCSPlusSHAKE256s = "sphincs+-shake-256s"
- SPHINCSPlusSHAKE256sPh = "sphincs+-shake-256s-ph"
- SPHINCSPlusSHAKE256sMerkle = "sphincs+-shake-256s-merkle"
+ SPHINCSPlusSHAKE256f = "sphincs+-shake-256f"
+ SPHINCSPlusSHAKE256fPh = "sphincs+-shake-256f-ph"
+ SPHINCSPlusSHAKE256fMerkle = "sphincs+-shake-256f-merkle"
)
-var Params = spxParams.MakeSphincsPlusSHAKE256256sSimple(true)
+var Params = spxParams.MakeSphincsPlusSHAKE256256fSimple(true)
func NewKeypair(algo string) (prv, pub []byte, err error) {
sk, pk := spx.Spx_keygen(Params)
func (s *Signer) Algo() string {
switch s.mode {
case mode.Pure:
- return SPHINCSPlusSHAKE256s
+ return SPHINCSPlusSHAKE256f
case mode.Prehash:
- return SPHINCSPlusSHAKE256sPh
+ return SPHINCSPlusSHAKE256fPh
case mode.Merkle:
- return SPHINCSPlusSHAKE256sMerkle
+ return SPHINCSPlusSHAKE256fMerkle
}
return ""
}
@code{mceliece6960119-x25519} algorithm identifier is used.
-@node cm-prv-sphincs+-shake-256s
-@cindex cm-prv-sphincs+-shake-256s
-@nodedescription cm/prv with SPHINCS+-SHAKE256-256s
-@subsection cm/prv with SPHINCS+-SHAKE256-256s
+@node cm-prv-sphincs+-shake-256f
+@cindex cm-prv-sphincs+-shake-256f
+@nodedescription cm/prv with SPHINCS+-SHAKE256-256f
+@subsection cm/prv with SPHINCS+-SHAKE256-256f
@url{https://sphincs.org/, SPHINCS+} with
@url{https://keccak.team/, SHAKE256} hash,
- 255-bit security level, small signatures and simple parameters.
+ 255-bit security level, fast variant and simple parameters.
Value is concatenation of private and public keys (128+64 bytes).
- Algorithm identifier for the public key: @code{sphincs+-shake-256s}.
+ Algorithm identifier for the public key: @code{sphincs+-shake-256f}.
save resources during @ref{kem-mceliece6960119-x25519-hkdf-shake256}
KDF calculations.
-@node cm-pub-sphincs+-shake-256s
-@cindex cm-pub-sphincs+-shake-256s
-@nodedescription cm/pub with SPHINCS+-SHAKE256-256s
-@subsection cm/pub with SPHINCS+-SHAKE256-256s
+@node cm-pub-sphincs+-shake-256f
+@cindex cm-pub-sphincs+-shake-256f
+@nodedescription cm/pub with SPHINCS+-SHAKE256-256f
+@subsection cm/pub with SPHINCS+-SHAKE256-256f
@url{https://sphincs.org/, SPHINCS+} with
@url{https://keccak.team/, SHAKE256} hash,
- 255-bit security level, small signatures and simple parameters.
+ 255-bit security level, fast variant and simple parameters.
- @code{sphincs+-shake-256s} algorithm identifier is used.
+ @code{sphincs+-shake-256f} algorithm identifier is used.
Public key's fingerprint should be calculated using SHAKE128.
HashEdDSA mode is used with @code{ed25519ph-blake2b-merkle}
algorithm identifier for signature.
-@node cm-signed-sphincs+-shake-256s
-@cindex cm-signed-sphincs+-shake-256s
-@cindex cm-signed-sphincs+-shake-256s-ph
-@nodedescription cm/signed with SPHINCS+-SHAKE256-256s
-@subsection cm/signed with SPHINCS+-SHAKE256-256s
+@node cm-signed-sphincs+-shake-256f
+@cindex cm-signed-sphincs+-shake-256f
+@cindex cm-signed-sphincs+-shake-256f-ph
+@nodedescription cm/signed with SPHINCS+-SHAKE256-256f
+@subsection cm/signed with SPHINCS+-SHAKE256-256f
@url{https://sphincs.org/, SPHINCS+} with
@url{https://keccak.team/, SHAKE256} hash,
- 255-bit security level, small signatures,
+ 255-bit security level, fast variant,
simple parameters and deterministic signatures.
- @code{sphincs+-shake-256s} algorithm identifier
+ @code{sphincs+-shake-256f} algorithm identifier
must be used for the signature in pure signing mode.
- @code{sphincs+-shake-256s-ph} is used in prehash mode.
+ @code{sphincs+-shake-256f-ph} is used in prehash mode.
-@node cm-signed-sphincs+-shake-256s-merkle
-@cindex cm-signed-sphincs+-shake-256s-merkle
-@nodedescription cm-signed-sphincs+-shake-256s with Merkle-tree hashing
-@subsection cm-signed-sphincs+-shake-256s with Merkle-tree hashing
+@node cm-signed-sphincs+-shake-256f-merkle
+@cindex cm-signed-sphincs+-shake-256f-merkle
+@nodedescription cm-signed-sphincs+-shake-256f with Merkle-tree hashing
+@subsection cm-signed-sphincs+-shake-256f with Merkle-tree hashing
@ref{cm-hashed-shake-merkle, shake256-merkle} Merkle-tree hashing is used.
- @code{sphincs+-shake-256s-merkle} algorithm
+ @code{sphincs+-shake-256f-merkle} algorithm
identifier must be used for the signature.