diff --git a/wolfcrypt/src/wc_lms.c b/wolfcrypt/src/wc_lms.c index 29267a9cf8..be78da87b2 100644 --- a/wolfcrypt/src/wc_lms.c +++ b/wolfcrypt/src/wc_lms.c @@ -1282,66 +1282,6 @@ int wc_LmsKey_GetPrivLen(const LmsKey* key, word32* len) return ret; } -/* Compute the digest of msg using the hash function dictated by the LMS - * parameter set. Crypto-callback / HSM backends that follow PKCS#11 v3.2 - * CKM_HSS semantics (pre-computed digest input) can call this from within - * their callback; backends that take the raw message (e.g. wolfHSM) can - * ignore it. *hashSz is in/out: it must be at least params->hash_len on - * entry and is set to the actual digest length on success. - * - * @param [in] key LMS key (must have a parameter set bound). - * @param [in] msg Message to hash. - * @param [in] msgSz Length of msg in bytes. - * @param [out] hash Buffer receiving the digest. - * @param [in,out] hashSz On entry, size of hash buffer. On success, - * the digest length. - * @return 0 on success. - * @return BAD_FUNC_ARG when an argument is NULL or the buffer is too - * small for the digest. - * @return NOT_COMPILED_IN when the param set's hash family is disabled. - */ -int wc_LmsKey_HashMsg(const LmsKey* key, const byte* msg, word32 msgSz, - byte* hash, word32* hashSz) -{ - int ret = 0; - word32 needSz; - - if ((key == NULL) || (msg == NULL) || (hash == NULL) || (hashSz == NULL)) - return BAD_FUNC_ARG; - if (key->params == NULL) - return BAD_FUNC_ARG; - needSz = (word32)key->params->hash_len; - if (*hashSz < needSz) - return BAD_FUNC_ARG; - - switch (key->params->lmsType & LMS_HASH_MASK) { - case LMS_SHA256: /* 32-byte SHA-256 */ - case LMS_SHA256_192: /* SHA-256 truncated to 24 bytes */ { - byte full[WC_SHA256_DIGEST_SIZE]; - ret = wc_Sha256Hash(msg, msgSz, full); - if (ret == 0) - XMEMCPY(hash, full, needSz); - break; - } - #ifdef WOLFSSL_LMS_SHAKE256 - case LMS_SHAKE256: /* SHAKE256 with 32-byte output */ - case LMS_SHAKE256_192: /* SHAKE256 with 24-byte output */ { - ret = wc_Shake256Hash(msg, msgSz, hash, needSz); - break; - } - #endif - default: - WOLFSSL_MSG("LMS: unsupported hash family for HashMsg"); - ret = NOT_COMPILED_IN; - break; - } - - if (ret == 0) - *hashSz = needSz; - - return ret; -} - /* Sign a message. * * @param [in, out] key LMS key to sign with. diff --git a/wolfcrypt/src/wc_xmss.c b/wolfcrypt/src/wc_xmss.c index f739f5ee08..41b30c503b 100644 --- a/wolfcrypt/src/wc_xmss.c +++ b/wolfcrypt/src/wc_xmss.c @@ -1421,79 +1421,6 @@ int wc_XmssKey_GetPrivLen(const XmssKey* key, word32* len) return ret; } -/* Compute the digest of msg using the hash function dictated by the XMSS - * parameter set. Crypto-callback / HSM backends that follow PKCS#11 v3.2 - * CKM_XMSS / CKM_XMSSMT semantics (pre-computed digest input, see section - * 6.66.8 "XMSS and XMSSMT without hashing") can call this from within - * their callback; backends that take the raw message (e.g. wolfHSM) can - * ignore it. *hashSz is in/out: it must be at least params->n on entry - * and is set to the actual digest length on success. - * - * @param [in] key XMSS key (must have a parameter set bound). - * @param [in] msg Message to hash. - * @param [in] msgSz Length of msg in bytes. - * @param [out] hash Buffer receiving the digest. - * @param [in,out] hashSz On entry, size of hash buffer. On success, - * the digest length. - * @return 0 on success. - * @return BAD_FUNC_ARG when an argument is NULL or the buffer is too - * small for the digest. - * @return NOT_COMPILED_IN when the param set's hash family is disabled. - */ -int wc_XmssKey_HashMsg(const XmssKey* key, const byte* msg, word32 msgSz, - byte* hash, word32* hashSz) -{ - int ret = 0; - word32 needSz; - - if ((key == NULL) || (msg == NULL) || (hash == NULL) || (hashSz == NULL)) - return BAD_FUNC_ARG; - if (key->params == NULL) - return BAD_FUNC_ARG; - needSz = (word32)key->params->n; - if (*hashSz < needSz) - return BAD_FUNC_ARG; - - switch (key->params->hash) { - #ifdef WC_XMSS_SHA256 - case WC_HASH_TYPE_SHA256: { - /* SHA2_*_192 variants set n=24, but wc_Hash rejects an output - * smaller than WC_SHA256_DIGEST_SIZE. Hash to a full buffer and - * copy the requested prefix. */ - byte full[WC_SHA256_DIGEST_SIZE]; - ret = wc_Sha256Hash(msg, msgSz, full); - if (ret == 0) - XMEMCPY(hash, full, needSz); - break; - } - #endif - #ifdef WC_XMSS_SHA512 - case WC_HASH_TYPE_SHA512: - ret = wc_Hash(WC_HASH_TYPE_SHA512, msg, msgSz, hash, needSz); - break; - #endif - #ifdef WC_XMSS_SHAKE128 - case WC_HASH_TYPE_SHAKE128: - ret = wc_Shake128Hash(msg, msgSz, hash, needSz); - break; - #endif - #ifdef WC_XMSS_SHAKE256 - case WC_HASH_TYPE_SHAKE256: - ret = wc_Shake256Hash(msg, msgSz, hash, needSz); - break; - #endif - default: - WOLFSSL_MSG("XMSS: unsupported hash for HashMsg"); - ret = NOT_COMPILED_IN; - break; - } - - if (ret == 0) - *hashSz = needSz; - - return ret; -} - /* Sign the message using the XMSS secret key. * * @param [in] key XMSS key to use to sign. diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 53b47b7bf0..eee9e23182 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -357,11 +357,6 @@ typedef struct wc_CryptoInfo { int type; /* enum wc_PqcStatefulSignatureType */ } pqc_stateful_sig_kg; struct { - /* Raw message. Backends following the PKCS#11 v3.2 - * CKM_HSS / CKM_XMSS convention of operating on a - * pre-computed digest can call wc_LmsKey_HashMsg / - * wc_XmssKey_HashMsg from inside the callback to obtain - * the algorithm-dictated digest of msg. */ const byte* msg; word32 msgSz; byte* out; @@ -372,7 +367,6 @@ typedef struct wc_CryptoInfo { struct { const byte* sig; word32 sigSz; - /* Raw message. See sign note. */ const byte* msg; word32 msgSz; int* res; @@ -757,9 +751,6 @@ WOLFSSL_LOCAL int wc_CryptoCb_PqcStatefulSigGetDevId(int type, void* key); WOLFSSL_LOCAL int wc_CryptoCb_PqcStatefulSigKeyGen(int type, void* key, WC_RNG* rng); -/* The raw message is forwarded to the callback. Backends that follow the - * PKCS#11 v3.2 CKM_HSS / CKM_XMSS convention (digest input) can call - * wc_LmsKey_HashMsg / wc_XmssKey_HashMsg from inside the callback. */ WOLFSSL_LOCAL int wc_CryptoCb_PqcStatefulSigSign(const byte* msg, word32 msgSz, byte* out, word32* outSz, int type, void* key); WOLFSSL_LOCAL int wc_CryptoCb_PqcStatefulSigVerify(const byte* sig, diff --git a/wolfssl/wolfcrypt/wc_lms.h b/wolfssl/wolfcrypt/wc_lms.h index 6bdb4e6f13..cc58dea204 100644 --- a/wolfssl/wolfcrypt/wc_lms.h +++ b/wolfssl/wolfcrypt/wc_lms.h @@ -825,8 +825,6 @@ WOLFSSL_API int wc_LmsKey_ImportPubRaw(LmsKey * key, const byte * in, word32 inLen); WOLFSSL_API int wc_LmsKey_Verify(LmsKey * key, const byte * sig, word32 sigSz, const byte * msg, int msgSz); -WOLFSSL_API int wc_LmsKey_HashMsg(const LmsKey * key, const byte * msg, - word32 msgSz, byte * hash, word32 * hashSz); WOLFSSL_API const char * wc_LmsKey_ParmToStr(enum wc_LmsParm lmsParm); WOLFSSL_API const char * wc_LmsKey_RcToStr(enum wc_LmsRc lmsRc); diff --git a/wolfssl/wolfcrypt/wc_xmss.h b/wolfssl/wolfcrypt/wc_xmss.h index 668b288599..ae48161be8 100644 --- a/wolfssl/wolfcrypt/wc_xmss.h +++ b/wolfssl/wolfcrypt/wc_xmss.h @@ -457,12 +457,6 @@ WOLFSSL_API int wc_XmssKey_ImportPubRaw(XmssKey* key, const byte* in, word32 inLen); WOLFSSL_API int wc_XmssKey_Verify(XmssKey* key, const byte* sig, word32 sigSz, const byte* msg, int msgSz); -/* Compute the digest of a message with the hash function dictated by the - * XMSS parameter set. Useful for crypto-callback / HSM backends that follow - * the PKCS#11 v3.2 CKM_XMSS / CKM_XMSSMT convention of taking a - * pre-computed digest. */ -WOLFSSL_API int wc_XmssKey_HashMsg(const XmssKey* key, const byte* msg, - word32 msgSz, byte* hash, word32* hashSz); WOLFSSL_LOCAL int wc_xmssmt_keygen(XmssState *state, const unsigned char* seed, unsigned char *sk, unsigned char *pk);