Files
wolfssl/doc/dox_comments/header_files
Tobias Frauenschläger f16216e5b8 HashSLH-DSA APIs now take the pre-hashed digest, not the raw message
wc_SlhDsaKey_{Sign,Verify}Hash* previously accepted the raw message and
performed the pre-hash internally. They now require the caller to hash the
message first and pass the resulting digest -- the functions no longer call
wc_*Hash() themselves and feed the supplied digest directly into the M'
construction. Parameters are renamed from msg/msgSz to hash/hashSz to reflect
this, and hashSz is validated against wc_HashGetDigestSize(hashType) per
FIPS 205 Section 10.2.2 (32 for SHAKE128, 64 for SHAKE256), returning
BAD_LENGTH_E on mismatch.

This matches ML-DSA's wc_dilithium_{sign,verify}_ctx_hash, NIST ACVP
signatureInterface=external / preHash=preHash vectors, and other libraries
(OpenSSL HASH-ML-DSA, leancrypto, mldsa-native). It also enables distributed
signers and HSM-style flows where the digest is computed separately from the
signing operation.

Migration: callers must now hash the message before invoking these APIs;
passing the raw message will either fail length validation or produce
signatures over the wrong input. The M'-supplied wc_SlhDsaKey_SignMsg* /
VerifyMsg family (FIPS 205 internal interface, Algorithms 19/20) is
unchanged but gains stricter input validation and doxygen coverage.
2026-05-11 10:14:13 +02:00
..
2025-12-29 08:37:51 -08:00
2022-04-06 16:17:36 +01:00
2026-04-22 11:39:39 -07:00
2026-02-10 14:51:51 -08:00
2022-04-06 16:17:36 +01:00
2025-12-03 15:15:32 +00:00
2022-04-06 16:17:36 +01:00
2022-04-06 16:17:36 +01:00
2025-11-21 17:43:55 +00:00
2022-04-06 16:17:36 +01:00
2025-11-21 17:43:55 +00:00
2025-11-21 17:43:55 +00:00
2025-11-21 17:43:55 +00:00
2026-04-08 11:35:48 +02:00
2022-04-06 16:17:36 +01:00
2025-12-03 13:39:09 +09:00
2026-04-22 11:39:39 -07:00
2025-11-21 17:43:55 +00:00
2022-04-06 16:17:36 +01:00
2025-11-21 17:43:55 +00:00
2026-04-10 15:26:16 +09:00
2022-04-06 16:17:36 +01:00
2026-05-08 15:31:55 +09:00
2022-04-06 16:17:36 +01:00