Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

LibOQS-Java will need to support passing in the Context String into the Sign API #27

Open
johngray-dev opened this issue Oct 23, 2024 · 5 comments · May be fixed by #29
Open

LibOQS-Java will need to support passing in the Context String into the Sign API #27

johngray-dev opened this issue Oct 23, 2024 · 5 comments · May be fixed by #29

Comments

@johngray-dev
Copy link

FIPS 204 and 205 uses a context string as part of their sign API. It was a last minute change in the final standard. Having an API to pass in this context will need to be added to this library.

In a similar vein, it doesn't look like liboqs support the context String yet at its API level. I see in this branch https://github.com/open-quantum-safe/liboqs/tree/bhe-fips204-final that the underlying sign.c in the ML-DSA algorithms support a context, but the higher level API and subsequent libOQS wrappers don't allow it to be passed in yet. It also looks like the regular sign() API just calls the sign_context() API and passes in NULL as the context. I imagine once that is all sorted out a context string can be passed into libOQS, then it will be possible to update this Java wrapper to support the context.

@johngray-dev
Copy link
Author

I guess once liboqs sorts out the API in https://github.com/open-quantum-safe/liboqs/tree/bhe-fips204-final then this project can be updated.

@SWilson4
Copy link
Member

I guess once liboqs sorts out the API in https://github.com/open-quantum-safe/liboqs/tree/bhe-fips204-final then this project can be updated.

I believe all of the language wrappers will need to be updated in order to support the new API. Any contributions in this regard would be very welcome and would speed the process up, as we will have quite a bit of work to do (not only in the wrappers but also in other integrations).

@dstebila
Copy link
Member

open-quantum-safe/liboqs#1919 adds a new API for signing with a context string:

OQS_API OQS_STATUS OQS_SIG_sign_with_ctx_str(const OQS_SIG *sig, uint8_t *signature, 
    size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *ctx_str, 
    size_t ctx_str_len, const uint8_t *secret_key);
OQS_API OQS_STATUS OQS_SIG_verify_with_ctx_str(const OQS_SIG *sig, const uint8_t *message, 
    size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *ctx_str, 
    size_t ctx_str_len, const uint8_t *public_key);

Note there is also a discussion in open-quantum-safe/liboqs#2001 about whether to deprecate the old API.

@johngray-dev
Copy link
Author

johngray-dev commented Dec 6, 2024

A member of our team added support for the context and we have verified it works. We can submit the change in a pull request if you like. I would have created a branch to do it, but no permission, so I think we can fork it in a repository and then submit a pull request. Thanks for adding the context in the 12rc1 branch!

@SWilson4
Copy link
Member

SWilson4 commented Dec 6, 2024

A member of our team added support for the context and we have verified it works. We can submit the change in a pull request if you like. I would have created a branch to do it, but no permission, so I think we can fork it in a repository and then submit a pull request. Thanks for adding the context in the 12rc1 branch!

That would be great, thanks @johngray-dev! A PR from a fork is perfectly fine.

@johngray-dev johngray-dev linked a pull request Dec 10, 2024 that will close this issue
@SWilson4 SWilson4 linked a pull request Dec 16, 2024 that will close this issue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants