Skip to content

Commit

Permalink
Add RSA variants, experimental LMS and LM-OTS to algorithm registry (#…
Browse files Browse the repository at this point in the history 
…199)

* algorithm-registry: add LMS and LM-OTS

Signed-off-by: William Woodruff <william@trailofbits.com>

* add LMS and LM-OTS to algo registry

Signed-off-by: William Woodruff <william@trailofbits.com>

* add RSA PSS variants

Signed-off-by: William Woodruff <william@trailofbits.com>

* document PSS variants, make it clear they're PKIX encoded

Signed-off-by: William Woodruff <william@trailofbits.com>

* linearize all RSA variants

Signed-off-by: William Woodruff <william@trailofbits.com>

* drop PCKS1 key encodings

Signed-off-by: William Woodruff <william@trailofbits.com>

---------

Signed-off-by: William Woodruff <william@trailofbits.com>
  • Loading branch information
@woodruffw
woodruffw authored Feb 5, 2024
1 parent 0440eff commit 9bbc08f
Show file tree
Hide file tree
Showing 18 changed files with 292 additions and 126 deletions.
37 changes: 27 additions & 10 deletions docs/algorithm-registry.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,16 +15,33 @@ specification for the design rationale for this registry.

## Signature Algorithms

| Algorithm | Name | Usage |
|-----------|----------------------------|---------------------------------------------------|
| RSA | rsa-sign-pkcs1-2048-sha256 | verify only |
| | rsa-sign-pkcs1-3072-sha256 | sign/verify |
| | rsa-sign-pkcs1-4096-sha256 | sign/verify |
| ECDSA | ecdsa-sha2-256-nistp256 | sign/verify |
| | ecdsa-sha2-384-nistp384 | sign/verify |
| | ecdsa-sha2-512-nistp521 | sign/verify |
| EdDSA | ed25519 | sign/verify |
| | ed25519-ph | sign/verify (recommended only for `hashedrekord`) |
| Algorithm | Name | Usage | Notes |
|-----------|----------------------------|-------------| -------------------------------------------------------------------------------- |
| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | Not recommended. |
| | rsa-sign-pkcs1-3072-sha256 | sign/verify | |
| | rsa-sign-pkcs1-4096-sha256 | sign/verify | |
| | rsa-sign-pss-2048-sha256 | verify only | Not recommended. |
| | rsa-sign-pss-3072-sha256 | sign/verify | |
| | rsa-sign-pss-4096-sha256 | sign/verify | |
| ECDSA | ecdsa-sha2-256-nistp256 | sign/verify | |
| | ecdsa-sha2-384-nistp384 | sign/verify | |
| | ecdsa-sha2-512-nistp521 | sign/verify | |
| EdDSA | ed25519 | sign/verify | |
| | ed25519-ph | sign/verify | Recommended only for `hashedrekord`. |
| LMS | lms-sha256 | sign/verify | Stateful; signer selects the `H` parameter. Not recommended for keyless signing. |
| LM-OTS | lmots-sha256 | sign/verify | One-time use only; signer selects `n` and `w`. |

### Parameter configuration for LMS and LM-OTS

LMS and LM-OTS are both hash-based signature schemes. Both require the signing party
to make parameter choices during key generation.

In both cases, the selected parameters are encoded in the public key representation.
See [RFC 8554 S5.3](https://www.rfc-editor.org/rfc/rfc8554.html#section-5.3) for LMS and
[RFC 8554 S4.3](https://www.rfc-editor.org/rfc/rfc8554.html#section-4.3) for LM-OTS public key
formats. Additionally, see [RFC 8708 S4](https://www.rfc-editor.org/rfc/rfc8708.html) for
`SubjectPublicKeyInfo` and `AlgorithmIdentifier` encodings for both LMS and LM-OTS
public keys.

## Hash Algorithms

Expand Down
13 changes: 9 additions & 4 deletions gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,15 +127,20 @@
"PKCS1_RSA_PSS",
"PKIX_RSA_PKCS1V5",
"PKIX_RSA_PSS",
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"PKIX_RSA_PKCS1V15_2048_SHA256",
"PKIX_RSA_PKCS1V15_3072_SHA256",
"PKIX_RSA_PKCS1V15_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
"PKIX_ECDSA_P521_SHA_512",
"PKIX_ED25519",
"PKIX_ED25519_PH"
"PKIX_ED25519_PH",
"EXPERIMENTAL_LMS_SHA256",
"EXPERIMENTAL_LMOTS_SHA256"
],
"type": "string",
"title": "Public Key Details",
Expand Down
13 changes: 9 additions & 4 deletions gen/jsonschema/schemas/Input.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257,15 +257,20 @@
"PKCS1_RSA_PSS",
"PKIX_RSA_PKCS1V5",
"PKIX_RSA_PSS",
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"PKIX_RSA_PKCS1V15_2048_SHA256",
"PKIX_RSA_PKCS1V15_3072_SHA256",
"PKIX_RSA_PKCS1V15_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
"PKIX_ECDSA_P521_SHA_512",
"PKIX_ED25519",
"PKIX_ED25519_PH"
"PKIX_ED25519_PH",
"EXPERIMENTAL_LMS_SHA256",
"EXPERIMENTAL_LMOTS_SHA256"
],
"type": "string",
"title": "Public Key Details",
Expand Down
13 changes: 9 additions & 4 deletions gen/jsonschema/schemas/PublicKey.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,20 @@
"PKCS1_RSA_PSS",
"PKIX_RSA_PKCS1V5",
"PKIX_RSA_PSS",
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"PKIX_RSA_PKCS1V15_2048_SHA256",
"PKIX_RSA_PKCS1V15_3072_SHA256",
"PKIX_RSA_PKCS1V15_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
"PKIX_ECDSA_P521_SHA_512",
"PKIX_ED25519",
"PKIX_ED25519_PH"
"PKIX_ED25519_PH",
"EXPERIMENTAL_LMS_SHA256",
"EXPERIMENTAL_LMOTS_SHA256"
],
"type": "string",
"title": "Public Key Details",
Expand Down
13 changes: 9 additions & 4 deletions gen/jsonschema/schemas/PublicKeyIdentities.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,20 @@
"PKCS1_RSA_PSS",
"PKIX_RSA_PKCS1V5",
"PKIX_RSA_PSS",
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"PKIX_RSA_PKCS1V15_2048_SHA256",
"PKIX_RSA_PKCS1V15_3072_SHA256",
"PKIX_RSA_PKCS1V15_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
"PKIX_ECDSA_P521_SHA_512",
"PKIX_ED25519",
"PKIX_ED25519_PH"
"PKIX_ED25519_PH",
"EXPERIMENTAL_LMS_SHA256",
"EXPERIMENTAL_LMOTS_SHA256"
],
"type": "string",
"title": "Public Key Details",
Expand Down
13 changes: 9 additions & 4 deletions gen/jsonschema/schemas/TransparencyLogInstance.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,15 +66,20 @@
"PKCS1_RSA_PSS",
"PKIX_RSA_PKCS1V5",
"PKIX_RSA_PSS",
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"PKIX_RSA_PKCS1V15_2048_SHA256",
"PKIX_RSA_PKCS1V15_3072_SHA256",
"PKIX_RSA_PKCS1V15_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
"PKIX_ECDSA_P521_SHA_512",
"PKIX_ED25519",
"PKIX_ED25519_PH"
"PKIX_ED25519_PH",
"EXPERIMENTAL_LMS_SHA256",
"EXPERIMENTAL_LMOTS_SHA256"
],
"type": "string",
"title": "Public Key Details",
Expand Down
13 changes: 9 additions & 4 deletions gen/jsonschema/schemas/TrustedRoot.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,15 +88,20 @@
"PKCS1_RSA_PSS",
"PKIX_RSA_PKCS1V5",
"PKIX_RSA_PSS",
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"PKIX_RSA_PKCS1V15_2048_SHA256",
"PKIX_RSA_PKCS1V15_3072_SHA256",
"PKIX_RSA_PKCS1V15_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
"PKIX_ECDSA_P521_SHA_512",
"PKIX_ED25519",
"PKIX_ED25519_PH"
"PKIX_ED25519_PH",
"EXPERIMENTAL_LMS_SHA256",
"EXPERIMENTAL_LMOTS_SHA256"
],
"type": "string",
"title": "Public Key Details",
Expand Down
Loading

0 comments on commit 9bbc08f

Please sign in to comment.