xref: /aosp_15_r20/external/tink/cc/experimental/pqcrypto/signature/subtle/falcon_sign.cc (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1 // Copyright 2021 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 
17 #include "tink/experimental/pqcrypto/signature/subtle/falcon_sign.h"
18 
19 #include <memory>
20 #include <string>
21 #include <utility>
22 
23 #include "absl/memory/memory.h"
24 #include "absl/status/status.h"
25 #include "absl/strings/str_format.h"
26 #include "tink/experimental/pqcrypto/signature/subtle/falcon_subtle_utils.h"
27 #include "tink/util/secret_data.h"
28 #include "tink/util/statusor.h"
29 
30 extern "C" {
31 #include "third_party/pqclean/crypto_sign/falcon-1024/api.h"
32 #include "third_party/pqclean/crypto_sign/falcon-512/api.h"
33 }
34 
35 namespace crypto {
36 namespace tink {
37 namespace subtle {
38 
39 // static
New(const FalconPrivateKeyPqclean & key)40 util::StatusOr<std::unique_ptr<PublicKeySign>> FalconSign::New(
41     const FalconPrivateKeyPqclean& key) {
42   auto status = internal::CheckFipsCompatibility<FalconSign>();
43   if (!status.ok()) return status;
44 
45   return {absl::WrapUnique(new FalconSign(key))};
46 }
47 
Sign(absl::string_view data) const48 util::StatusOr<std::string> FalconSign::Sign(absl::string_view data) const {
49   size_t sig_length;
50   int32_t key_size = private_key_.GetKey().size();
51   std::string signature;
52   int result = 1;
53 
54   switch (key_size) {
55     case kFalcon512PrivateKeySize: {
56       signature.resize(PQCLEAN_FALCON512_CRYPTO_BYTES, '0');
57       result = PQCLEAN_FALCON512_crypto_sign_signature(
58           reinterpret_cast<uint8_t *>(signature.data()), &sig_length,
59           reinterpret_cast<const uint8_t *>(data.data()), data.size(),
60           reinterpret_cast<const uint8_t *>(private_key_.GetKey().data()));
61       if (sig_length > PQCLEAN_FALCON512_CRYPTO_BYTES) {
62         result = -1;
63       }
64       break;
65     }
66     case kFalcon1024PrivateKeySize: {
67       signature.resize(PQCLEAN_FALCON1024_CRYPTO_BYTES, '0');
68       result = PQCLEAN_FALCON1024_crypto_sign_signature(
69           reinterpret_cast<uint8_t *>(signature.data()), &sig_length,
70           reinterpret_cast<const uint8_t *>(data.data()), data.size(),
71           reinterpret_cast<const uint8_t *>(private_key_.GetKey().data()));
72       if (sig_length > PQCLEAN_FALCON1024_CRYPTO_BYTES) {
73         result = -1;
74       }
75       break;
76     }
77     default:
78       return util::Status(absl::StatusCode::kInvalidArgument,
79                           "Invalid keysize.");
80   }
81 
82   if (result != 0) {
83     return util::Status(absl::StatusCode::kInternal, "Signing failed.");
84   }
85 
86   signature.resize(sig_length);
87   return signature;
88 }
89 
90 }  // namespace subtle
91 }  // namespace tink
92 }  // namespace crypto
93