bwesterb
commented
6 months ago Feel free to send a PR.
Closed crypto4a closed 6 months ago
bwesterb
commented
6 months ago Feel free to send a PR.
kste
commented
6 months ago I will send a pull request. There is actually another issue, as https://github.com/sphincs/sphincsplus/blob/035b39429d96ca554402b78f296f0de181674abd/ref/hash_sha2.c#L186 can lead to undefined behaviour for additional parameters if there is only a single tree (d=1) [SPX_TREE_BITS becomes zero in that case].
bwesterb
commented
6 months ago Thanks @kste
There is an issue with the existing reference implementation when experimenting with the new reduced-signature size SPHINCS+ parameter sets due to the fact that some of the new parameter sets utilize large subtree sizes (i.e., > 16) that result in the address.c::set_keypair_addr() function not setting all of the necessary bits as it only copies over the first two bytes.
In general, you may want to modify all ADDR-handling functions to ensure they copy over, or set, all of the bytes of each of the ADDR fields to ensure this doesn't happen.