Dilithium#

Caution

Currently, crypto-condor uses test vectors for version 3.1 of Dilithium, which is the latest release of the reference implementation. This version differs slightly from the one submitted to the third round of the NIST competition. It also differs from the draft for ML-DSA, the NIST standard. The test vectors are not compatible between versions.

As 3.1 is the latest release, we do not intend to support version 3. Regarding ML-DSA, it is currently a draft, so it is subject to change, and NIST hasn’t released test vectors for it. Once the final version is published with accompanying vectors it will integrated into crypto-condor.

In Dilithium, the size of the public key, secret keys, and signature is fixed. These parameters are still provided to the hooked function, but if the implementation you are testing doesn’t require them, that may be the reason why.

Parameter sets and object sizes (in bytes)#

Parameter set

Public key

Private key

Signature

2

1312

2528

2420

3

1952

4000

3293

5

2592

4864

4595

Sign#

To test a function that signs with Dilithium, its name must conform to the following convention:

CC_Dilithium_<param set>_sign

Its signature must be:

void Dilithium_sign(
uint8_t *sig,
size_t siglen,
const uint8_t *msg,
size_t msglen,
const uint8_t *sk,
size_t sklen,
)#

Signs a message with Dilithium.

Parameters:
  • sig[Out] A buffer to store the resulting signature.

  • siglen[In] The size of the signature buffer in bytes.

  • msg[In] The message to sign.

  • msglen[In] The size of the message in bytes.

  • sk[In] The secret key to use.

  • sklen[In] The size of the secret key in bytes.

Example:

  • Dilithium2:

void CC_Dilithium_2_sign(uint8_t *sig, size_t siglen,
                         const uint8_t *msg, size_t msglen,
                         const uint8_t *sk, size_t sklen);

Verify#

To test a function that verifies Dilithium signatures, its name must conform to the following convention:

CC_Dilithium_<param set>_verify

Its signature must be:

int Dilithium_verify(
const uint8_t *sig,
size_t siglen,
const uint8_t *msg,
size_t msglen,
const uint8_t *pk,
size_t pklen,
)#
Parameters:
  • sig[In] The signature to verify.

  • siglen[In] The size of the signature in bytes.

  • msg[In] The message that was signed.

  • msglen[In] The size of the message in bytes.

  • pk[In] The public key.

  • pklen[In] The size of the public key in bytes.

Returns:

The result of the verification.

Return values:
  • 0 – OK.

  • -1 – The signature is invalid.

Example:

  • Dilithium2:

int CC_Dilithium_2_verify(const uint8_t *sig, size_t siglen,
                          const uint8_t *msg, size_t msglen,
                          const uint8_t *pk, size_t pklen);