Lines Matching +full:- +full:state
1 /* $OpenBSD: sshkey-xmss.c,v 1.12 2022/10/28 00:39:29 djm Exp $ */
46 #include "sshkey-xmss.h"
52 /* opaque internal XMSS state */
53 #define XMSS_MAGIC "xmss-state-v1"
54 #define XMSS_CIPHERNAME "aes256-gcm@openssh.com"
69 u_int32_t idx; /* state read from file */
71 int have_state; /* .state file exists */
74 char *enc_ciphername;/* encrypt state with cipher */
75 u_char *enc_keyiv; /* encrypt state with key */
97 struct ssh_xmss_state *state; in sshkey_xmss_init() local
99 if (key->xmss_state != NULL) in sshkey_xmss_init()
103 state = calloc(sizeof(struct ssh_xmss_state), 1); in sshkey_xmss_init()
104 if (state == NULL) in sshkey_xmss_init()
107 state->n = 32; in sshkey_xmss_init()
108 state->w = 16; in sshkey_xmss_init()
109 state->h = 10; in sshkey_xmss_init()
111 state->n = 32; in sshkey_xmss_init()
112 state->w = 16; in sshkey_xmss_init()
113 state->h = 16; in sshkey_xmss_init()
115 state->n = 32; in sshkey_xmss_init()
116 state->w = 16; in sshkey_xmss_init()
117 state->h = 20; in sshkey_xmss_init()
119 free(state); in sshkey_xmss_init()
122 if ((key->xmss_name = strdup(name)) == NULL) { in sshkey_xmss_init()
123 free(state); in sshkey_xmss_init()
126 state->k = 2; /* XXX hardcoded */ in sshkey_xmss_init()
127 state->lockfd = -1; in sshkey_xmss_init()
128 if (xmss_set_params(&state->params, state->n, state->h, state->w, in sshkey_xmss_init()
129 state->k) != 0) { in sshkey_xmss_init()
130 free(state); in sshkey_xmss_init()
133 key->xmss_state = state; in sshkey_xmss_init()
140 struct ssh_xmss_state *state = key->xmss_state; in sshkey_xmss_free_state() local
143 if (state) { in sshkey_xmss_free_state()
144 if (state->enc_keyiv) { in sshkey_xmss_free_state()
145 explicit_bzero(state->enc_keyiv, state->enc_keyiv_len); in sshkey_xmss_free_state()
146 free(state->enc_keyiv); in sshkey_xmss_free_state()
148 free(state->enc_ciphername); in sshkey_xmss_free_state()
149 free(state); in sshkey_xmss_free_state()
151 key->xmss_state = NULL; in sshkey_xmss_free_state()
155 #define num_stack(x) ((x->h+1)*(x->n))
156 #define num_stacklevels(x) (x->h+1)
157 #define num_auth(x) ((x->h)*(x->n))
158 #define num_keep(x) ((x->h >> 1)*(x->n))
159 #define num_th_nodes(x) ((x->h - x->k)*(x->n))
160 #define num_retain(x) (((1ULL << x->k) - x->k - 1) * (x->n))
161 #define num_treehash(x) ((x->h) - (x->k))
166 struct ssh_xmss_state *state = key->xmss_state; in sshkey_xmss_init_bds_state() local
169 state->stackoffset = 0; in sshkey_xmss_init_bds_state()
170 if ((state->stack = calloc(num_stack(state), 1)) == NULL || in sshkey_xmss_init_bds_state()
171 (state->stacklevels = calloc(num_stacklevels(state), 1))== NULL || in sshkey_xmss_init_bds_state()
172 (state->auth = calloc(num_auth(state), 1)) == NULL || in sshkey_xmss_init_bds_state()
173 (state->keep = calloc(num_keep(state), 1)) == NULL || in sshkey_xmss_init_bds_state()
174 (state->th_nodes = calloc(num_th_nodes(state), 1)) == NULL || in sshkey_xmss_init_bds_state()
175 (state->retain = calloc(num_retain(state), 1)) == NULL || in sshkey_xmss_init_bds_state()
176 (state->treehash = calloc(num_treehash(state), in sshkey_xmss_init_bds_state()
181 for (i = 0; i < state->h - state->k; i++) in sshkey_xmss_init_bds_state()
182 state->treehash[i].node = &state->th_nodes[state->n*i]; in sshkey_xmss_init_bds_state()
183 xmss_set_bds_state(&state->bds, state->stack, state->stackoffset, in sshkey_xmss_init_bds_state()
184 state->stacklevels, state->auth, state->keep, state->treehash, in sshkey_xmss_init_bds_state()
185 state->retain, 0); in sshkey_xmss_init_bds_state()
192 struct ssh_xmss_state *state = key->xmss_state; in sshkey_xmss_free_bds() local
194 if (state == NULL) in sshkey_xmss_free_bds()
196 free(state->stack); in sshkey_xmss_free_bds()
197 free(state->stacklevels); in sshkey_xmss_free_bds()
198 free(state->auth); in sshkey_xmss_free_bds()
199 free(state->keep); in sshkey_xmss_free_bds()
200 free(state->th_nodes); in sshkey_xmss_free_bds()
201 free(state->retain); in sshkey_xmss_free_bds()
202 free(state->treehash); in sshkey_xmss_free_bds()
203 state->stack = NULL; in sshkey_xmss_free_bds()
204 state->stacklevels = NULL; in sshkey_xmss_free_bds()
205 state->auth = NULL; in sshkey_xmss_free_bds()
206 state->keep = NULL; in sshkey_xmss_free_bds()
207 state->th_nodes = NULL; in sshkey_xmss_free_bds()
208 state->retain = NULL; in sshkey_xmss_free_bds()
209 state->treehash = NULL; in sshkey_xmss_free_bds()
215 struct ssh_xmss_state *state = key->xmss_state; in sshkey_xmss_params() local
217 if (state == NULL) in sshkey_xmss_params()
219 return &state->params; in sshkey_xmss_params()
225 struct ssh_xmss_state *state = key->xmss_state; in sshkey_xmss_bds_state() local
227 if (state == NULL) in sshkey_xmss_bds_state()
229 return &state->bds; in sshkey_xmss_bds_state()
235 struct ssh_xmss_state *state = key->xmss_state; in sshkey_xmss_siglen() local
239 if (state == NULL) in sshkey_xmss_siglen()
241 *lenp = 4 + state->n + in sshkey_xmss_siglen()
242 state->params.wots_par.keysize + in sshkey_xmss_siglen()
243 state->h * state->n; in sshkey_xmss_siglen()
250 struct ssh_xmss_state *state = key->xmss_state; in sshkey_xmss_pklen() local
252 if (state == NULL) in sshkey_xmss_pklen()
254 return state->n * 2; in sshkey_xmss_pklen()
260 struct ssh_xmss_state *state = key->xmss_state; in sshkey_xmss_sklen() local
262 if (state == NULL) in sshkey_xmss_sklen()
264 return state->n * 4 + 4; in sshkey_xmss_sklen()
270 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_init_enc_key() local
274 if (state == NULL) in sshkey_xmss_init_enc_key()
278 if ((state->enc_ciphername = strdup(ciphername)) == NULL) in sshkey_xmss_init_enc_key()
282 state->enc_keyiv_len = keylen + ivlen; in sshkey_xmss_init_enc_key()
283 if ((state->enc_keyiv = calloc(state->enc_keyiv_len, 1)) == NULL) { in sshkey_xmss_init_enc_key()
284 free(state->enc_ciphername); in sshkey_xmss_init_enc_key()
285 state->enc_ciphername = NULL; in sshkey_xmss_init_enc_key()
288 arc4random_buf(state->enc_keyiv, state->enc_keyiv_len); in sshkey_xmss_init_enc_key()
295 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_serialize_enc_key() local
298 if (state == NULL || state->enc_keyiv == NULL || in sshkey_xmss_serialize_enc_key()
299 state->enc_ciphername == NULL) in sshkey_xmss_serialize_enc_key()
301 if ((r = sshbuf_put_cstring(b, state->enc_ciphername)) != 0 || in sshkey_xmss_serialize_enc_key()
302 (r = sshbuf_put_string(b, state->enc_keyiv, in sshkey_xmss_serialize_enc_key()
303 state->enc_keyiv_len)) != 0) in sshkey_xmss_serialize_enc_key()
311 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_deserialize_enc_key() local
315 if (state == NULL) in sshkey_xmss_deserialize_enc_key()
317 if ((r = sshbuf_get_cstring(b, &state->enc_ciphername, NULL)) != 0 || in sshkey_xmss_deserialize_enc_key()
318 (r = sshbuf_get_string(b, &state->enc_keyiv, &len)) != 0) in sshkey_xmss_deserialize_enc_key()
320 state->enc_keyiv_len = len; in sshkey_xmss_deserialize_enc_key()
328 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_serialize_pk_info() local
333 if (state == NULL) in sshkey_xmss_serialize_pk_info()
337 idx = k->xmss_sk ? PEEK_U32(k->xmss_sk) : state->idx; in sshkey_xmss_serialize_pk_info()
340 (r = sshbuf_put_u32(b, state->maxidx)) != 0) in sshkey_xmss_serialize_pk_info()
348 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_deserialize_pk_info() local
352 if (state == NULL) in sshkey_xmss_deserialize_pk_info()
361 if ((r = sshbuf_get_u32(b, &state->idx)) != 0 || in sshkey_xmss_deserialize_pk_info()
362 (r = sshbuf_get_u32(b, &state->maxidx)) != 0) in sshkey_xmss_deserialize_pk_info()
386 if ((k->xmss_pk = malloc(sshkey_xmss_pklen(k))) == NULL || in sshkey_xmss_generate_private_key()
387 (k->xmss_sk = malloc(sshkey_xmss_sklen(k))) == NULL) { in sshkey_xmss_generate_private_key()
390 xmss_keypair(k->xmss_pk, k->xmss_sk, sshkey_xmss_bds_state(k), in sshkey_xmss_generate_private_key()
400 int ret = SSH_ERR_SYSTEM_ERROR, r, fd = -1; in sshkey_xmss_get_state_from_file()
408 PRINT("corrupt state file: %s", filename); in sshkey_xmss_get_state_from_file()
436 if (fd != -1) in sshkey_xmss_get_state_from_file()
447 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_get_state() local
451 int lockfd = -1, have_state = 0, have_ostate, tries = 0; in sshkey_xmss_get_state()
454 if (state == NULL) in sshkey_xmss_get_state()
459 * Otherwise we need to deal with the on-disk state. in sshkey_xmss_get_state()
461 if (state->maxidx) { in sshkey_xmss_get_state()
462 /* xmss_sk always contains the current state */ in sshkey_xmss_get_state()
463 idx = PEEK_U32(k->xmss_sk); in sshkey_xmss_get_state()
464 if (idx < state->maxidx) { in sshkey_xmss_get_state()
465 state->allow_update = 1; in sshkey_xmss_get_state()
470 if ((filename = k->xmss_filename) == NULL) in sshkey_xmss_get_state()
472 if (asprintf(&lockfile, "%s.lock", filename) == -1 || in sshkey_xmss_get_state()
473 asprintf(&statefile, "%s.state", filename) == -1 || in sshkey_xmss_get_state()
474 asprintf(&ostatefile, "%s.ostate", filename) == -1) { in sshkey_xmss_get_state()
478 if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) == -1) { in sshkey_xmss_get_state()
483 while (flock(lockfd, LOCK_EX|LOCK_NB) == -1) { in sshkey_xmss_get_state()
501 state->allow_update = 1; in sshkey_xmss_get_state()
503 state->idx = PEEK_U32(k->xmss_sk); in sshkey_xmss_get_state()
504 state->allow_update = 0; in sshkey_xmss_get_state()
508 /* check that bds state is initialized */ in sshkey_xmss_get_state()
509 if (state->bds.auth == NULL) in sshkey_xmss_get_state()
511 PRINT("start from scratch idx 0: %u", state->idx); in sshkey_xmss_get_state()
516 if (state->idx + 1 < state->idx) { in sshkey_xmss_get_state()
517 PRINT("state wrap: %u", state->idx); in sshkey_xmss_get_state()
520 state->have_state = have_state; in sshkey_xmss_get_state()
521 state->lockfd = lockfd; in sshkey_xmss_get_state()
522 state->allow_update = 1; in sshkey_xmss_get_state()
523 lockfd = -1; in sshkey_xmss_get_state()
526 if (lockfd != -1) in sshkey_xmss_get_state()
537 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_forward_state() local
544 if (state == NULL || !state->allow_update) in sshkey_xmss_forward_state()
548 if (state->idx + reserve <= state->idx) in sshkey_xmss_forward_state()
554 while (reserve-- > 0) { in sshkey_xmss_forward_state()
555 state->idx = PEEK_U32(k->xmss_sk); in sshkey_xmss_forward_state()
557 if ((ret = xmss_sign(k->xmss_sk, sshkey_xmss_bds_state(k), in sshkey_xmss_forward_state()
570 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_update_state() local
576 int fd = -1; in sshkey_xmss_update_state()
579 if (state == NULL || !state->allow_update) in sshkey_xmss_update_state()
581 if (state->maxidx) { in sshkey_xmss_update_state()
586 idx = PEEK_U32(k->xmss_sk); in sshkey_xmss_update_state()
587 if (idx == state->idx) { in sshkey_xmss_update_state()
591 } else if (idx != state->idx + 1) { in sshkey_xmss_update_state()
592 PRINT("more than one signature happened: idx %u state %u", in sshkey_xmss_update_state()
593 idx, state->idx); in sshkey_xmss_update_state()
596 state->idx = idx; in sshkey_xmss_update_state()
597 if ((filename = k->xmss_filename) == NULL) in sshkey_xmss_update_state()
599 if (asprintf(&statefile, "%s.state", filename) == -1 || in sshkey_xmss_update_state()
600 asprintf(&ostatefile, "%s.ostate", filename) == -1 || in sshkey_xmss_update_state()
601 asprintf(&nstatefile, "%s.nstate", filename) == -1) { in sshkey_xmss_update_state()
618 if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) == -1) { in sshkey_xmss_update_state()
620 PRINT("open new state file: %s", nstatefile); in sshkey_xmss_update_state()
626 PRINT("write new state file hdr: %s", nstatefile); in sshkey_xmss_update_state()
633 PRINT("write new state file data: %s", nstatefile); in sshkey_xmss_update_state()
637 if (fsync(fd) == -1) { in sshkey_xmss_update_state()
639 PRINT("sync new state file: %s", nstatefile); in sshkey_xmss_update_state()
643 if (close(fd) == -1) { in sshkey_xmss_update_state()
645 PRINT("close new state file: %s", nstatefile); in sshkey_xmss_update_state()
648 if (state->have_state) { in sshkey_xmss_update_state()
652 PRINT("backup state %s to %s", statefile, ostatefile); in sshkey_xmss_update_state()
656 if (rename(nstatefile, statefile) == -1) { in sshkey_xmss_update_state()
663 if (state->lockfd != -1) { in sshkey_xmss_update_state()
664 close(state->lockfd); in sshkey_xmss_update_state()
665 state->lockfd = -1; in sshkey_xmss_update_state()
680 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_serialize_state() local
685 if (state == NULL) in sshkey_xmss_serialize_state()
687 if (state->stack == NULL) in sshkey_xmss_serialize_state()
689 state->stackoffset = state->bds.stackoffset; /* copy back */ in sshkey_xmss_serialize_state()
691 (r = sshbuf_put_u32(b, state->idx)) != 0 || in sshkey_xmss_serialize_state()
692 (r = sshbuf_put_string(b, state->stack, num_stack(state))) != 0 || in sshkey_xmss_serialize_state()
693 (r = sshbuf_put_u32(b, state->stackoffset)) != 0 || in sshkey_xmss_serialize_state()
694 (r = sshbuf_put_string(b, state->stacklevels, num_stacklevels(state))) != 0 || in sshkey_xmss_serialize_state()
695 (r = sshbuf_put_string(b, state->auth, num_auth(state))) != 0 || in sshkey_xmss_serialize_state()
696 (r = sshbuf_put_string(b, state->keep, num_keep(state))) != 0 || in sshkey_xmss_serialize_state()
697 (r = sshbuf_put_string(b, state->th_nodes, num_th_nodes(state))) != 0 || in sshkey_xmss_serialize_state()
698 (r = sshbuf_put_string(b, state->retain, num_retain(state))) != 0 || in sshkey_xmss_serialize_state()
699 (r = sshbuf_put_u32(b, num_treehash(state))) != 0) in sshkey_xmss_serialize_state()
701 for (i = 0; i < num_treehash(state); i++) { in sshkey_xmss_serialize_state()
702 th = &state->treehash[i]; in sshkey_xmss_serialize_state()
703 node = th->node - state->th_nodes; in sshkey_xmss_serialize_state()
704 if ((r = sshbuf_put_u32(b, th->h)) != 0 || in sshkey_xmss_serialize_state()
705 (r = sshbuf_put_u32(b, th->next_idx)) != 0 || in sshkey_xmss_serialize_state()
706 (r = sshbuf_put_u32(b, th->stackusage)) != 0 || in sshkey_xmss_serialize_state()
707 (r = sshbuf_put_u8(b, th->completed)) != 0 || in sshkey_xmss_serialize_state()
718 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_serialize_state_opt() local
722 if (state == NULL) in sshkey_xmss_serialize_state_opt()
737 have_stack = state->stack != NULL; in sshkey_xmss_serialize_state_opt()
741 state->idx = PEEK_U32(k->xmss_sk); /* update */ in sshkey_xmss_serialize_state_opt()
745 have_filename = k->xmss_filename != NULL; in sshkey_xmss_serialize_state_opt()
749 (r = sshbuf_put_cstring(b, k->xmss_filename)) != 0) in sshkey_xmss_serialize_state_opt()
751 have_enc = state->enc_keyiv != NULL; in sshkey_xmss_serialize_state_opt()
757 if ((r = sshbuf_put_u32(b, state->maxidx)) != 0 || in sshkey_xmss_serialize_state_opt()
758 (r = sshbuf_put_u8(b, state->allow_update)) != 0) in sshkey_xmss_serialize_state_opt()
774 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_deserialize_state() local
781 if (state == NULL) in sshkey_xmss_deserialize_state()
783 if (k->xmss_sk == NULL) in sshkey_xmss_deserialize_state()
785 if ((state->treehash = calloc(num_treehash(state), in sshkey_xmss_deserialize_state()
789 (r = sshbuf_get_u32(b, &state->idx)) != 0 || in sshkey_xmss_deserialize_state()
790 (r = sshbuf_get_string(b, &state->stack, &ls)) != 0 || in sshkey_xmss_deserialize_state()
791 (r = sshbuf_get_u32(b, &state->stackoffset)) != 0 || in sshkey_xmss_deserialize_state()
792 (r = sshbuf_get_string(b, &state->stacklevels, &lsl)) != 0 || in sshkey_xmss_deserialize_state()
793 (r = sshbuf_get_string(b, &state->auth, &la)) != 0 || in sshkey_xmss_deserialize_state()
794 (r = sshbuf_get_string(b, &state->keep, &lk)) != 0 || in sshkey_xmss_deserialize_state()
795 (r = sshbuf_get_string(b, &state->th_nodes, &ln)) != 0 || in sshkey_xmss_deserialize_state()
796 (r = sshbuf_get_string(b, &state->retain, &lr)) != 0 || in sshkey_xmss_deserialize_state()
804 if (ls != num_stack(state) || in sshkey_xmss_deserialize_state()
805 lsl != num_stacklevels(state) || in sshkey_xmss_deserialize_state()
806 la != num_auth(state) || in sshkey_xmss_deserialize_state()
807 lk != num_keep(state) || in sshkey_xmss_deserialize_state()
808 ln != num_th_nodes(state) || in sshkey_xmss_deserialize_state()
809 lr != num_retain(state) || in sshkey_xmss_deserialize_state()
810 lh != num_treehash(state)) { in sshkey_xmss_deserialize_state()
814 for (i = 0; i < num_treehash(state); i++) { in sshkey_xmss_deserialize_state()
815 th = &state->treehash[i]; in sshkey_xmss_deserialize_state()
816 if ((r = sshbuf_get_u32(b, &th->h)) != 0 || in sshkey_xmss_deserialize_state()
817 (r = sshbuf_get_u32(b, &th->next_idx)) != 0 || in sshkey_xmss_deserialize_state()
818 (r = sshbuf_get_u32(b, &th->stackusage)) != 0 || in sshkey_xmss_deserialize_state()
819 (r = sshbuf_get_u8(b, &th->completed)) != 0 || in sshkey_xmss_deserialize_state()
822 if (node < num_th_nodes(state)) in sshkey_xmss_deserialize_state()
823 th->node = &state->th_nodes[node]; in sshkey_xmss_deserialize_state()
825 POKE_U32(k->xmss_sk, state->idx); in sshkey_xmss_deserialize_state()
826 xmss_set_bds_state(&state->bds, state->stack, state->stackoffset, in sshkey_xmss_deserialize_state()
827 state->stacklevels, state->auth, state->keep, state->treehash, in sshkey_xmss_deserialize_state()
828 state->retain, 0); in sshkey_xmss_deserialize_state()
839 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_deserialize_state_opt() local
861 (r = sshbuf_get_cstring(b, &k->xmss_filename, NULL)) != 0) in sshkey_xmss_deserialize_state_opt()
868 if ((r = sshbuf_get_u32(b, &state->maxidx)) != 0 || in sshkey_xmss_deserialize_state_opt()
869 (r = sshbuf_get_u8(b, &state->allow_update)) != 0) in sshkey_xmss_deserialize_state_opt()
892 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_encrypt_state() local
902 if (state == NULL || in sshkey_xmss_encrypt_state()
903 state->enc_keyiv == NULL || in sshkey_xmss_encrypt_state()
904 state->enc_ciphername == NULL) in sshkey_xmss_encrypt_state()
906 if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { in sshkey_xmss_encrypt_state()
914 if (state->enc_keyiv_len != keylen + ivlen) { in sshkey_xmss_encrypt_state()
918 key = state->enc_keyiv; in sshkey_xmss_encrypt_state()
929 POKE_U32(iv, state->idx); in sshkey_xmss_encrypt_state()
932 (r = sshbuf_put_u32(encoded, state->idx)) != 0) in sshkey_xmss_encrypt_state()
935 /* padded state will be encrypted */ in sshkey_xmss_encrypt_state()
945 /* header including the length of state is used as AAD */ in sshkey_xmss_encrypt_state()
950 /* concat header and state */ in sshkey_xmss_encrypt_state()
983 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_decrypt_state() local
994 if (state == NULL || in sshkey_xmss_decrypt_state()
995 state->enc_keyiv == NULL || in sshkey_xmss_decrypt_state()
996 state->enc_ciphername == NULL) in sshkey_xmss_decrypt_state()
998 if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { in sshkey_xmss_decrypt_state()
1006 if (state->enc_keyiv_len != keylen + ivlen) { in sshkey_xmss_decrypt_state()
1010 key = state->enc_keyiv; in sshkey_xmss_decrypt_state()
1038 sshbuf_len(encoded) - authlen < encrypted_len) { in sshkey_xmss_decrypt_state()
1043 aadlen = sshbuf_len(copy) - sshbuf_len(encoded); in sshkey_xmss_decrypt_state()
1049 /* decrypt private state of key */ in sshkey_xmss_decrypt_state()
1087 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_signatures_left() local
1090 if (sshkey_type_plain(k->type) == KEY_XMSS && state && in sshkey_xmss_signatures_left()
1091 state->maxidx) { in sshkey_xmss_signatures_left()
1092 idx = k->xmss_sk ? PEEK_U32(k->xmss_sk) : state->idx; in sshkey_xmss_signatures_left()
1093 if (idx < state->maxidx) in sshkey_xmss_signatures_left()
1094 return state->maxidx - idx; in sshkey_xmss_signatures_left()
1102 struct ssh_xmss_state *state = k->xmss_state; in sshkey_xmss_enable_maxsign() local
1104 if (sshkey_type_plain(k->type) != KEY_XMSS) in sshkey_xmss_enable_maxsign()
1108 if (state->idx + maxsign < state->idx) in sshkey_xmss_enable_maxsign()
1110 state->maxidx = state->idx + maxsign; in sshkey_xmss_enable_maxsign()