Generate a DSA signing key pair (pk, sk) in a byte array.

Parameters

[out]	lpOutput	Buffer of sufficient length to receive the output pk||sk.
[in]	nOutBytes	Length of output buffer in bytes.
[in]	szParams	Optional parameters string. Set as NULL or "" to ignore.
[in]	nOptions	Select one signature algorithm from: Module-Lattice-Based Digital Signature Standard (ML-DSA) specified in FIPS.204 PQC_ML_DSA_44 / PQC_ML_DSA_65 / PQC_ML_DSA_87 Stateless Hash-Based Digital Signature Standard (SHL-DSA) specified in FIPS.205 PQC_SLH_DSA_SHA2_128F / PQC_SLH_DSA_SHA2_128S PQC_SLH_DSA_SHA2_192F / PQC_SLH_DSA_SHA2_192S PQC_SLH_DSA_SHA2_256F / PQC_SLH_DSA_SHA2_256S PQC_SLH_DSA_SHAKE_128F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_192F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_256F / PQC_SLH_DSA_SHAKE_256S

Returns

Number of bytes in or required for the output; or a negative error code.

Remarks

Output is pk||sk as a concatenated byte array.

Use szParams to pass known test random material encoded in hexadecimal [default=add fresh randomness]. For SLH-DSA pass a 3*n value SK.seed||SK.prf||PK.seed (48/72/96 bytes). For ML-DSA pass a 32-byte value seed (denoted ξ in FIPS.204).

Extract the public key from a private key.

Parameters

[out]	lpOutput	Buffer of sufficient length to receive the output.
[in]	nOutBytes	Length of output buffer in bytes.
	lpPrivateKey	Private key in a byte array.
	nKeyLen	Length of private key in bytes.
	nAlg	Select one option for DSA signature algorithm.

Returns

Number of bytes in or required for the output; or a negative error code.

Generate a DSA signature over a message.

Parameters

[out]	lpOutput	Buffer of sufficient length to receive the output.
[in]	nOutBytes	Length of output buffer in bytes.
[in]	lpMsg	Message to be signed.
[in]	nMsgLen	Message length in bytes.
[in]	lpPrivateKey	Private key encoded as a byte array.
[in]	nKeyLen	Length of private key in bytes.
[in]	lpContext	Optional context string in a byte array. Set as NULL to ignore.
[in]	nCtxLen	Length of context string in bytes (maximum 255). Set as 0 to ignore.
[in]	szParams	Optional parameters string. Set as NULL or "" to ignore.
[in]	nOptions	Select one signature algorithm from: Module-Lattice-Based Digital Signature Standard (ML-DSA) specified in FIPS.204 PQC_ML_DSA_44 / PQC_ML_DSA_65 / PQC_ML_DSA_87 Stateless Hash-Based Digital Signature Standard (SHL-DSA) specified in FIPS.205 PQC_SLH_DSA_SHA2_128F / PQC_SLH_DSA_SHA2_128S PQC_SLH_DSA_SHA2_192F / PQC_SLH_DSA_SHA2_192S PQC_SLH_DSA_SHA2_256F / PQC_SLH_DSA_SHA2_256S PQC_SLH_DSA_SHAKE_128F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_192F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_256F / PQC_SLH_DSA_SHAKE_256S and optionally add PQC_SIG_DETERMINISTIC to use the deterministic variant when signing [default = hedged mode with randomness]. Use the bitwise OR operator "|" to combine options. (For ML-DSA only) add the PQC_SIG_EXTERNAL_MU option flag to use the ExternalMu-ML-DSA.Sign algorithm (see remarks).

Returns

Number of bytes in or required for the output; or a negative error code.

Remarks

Use szParams to pass known test random material encoded in hexadecimal [default = add fresh randomness if in hedged mode]. For SLH-DSA pass a value addrnd of exactly n bytes (16|24|32 bytes). For ML-DSA pass a 32-byte value rnd.

When using the ExternalMu-ML-DSA.Sign option (ML-DSA only), pass the value of mu instead of the message in the parameter lpMsg. This must be exactly 64 bytes long. Caller is responsible for computing the value of mu independently prior to input.

For ML-DSA, the private key may be passed in expanded form (2560|4032|4896 bytes) or as a 32-byte seed. The key form is detected automatically by its length.

Generate a DSA signature over a pre-hashed message.

Parameters

[out]	lpOutput	Buffer of sufficient length to receive the output.
[in]	nOutBytes	Length of output buffer in bytes.
[in]	lpMsg	Hash digest of message to be signed PH_M = PH(M).
[in]	nMsgLen	Hash digest length in bytes.
[in]	nHashAlg	Pre-hash function PH(). Select one from PQC_DSA_PREHASH_SHA256 / PQC_DSA_PREHASH_SHA384 / PQC_DSA_PREHASH_SHA512 PQC_DSA_PREHASH_SHA512_256 / PQC_DSA_PREHASH_SHA3_256 PQC_DSA_PREHASH_SHA3_384 / PQC_DSA_PREHASH_SHA3_512 PQC_DSA_PREHASH_SHAKE128_256 / PQC_DSA_PREHASH_SHAKE256_512
[in]	lpPrivateKey	Private key encoded as a byte array.
[in]	nKeyLen	Length of private key in bytes.
[in]	lpContext	Optional context string in a byte array. Set as NULL to ignore.
[in]	nCtxLen	Length of context string in bytes (maximum 255). Set as 0 to ignore.
[in]	szParams	Optional parameters string. Set as NULL or "" to ignore.
[in]	nOptions	Select one signature algorithm from: Module-Lattice-Based Digital Signature Standard (ML-DSA) specified in FIPS-204 PQC_ML_DSA_44 / PQC_ML_DSA_65 / PQC_ML_DSA_87 Stateless Hash-Based Digital Signature Standard (SHL-DSA) specified in FIPS-205 PQC_SLH_DSA_SHA2_128F / PQC_SLH_DSA_SHA2_128S PQC_SLH_DSA_SHA2_192F / PQC_SLH_DSA_SHA2_192S PQC_SLH_DSA_SHA2_256F / PQC_SLH_DSA_SHA2_256S PQC_SLH_DSA_SHAKE_128F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_192F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_256F / PQC_SLH_DSA_SHAKE_256S and optionally add PQC_SIG_DETERMINISTIC to use the deterministic variant when signing [default = hedged mode with randomness]. Use the bitwise OR operator "|" to combine options.

Returns

Number of bytes in or required for the output; or a negative error code.

Remarks

Use szParams to pass known test random material encoded in hexadecimal [default = add fresh randomness if in hedged mode]. For SLH-DSA pass a value addrnd of exactly n bytes (16/24/32 bytes). For ML-DSA pass a 32-byte value rnd. For the pre-hash version, the hash digest of the message is passed instead of the message itself. Caller is responsible for computing the hash digest independently prior to input. The hash function used must be identifed in the nHashAlg parameter.

For ML-DSA, the private key may be passed in expanded form (2560|4032|4896 bytes) or as a 32-byte seed. The key form is detected automatically by its length.

Verify a DSA signature over a message.

Parameters

[in]	lpSignature	Signature in a byte array.
[in]	nSigLen	Signature length in bytes.
[in]	lpMsg	Message to be verified.
[in]	nMsgLen	Message length in bytes.
[in]	lpPublicKey	Public key encoded as a byte array.
[in]	nKeyLen	Length of public key in bytes.
[in]	lpContext	Same context string in a byte array as used when signing. Set as NULL to ignore.
[in]	nCtxLen	Length of context string in bytes (maximum 255). Set as 0 to ignore.
[in]	szParams	Optional parameters string. Set as NULL or "" to ignore. Not used in this version.
[in]	nOptions	Select one signature algorithm from: Module-Lattice-Based Digital Signature Standard (ML-DSA) specified in FIPS.204 PQC_ML_DSA_44 / PQC_ML_DSA_65 / PQC_ML_DSA_87 Stateless Hash-Based Digital Signature Standard (SHL-DSA) specified in FIPS.205 PQC_SLH_DSA_SHA2_128F / PQC_SLH_DSA_SHA2_128S PQC_SLH_DSA_SHA2_192F / PQC_SLH_DSA_SHA2_192S PQC_SLH_DSA_SHA2_256F / PQC_SLH_DSA_SHA2_256S PQC_SLH_DSA_SHAKE_128F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_192F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_256F / PQC_SLH_DSA_SHAKE_256S and optionally (for ML-DSA only) add the PQC_SIG_EXTERNAL_MU option flag to use the ExternalMu-ML-DSA.Verify algorithm (see remarks).

Returns

0 if signature is valid else a negative error code.

Remarks

When using the ExternalMu-ML-DSA.Verify option (ML-DSA only), pass the value of mu instead of the message in the parameter lpMsg. This must be exactly 64 bytes long. Caller is responsible for computing the value of mu independently prior to input.

Verify a DSA signature over a pre-hashed message.

Parameters

[in]	lpSignature	Signature in a byte array.
[in]	nSigLen	Signature length in bytes.
[in]	lpMsg	Hash digest of message to be verified PH_M = PH(M).
[in]	nMsgLen	Hash digest length in bytes.
[in]	nHashAlg	Pre-hash function PH(). Select one from PQC_DSA_PREHASH_SHA256 / PQC_DSA_PREHASH_SHA384 / PQC_DSA_PREHASH_SHA512 PQC_DSA_PREHASH_SHA512_256 / PQC_DSA_PREHASH_SHA3_256 PQC_DSA_PREHASH_SHA3_384 / PQC_DSA_PREHASH_SHA3_512 PQC_DSA_PREHASH_SHAKE128_256 / PQC_DSA_PREHASH_SHAKE256_512
[in]	lpPublicKey	Public key encoded as a byte array.
[in]	nKeyLen	Length of public key in bytes.
[in]	lpContext	Optional context string in a byte array. Set as NULL to ignore.
[in]	nCtxLen	Length of context string in bytes (maximum 255). Set as 0 to ignore.
[in]	szParams	Optional parameters string. Set as NULL or "" to ignore. Not used in this version.
[in]	nOptions	Select one signature algorithm from: Module-Lattice-Based Digital Signature Standard (ML-DSA) specified in FIPS.204 PQC_ML_DSA_44 / PQC_ML_DSA_65 / PQC_ML_DSA_87 Stateless Hash-Based Digital Signature Standard (SHL-DSA) specified in FIPS.205 PQC_SLH_DSA_SHA2_128F / PQC_SLH_DSA_SHA2_128S PQC_SLH_DSA_SHA2_192F / PQC_SLH_DSA_SHA2_192S PQC_SLH_DSA_SHA2_256F / PQC_SLH_DSA_SHA2_256S PQC_SLH_DSA_SHAKE_128F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_192F / PQC_SLH_DSA_SHAKE_128S PQC_SLH_DSA_SHAKE_256F / PQC_SLH_DSA_SHAKE_256S

Returns

0 if signature is valid else a negative error code.

Remarks

For the pre-hash version, the hash digest of the message is passed instead of the message itself. Caller is responsible for computing the hash digest independently prior to input. The hash function used must be identifed in the nHashAlg parameter.

Carry out the KEM decapsulation algorithm.

Parameters

[out]	lpOutput	Buffer of sufficient length to receive the output ss.
[in]	nOutBytes	Length of output buffer in bytes.
[in]	lpCipherText	Ciphertext ct in a byte array.
[in]	nCipherTextLen	Length of ciphertext in bytes.
[in]	lpDecapKey	Decapsulation key dk in bytes (either as 64-byte seed or in expanded form).
[in]	nDecapKeyLen	Length of decapsulation key in bytes.
[in]	szParams	Optional parameters string. Set as NULL or "" to ignore (for future use - not used in this release).
[in]	nOptions	Select one KEM algorithm from: Module-Lattice-based Key-Encapsulation Mechanism Standard (ML-KEM) specified in FIPS.203 PQC_ML_KEM_512 / PQC_ML_KEM_768 / PQC_ML_KEM_1024

Returns

Number of bytes in or required for the output; or a negative error code.

Remarks

Output is the shared secret key ss in a byte array. On failure, ss will contain a pseudo-random value.

The decapsulation (private) key may be passed in expanded form (1632|2400|3168 bytes) or as a 64-byte seed. The key form is detected automatically by its length.

Carry out the KEM encapsulation algorithm.

Parameters

[out]	lpOutput	Buffer of sufficient length to receive the output ss||ct.
[in]	nOutBytes	Length of output buffer in bytes.
[in]	lpEncapKey	Encapsulation key ek in a byte array.
[in]	nEncapKeyLen	Length of encapsulation key in bytes.
[in]	szParams	Optional parameters string. Set as NULL or "" to ignore.
[in]	nOptions	Select one KEM algorithm from: Module-Lattice-based Key-Encapsulation Mechanism Standard (ML-KEM) specified in FIPS.203 PQC_ML_KEM_512 / PQC_ML_KEM_768 / PQC_ML_KEM_1024

Returns

Number of bytes in or required for the output; or a negative error code.

Remarks

Output is ss||ct as a concatenated pair of byte arrays, where ss is the shared key and ct is the ciphertext.

Use szParams to pass known test random material of exactly 32 bytes (m) encoded in hexadecimal [default=add fresh randomness].

Generate a KEM encapsulation/decapsulation key pair (ek, dk).

Parameters

[out]	lpOutput	Buffer of sufficient length to receive the output ek||dk.
[in]	nOutBytes	Length of output buffer in bytes.
[in]	szParams	Optional parameters string. Set as NULL or "" to ignore.
[in]	nOptions	Select one KEM algorithm from: Module-Lattice-based Key-Encapsulation Mechanism Standard (ML-KEM) specified in FIPS.203 PQC_ML_KEM_512 / PQC_ML_KEM_768 / PQC_ML_KEM_1024

Returns

Number of bytes in or required for the output; or a negative error code.

Remarks

Output is ek||dk as a concatenated pair of byte arrays, where ek is the encapsulation key ("public key") and dk the decapsulation key ("private key").

Use szParams to pass known test random material of exactly 64 bytes (d||z) encoded in hexadecimal [default=add fresh randomness].

Get the algorithm name from its code.

Parameters

[out]	szOutput	Buffer to receive output string.
[in]	nOutChars	Maximum number of characters to be received in output buffer.
[in]	nOptions	Algorithm code.

Returns

Number of characters in or required for output string.

Remarks

Example:

char namebuf[256];

PQC_AlgName(namebuf, sizeof(namebuf) - 1, PQC_ML_DSA_65);

printf("PQC_AlgName=[%s]\n", namebuf); // PQC_AlgName=[ML-DSA-65]

PQC_AlgName

long PQC_AlgName(char *szOutput, long nOutChars, long nOptions)

Get the algorithm name from its code.

Get information about the core native diCrPQC DLL.

Parameters

[out]	szOutput	Buffer to receive output string.
[in]	nOutChars	Maximum number of characters to be received in output buffer.
[in]	nOptions	For future use.

Returns

Number of characters in or required for output string.

Remarks

Platform is the platform the core native DLL was compiled for: Win32 or X64.

"Platform=X64;Compiled=Apr 2 2024 19:13:31;Licence=T"

Look up description for error code.

Parameters

[out]	szOutput	Buffer to receive output string.
[in]	nOutChars	Maximum number of characters to be received in output buffer.
[in]	nErrCode	Value of error code to lookup (may be positive or negative).

Returns

Number of characters in or required for output string, or zero if no corresponding error code.

Remarks

Example:

char buf[256];

long nErrCode = -6;

long r = PQC_ErrorLookup(buf, sizeof(buf) - 1, nErrCode);

if (r > 0) printf("Error %ld: %s\n", nErrCode, buf);

PQC_ErrorLookup

long PQC_ErrorLookup(char *szOutput, long nOutChars, long nErrCode)

Look up description for error code.

Output:

Error -6: Parameter is wrong or missing (BAD_PARAM_ERROR)

Get full path name of core DLL module.

Parameters

[out]	szOut	Buffer to receive output string
[in]	nOutChars	Maximum length of output string in bytes.
[in]	nOptions	Not used. Specify zero.

Returns

Number of characters in or required for output string; or a negative error code

Remarks

This may return C:\Windows\System32 when it is really C:\Windows\SysWOW64.

Example

"C:\Windows\System32\diCrPQC.dll"

Get version number of the core DLL.

Returns

Version number as an integer in the form major*10000+minor*100+revision, e.g. core DLL file version 1.2.x.3 will return 10203.

Generate a random set of bytes suitable for cryptographic use.

Parameters

[out]	lpOutput	Buffer to receive the random data.
[in]	nOutBytes	Length of output buffer in bytes.
[in]	lpSeed	Optional seed containing "user-supplied entropy" to be used by the random number generator. Specify an empty string ("") or NULL to ignore.
[in]	nSeedLen	Length of the seed string.

Returns

If successful, the return value is zero.

Remarks

If Intel(R) DRNG support is available on your system, then 256 bytes of SP800-90 compliant RNG entropy will be added automatically on first use of this function.

Initialize the RNG generator using a seed file.

Parameters

[in]	szSeedFile	Full path name of seed file.
[in]	nOptions	Not used - specify zero (0).

Returns

If successful, the return value is zero.

Remarks

Use this function if Intel(R) DRNG is not available on your system (check using RNG_InitializeEx()). Call at the start of a session to load entropy stored in the seed file, and use again at the end of a session to save any accumulated entropy. If the seed file does not exist, it will be created using any available entropy. The seed file is automatically updated by this procedure. Use RNG_MakeSeedFile() to create the first time.

Query and initialize the RNG generator using Intel(R) DRNG, if available.

Parameters

[in]

nOptions

Specify PQC_RNG_NO_INTEL_DRNG to explicitly turn off support, else use zero (0).

Returns

Support status for Intel(R) DRNG. If available, then returns a positive value 1 or greater; else a negative error code.

Remarks

Use the NO_INTEL_DRNG option if for some reason it is interfering with your application.

Create a new seed file suitable for use with RNG_Initialize().

Parameters

[in]	szSeedFile	Full path name of seed file to be created. Any existing file of the same name will be overwritten without warning.
[in]	szPrompt	Optional prompt. Specify NULL or ‘"’` for default prompt.
[in]	nOptions	Select one of: PQC_DEFAULT (0) for default options PQC_RNG_STRENGTH_112 to make user generate an estimated 112 bits of security PQC_RNG_STRENGTH_128 to make user generate an estimated 128 bits of security (default) PQC_RNG_STRENGTH_192 to make user generate an estimated 192 bits of security PQC_RNG_STRENGTH_256 to make user generate an estimated 256 bits of security

Returns

If successful, the return value is zero.

Remarks

This uses a console dialog window and expects the user to type in random keystrokes. Such a GUI interface may not be appropriate in some circumstances.

Encode an array of bytes into a hexadecimal-encoded string.

Parameters

[out]	szOutput	Buffer to receive encoded string.
[in]	nOutChars	Maximum number of characters to be received in output buffer.
[in]	lpInput	Byte array to be encoded.
[in]	nInputLen	Number of bytes to be encoded.

Returns

Number of characters in or required for output string; or a negative error code.

Remarks

Pass a NULL szOutput or zero nOutChars to find the required number of characters (then add one for the terminating null). HINT: the answer is two times the number of bytes.

Decode a hexadecimal-encoded string into an array of bytes.

Parameters

[out]	lpOutput	Buffer of sufficient length to receive the output.
[in]	nOutBytes	Length of output buffer in bytes.
[in]	szInput	Hexadecimal-encoded data to be decoded.

Returns

Number of bytes in or required for the output; or a negative error code.

Remarks

Expecting input to be a string of printable ASCII characters in the range [0-9A-Fa-f]. Whitespace and ASCII punctuation characters are allowed and will be ignored (e.g. DE:AD:BE:AF is OK), but those in the range [G-Zg-z] that are obviously non-hex will cause an error.

Pass a NULL lpOutput or zero nOutBytes to find the required number of bytes (this may be an upper bound).

Extract a substring of a string.

Parameters

[out]	szOutput	Buffer to receive output string (must exist and be long enough).
[in]	nOutChars	Maximum number of characters to be received in output buffer (excluding terminating zero).
[in]	szInput	Source string.
[in]	nStart	Start index (0 is the first character in the string). A negative value means count backwards from end of string.
[in]	nLen	Length of substring to extract (specify 0 to indicate all characters to end of string).

Returns

Number of characters in output string or a negative error code.

Remarks

Examples:

char *src = "The quick brown fox jumps over the lazy dog";

char dest[256];

UTIL_Substring(dest, sizeof(dest)-1, src, 0, 3);

printf("%s\n", dest); // The

UTIL_Substring(dest, sizeof(dest)-1, src, 4, 5);

printf("%s\n", dest); // quick

UTIL_Substring(dest, sizeof(dest)-1, src, -8, 4);

printf("%s\n", dest); // lazy

UTIL_Substring(dest, sizeof(dest)-1, src, -8, 0);

printf("%s\n", dest); // lazy dog

UTIL_Substring

long UTIL_Substring(char *szOutput, long nOutChars, const char *szInput, long nStart, long nLen)

Extract a substring of a string.

It is an error (NULL_ERROR) if szOutput is NULL.

Extract a substring of a byte array.

Parameters

[out]	lpOutput	Buffer to receive output byte array (must exist and be long enough).
[in]	nOutBytes	Maximum number of bytes to be received in output buffer.
[in]	lpInput	Source byte array.
[in]	nInputLen	Length of source in bytes.
[in]	nStart	Start index (0 is the first byte in the array). A negative value means count backwards from end of array.
[in]	nLen	Length of substring to extract (specify 0 to indicate all bytes to end of array).

Returns

Number of bytes in output array.

Remarks

It is an error (NULL_ERROR) if lpOutput is NULL.