Botan::HSS_LMS_PublicKeyInternal Class Reference

The internal HSS-LMS public key. More...

#include <hss.h>

Public Member Functions
std::string	algo_name () const
	The algorithm name for HSS-LMS.
AlgorithmIdentifier	algorithm_identifier () const
	The algorithm identifier for HSS-LMS.
	HSS_LMS_PublicKeyInternal (HSS_Level L, LMS_PublicKey top_lms_pub_key)
const LMS_PublicKey &	lms_pub_key () const
	Returns the public LMS key of the top LMS tree.
OID	object_identifier () const
	The object identifier for HSS-LMS.
size_t	size () const
	Returns the size in bytes the key would have in its encoded format.
std::vector< uint8_t >	to_bytes () const
	Returns the key in its encoded format.
bool	verify_signature (std::span< const uint8_t > msg, const HSS_Signature &sig) const
	Verify a HSS-LMS signature.

Static Public Member Functions
static HSS_LMS_PublicKeyInternal	create (const HSS_LMS_PrivateKeyInternal &hss_sk)
	Create the public HSS-LMS key from its private key.
static std::shared_ptr< HSS_LMS_PublicKeyInternal >	from_bytes_or_throw (std::span< const uint8_t > key_bytes)
	Parse a public HSS-LMS key.

Detailed Description

The internal HSS-LMS public key.

Format according to RFC 8554: u32str(L) || pub[0]

Definition at line 240 of file hss.h.

Constructor & Destructor Documentation

HSS_LMS_PublicKeyInternal()

Botan::HSS_LMS_PublicKeyInternal::HSS_LMS_PublicKeyInternal ( HSS_Level L, LMS_PublicKey top_lms_pub_key )

inline

Definition at line 259 of file hss.h.

                                                                            :
            m_L(L), m_top_lms_pub_key(std::move(top_lms_pub_key)) {}

Referenced by create().

Member Function Documentation

algo_name()

std::string Botan::HSS_LMS_PublicKeyInternal::algo_name ( ) const

inline

The algorithm name for HSS-LMS.

Definition at line 290 of file hss.h.

{ return "HSS-LMS"; }

Referenced by object_identifier().

algorithm_identifier()

AlgorithmIdentifier Botan::HSS_LMS_PublicKeyInternal::algorithm_identifier

(

)

const

The algorithm identifier for HSS-LMS.

Definition at line 330 of file hss.cpp.

                                                                          {
   return AlgorithmIdentifier(object_identifier(), AlgorithmIdentifier::USE_EMPTY_PARAM);
}

References object_identifier(), and Botan::AlgorithmIdentifier::USE_EMPTY_PARAM.

create()

HSS_LMS_PublicKeyInternal Botan::HSS_LMS_PublicKeyInternal::create ( const HSS_LMS_PrivateKeyInternal & hss_sk )

static

Create the public HSS-LMS key from its private key.

Parameters

hss_sk

The private HSS-LMS key.

Returns

The internal HSS-LMS public key.

Definition at line 297 of file hss.cpp.

                                                                                                    {
   auto& hss_params = hss_sk.hss_params();
 
   const auto root_sk = hss_sk.hss_derive_root_lms_private_key();
   LMS_PublicKey top_pub_key = LMS_PublicKey(root_sk);
 
   return HSS_LMS_PublicKeyInternal(hss_params.L(), std::move(top_pub_key));
}

References Botan::HSS_LMS_PrivateKeyInternal::hss_derive_root_lms_private_key(), HSS_LMS_PublicKeyInternal(), and Botan::HSS_LMS_PrivateKeyInternal::hss_params().

Referenced by Botan::HSS_LMS_PrivateKey::HSS_LMS_PrivateKey(), and Botan::HSS_LMS_PrivateKey::HSS_LMS_PrivateKey().

from_bytes_or_throw()

std::shared_ptr< HSS_LMS_PublicKeyInternal > Botan::HSS_LMS_PublicKeyInternal::from_bytes_or_throw ( std::span< const uint8_t > key_bytes )

static

Parse a public HSS-LMS key.

Parameters

key_bytes

The public key bytes to parse.

Returns

The internal HSS-LMS public key.

Exceptions

Decoding_Error

If parsing the public key fails.

Definition at line 306 of file hss.cpp.

                                     {
   if(key_bytes.size() < sizeof(HSS_Level)) {
      throw Decoding_Error("Too few public key bytes.");
   }
   BufferSlicer slicer(key_bytes);
 
   const auto L = load_be<HSS_Level>(slicer.take<sizeof(HSS_Level)>());
   if(L > HSS_MAX_LEVELS) {
      throw Decoding_Error("Invalid number of HSS layers in public HSS-LMS key.");
   }
 
   LMS_PublicKey lms_pub_key = LMS_PublicKey::from_bytes_or_throw(slicer);
 
   if(!slicer.empty()) {
      throw Decoding_Error("Public HSS-LMS key contains more bytes than expected.");
   }
   return std::make_shared<HSS_LMS_PublicKeyInternal>(L, std::move(lms_pub_key));
}

References Botan::BufferSlicer::empty(), Botan::LMS_PublicKey::from_bytes_or_throw(), lms_pub_key(), Botan::load_be(), and Botan::BufferSlicer::take().

lms_pub_key()

const LMS_PublicKey & Botan::HSS_LMS_PublicKeyInternal::lms_pub_key ( ) const

inline

Returns the public LMS key of the top LMS tree.

Definition at line 270 of file hss.h.

{ return m_top_lms_pub_key; }

Referenced by from_bytes_or_throw(), and verify_signature().

object_identifier()

OID Botan::HSS_LMS_PublicKeyInternal::object_identifier

(

)

const

The object identifier for HSS-LMS.

Definition at line 334 of file hss.cpp.

                                                       {
   return OID::from_string(algo_name());
}

References algo_name(), and Botan::OID::from_string().

Referenced by algorithm_identifier().

size()

size_t Botan::HSS_LMS_PublicKeyInternal::size

(

)

const

Returns the size in bytes the key would have in its encoded format.

Definition at line 338 of file hss.cpp.

                                             {
   return sizeof(m_L) + LMS_PublicKey::size(m_top_lms_pub_key.lms_params());
}

References Botan::LMS_Instance::lms_params(), and Botan::LMS_PublicKey::size().

to_bytes()

std::vector< uint8_t > Botan::HSS_LMS_PublicKeyInternal::to_bytes

(

)

const

Returns the key in its encoded format.

Definition at line 326 of file hss.cpp.

                                                             {
   return concat<std::vector<uint8_t>>(store_be(m_L), m_top_lms_pub_key.to_bytes());
}

References Botan::concat(), Botan::store_be(), and Botan::LMS_PublicKey::to_bytes().

verify_signature()

bool Botan::HSS_LMS_PublicKeyInternal::verify_signature	(	std::span< const uint8_t >	msg,
		const HSS_Signature &	sig ) const

Verify a HSS-LMS signature.

See RFC 8554 6.3.

Parameters

msg	The signed message.
sig	The already parsed HSS-LMS signature.

Returns

True iff the signature is valid.

Definition at line 342 of file hss.cpp.

                                                                                                           {
   if(checked_cast_to<HSS_Level>(sig.Nspk()) + 1 != m_L) {
      // HSS levels in the public key does not match with the signature's
      return false;
   }
 
   const LMS_PublicKey* lms_pk = &lms_pub_key();
   const auto hash_name = lms_pk->lms_params().hash_name();
 
   // Verify the signature by the above layer over the LMS public keys for layer 1 to Nspk.
   for(HSS_Level layer(0); layer < sig.Nspk(); ++layer) {
      const HSS_Signature::Signed_Pub_Key& signed_pub_key = sig.signed_pub_key(layer);
      if(signed_pub_key.public_key().lms_params().hash_name() != hash_name ||
         signed_pub_key.public_key().lmots_params().hash_name() != hash_name) {
         // We do not allow HSS-LMS instances with multiple different hash functions.
         return false;
      }
      if(!lms_pk->verify_signature(LMS_Message(signed_pub_key.public_key().to_bytes()), signed_pub_key.signature())) {
         return false;
      }
      lms_pk = &signed_pub_key.public_key();
   }
 
   // Verify the signature by the bottom layer over the message.
   return lms_pk->verify_signature(LMS_Message(msg), sig.bottom_sig());
}

References Botan::HSS_Signature::bottom_sig(), Botan::checked_cast_to(), Botan::LMOTS_Params::hash_name(), Botan::LMS_Params::hash_name(), Botan::LMS_Instance::lmots_params(), Botan::LMS_Instance::lms_params(), lms_pub_key(), Botan::HSS_Signature::Nspk(), Botan::HSS_Signature::Signed_Pub_Key::public_key(), Botan::HSS_Signature::Signed_Pub_Key::signature(), Botan::HSS_Signature::signed_pub_key(), Botan::LMS_PublicKey::to_bytes(), and Botan::LMS_PublicKey::verify_signature().

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/hss_lms/hss.h
• src/lib/pubkey/hss_lms/hss.cpp