Botan 3.10.0
Crypto and TLS for C&
Public Types | Public Member Functions | Static Public Member Functions | List of all members
Botan::Roughtime::Response Class Referencefinal

#include <roughtime.h>

Public Types

using microseconds32 = std::chrono::duration<uint32_t, std::micro>
using microseconds64 = std::chrono::duration<uint64_t, std::micro>
using sys_microseconds64 = std::chrono::time_point<std::chrono::system_clock, microseconds64>

Public Member Functions

sys_microseconds64 utc_midpoint () const
microseconds32 utc_radius () const
bool validate (const Ed25519_PublicKey &pk) const

Static Public Member Functions

static Response from_bits (const std::vector< uint8_t > &response, const Nonce &nonce)

Detailed Description

An Roughtime response.

Definition at line 57 of file roughtime.h.

Member Typedef Documentation

◆ microseconds32

using Botan::Roughtime::Response::microseconds32 = std::chrono::duration<uint32_t, std::micro>

Definition at line 59 of file roughtime.h.

◆ microseconds64

using Botan::Roughtime::Response::microseconds64 = std::chrono::duration<uint64_t, std::micro>

Definition at line 60 of file roughtime.h.

◆ sys_microseconds64

using Botan::Roughtime::Response::sys_microseconds64 = std::chrono::time_point<std::chrono::system_clock, microseconds64>

Definition at line 61 of file roughtime.h.

Member Function Documentation

◆ from_bits()

Response Botan::Roughtime::Response::from_bits ( const std::vector< uint8_t > & response,
const Nonce & nonce )
static

Definition at line 174 of file roughtime.cpp.

174 {
175 const auto response_v = unpack_roughtime_packet(response);
176 const auto cert = unpack_roughtime_packet(get_v(response_v, "CERT"));
177 const auto cert_dele = get<std::array<uint8_t, 72>>(cert, "DELE");
178 const auto cert_sig = get<std::array<uint8_t, 64>>(cert, "SIG");
179 const auto cert_dele_v = unpack_roughtime_packet(cert_dele);
180 const auto srep = get_v(response_v, "SREP");
181 const auto srep_v = unpack_roughtime_packet(srep);
182
183 const auto cert_dele_pubk = get<std::array<uint8_t, 32>>(cert_dele_v, "PUBK");
184 const auto sig = get<std::array<uint8_t, 64>>(response_v, "SIG");
185 if(!verify_signature(cert_dele_pubk, srep, sig)) {
186 throw Roughtime_Error("Response signature invalid");
187 }
188
189 const auto indx = get<uint32_t>(response_v, "INDX");
190 const auto path = get_v(response_v, "PATH");
191 const auto srep_root = get<std::array<uint8_t, 64>>(srep_v, "ROOT");
192 const size_t size = path.size();
193 const size_t levels = size / 64;
194
195 if(size % 64 != 0) {
196 throw Roughtime_Error("Merkle tree path size must be multiple of 64 bytes");
197 }
198 if(indx >= (1U << levels)) {
199 throw Roughtime_Error("Merkle tree path is too short");
200 }
201
202 BufferSlicer slicer(path);
203 auto hash = hashLeaf(nonce.get_nonce());
204 auto index = indx;
205 for(std::size_t level = 0; level < levels; ++level) {
206 hashNode(hash, slicer.take<64>(), index % 2 == 1);
207 index >>= 1;
208 }
209
210 if(srep_root != hash) {
211 throw Roughtime_Error("Nonce verification failed");
212 }
213
214 const auto cert_dele_maxt = sys_microseconds64(get<microseconds64>(cert_dele_v, "MAXT"));
215 const auto cert_dele_mint = sys_microseconds64(get<microseconds64>(cert_dele_v, "MINT"));
216 const auto srep_midp = sys_microseconds64(get<microseconds64>(srep_v, "MIDP"));
217 const auto srep_radi = get<microseconds32>(srep_v, "RADI");
218 if(srep_midp < cert_dele_mint) {
219 throw Roughtime_Error("Midpoint earlier than delegation start");
220 }
221 if(srep_midp > cert_dele_maxt) {
222 throw Roughtime_Error("Midpoint later than delegation end");
223 }
224 return {cert_dele, cert_sig, srep_midp, srep_radi};
225}
Botan::Roughtime::Response::sys_microseconds64
std::chrono::time_point< std::chrono::system_clock, microseconds64 > sys_microseconds64
Definition roughtime.h:61
Botan::verify_signature
bool verify_signature(std::span< const uint8_t, ED448_LEN > pk, bool phflag, std::span< const uint8_t > context, std::span< const uint8_t > sig, std::span< const uint8_t > msg)
Verify a signature(RFC 8032 5.2.7).
Definition ed448_internal.cpp:283

References Botan::Roughtime::Nonce::get_nonce(), Botan::BufferSlicer::take(), and Botan::verify_signature().

Referenced by Botan::Roughtime::Chain::responses().

◆ utc_midpoint()

sys_microseconds64 Botan::Roughtime::Response::utc_midpoint ( ) const
inline

Definition at line 67 of file roughtime.h.

67{ return m_utc_midpoint; }

◆ utc_radius()

microseconds32 Botan::Roughtime::Response::utc_radius ( ) const
inline

Definition at line 69 of file roughtime.h.

69{ return m_utc_radius; }

◆ validate()

bool Botan::Roughtime::Response::validate ( const Ed25519_PublicKey & pk) const

Definition at line 227 of file roughtime.cpp.

227 {
228 constexpr std::string_view context("RoughTime v1 delegation signature--\0", 36);
229 PK_Verifier verifier(pk, "Pure");
230 verifier.update(context);
231 verifier.update(m_cert_dele.data(), m_cert_dele.size());
232 return verifier.check_signature(m_cert_sig.data(), m_cert_sig.size());
233}

References Botan::PK_Verifier::check_signature(), and Botan::PK_Verifier::update().

The documentation for this class was generated from the following files:
Generated by doxygen 1.15.0