Botan 3.5.0
Crypto and TLS for C&
Botan::Roughtime::Response Class Referencefinal

#include <roughtime.h>

Public Types

using microseconds32 = std::chrono::duration<uint32_t, std::micro>
 
using microseconds64 = std::chrono::duration<uint64_t, std::micro>
 
using sys_microseconds64 = std::chrono::time_point<std::chrono::system_clock, microseconds64>
 

Public Member Functions

sys_microseconds64 utc_midpoint () const
 
microseconds32 utc_radius () const
 
bool validate (const Ed25519_PublicKey &pk) const
 

Static Public Member Functions

static Response from_bits (const std::vector< uint8_t > &response, const Nonce &nonce)
 

Detailed Description

An Roughtime response.

Definition at line 57 of file roughtime.h.

Member Typedef Documentation

◆ microseconds32

using Botan::Roughtime::Response::microseconds32 = std::chrono::duration<uint32_t, std::micro>

Definition at line 59 of file roughtime.h.

◆ microseconds64

using Botan::Roughtime::Response::microseconds64 = std::chrono::duration<uint64_t, std::micro>

Definition at line 60 of file roughtime.h.

◆ sys_microseconds64

using Botan::Roughtime::Response::sys_microseconds64 = std::chrono::time_point<std::chrono::system_clock, microseconds64>

Definition at line 61 of file roughtime.h.

Member Function Documentation

◆ from_bits()

Response Botan::Roughtime::Response::from_bits ( const std::vector< uint8_t > & response,
const Nonce & nonce )
static

Definition at line 175 of file roughtime.cpp.

175 {
176 const auto response_v = unpack_roughtime_packet(response);
177 const auto cert = unpack_roughtime_packet(get_v(response_v, "CERT"));
178 const auto cert_dele = get<std::array<uint8_t, 72>>(cert, "DELE");
179 const auto cert_sig = get<std::array<uint8_t, 64>>(cert, "SIG");
180 const auto cert_dele_v = unpack_roughtime_packet(cert_dele);
181 const auto srep = get_v(response_v, "SREP");
182 const auto srep_v = unpack_roughtime_packet(srep);
183
184 const auto cert_dele_pubk = get<std::array<uint8_t, 32>>(cert_dele_v, "PUBK");
185 const auto sig = get<std::array<uint8_t, 64>>(response_v, "SIG");
186 if(!verify_signature(cert_dele_pubk, srep, sig)) {
187 throw Roughtime_Error("Response signature invalid");
188 }
189
190 const auto indx = get<uint32_t>(response_v, "INDX");
191 const auto path = get_v(response_v, "PATH");
192 const auto srep_root = get<std::array<uint8_t, 64>>(srep_v, "ROOT");
193 const size_t size = path.size();
194 const size_t levels = size / 64;
195
196 if(size % 64) {
197 throw Roughtime_Error("Merkle tree path size must be multiple of 64 bytes");
198 }
199 if(indx >= (1U << levels)) {
200 throw Roughtime_Error("Merkle tree path is too short");
201 }
202
203 auto hash = hashLeaf(nonce.get_nonce());
204 auto index = indx;
205 size_t level = 0;
206 while(level < levels) {
207 hashNode(hash, typecast_copy<std::array<uint8_t, 64>>(path.data() + level * 64), index & 1);
208 ++level;
209 index >>= 1;
210 }
211
212 if(srep_root != hash) {
213 throw Roughtime_Error("Nonce verification failed");
214 }
215
216 const auto cert_dele_maxt = sys_microseconds64(get<microseconds64>(cert_dele_v, "MAXT"));
217 const auto cert_dele_mint = sys_microseconds64(get<microseconds64>(cert_dele_v, "MINT"));
218 const auto srep_midp = sys_microseconds64(get<microseconds64>(srep_v, "MIDP"));
219 const auto srep_radi = get<microseconds32>(srep_v, "RADI");
220 if(srep_midp < cert_dele_mint) {
221 throw Roughtime_Error("Midpoint earlier than delegation start");
222 }
223 if(srep_midp > cert_dele_maxt) {
224 throw Roughtime_Error("Midpoint later than delegation end");
225 }
226 return {cert_dele, cert_sig, srep_midp, srep_radi};
227}
std::chrono::time_point< std::chrono::system_clock, microseconds64 > sys_microseconds64
Definition roughtime.h:61
bool verify_signature(std::span< const uint8_t, ED448_LEN > pk, bool phflag, std::span< const uint8_t > context, std::span< const uint8_t > sig, std::span< const uint8_t > msg)
Verify a signature(RFC 8032 5.2.7)
constexpr void typecast_copy(ToR &&out, FromR &&in)
Definition mem_ops.h:178

References Botan::Roughtime::Nonce::get_nonce(), Botan::typecast_copy(), and Botan::verify_signature().

Referenced by Botan::Roughtime::Chain::responses().

◆ utc_midpoint()

sys_microseconds64 Botan::Roughtime::Response::utc_midpoint ( ) const
inline

Definition at line 67 of file roughtime.h.

67{ return m_utc_midpoint; }

◆ utc_radius()

microseconds32 Botan::Roughtime::Response::utc_radius ( ) const
inline

Definition at line 69 of file roughtime.h.

69{ return m_utc_radius; }

◆ validate()

bool Botan::Roughtime::Response::validate ( const Ed25519_PublicKey & pk) const

Definition at line 229 of file roughtime.cpp.

229 {
230 const char context[] = "RoughTime v1 delegation signature--";
231 PK_Verifier verifier(pk, "Pure");
232 verifier.update(cast_char_ptr_to_uint8(context), sizeof(context)); //add context including \0
233 verifier.update(m_cert_dele.data(), m_cert_dele.size());
234 return verifier.check_signature(m_cert_sig.data(), m_cert_sig.size());
235}
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition mem_ops.h:273

References Botan::cast_char_ptr_to_uint8(), Botan::PK_Verifier::check_signature(), and Botan::PK_Verifier::update().


The documentation for this class was generated from the following files: