Botan::Sphincs_Hash_Functions Class Reference

#include <sp_hash.h>

Inheritance diagram for Botan::Sphincs_Hash_Functions:

Public Member Functions
std::tuple< SphincsHashedMessage, XmssTreeIndexInLayer, TreeNodeIndex >	H_msg (StrongSpan< const SphincsMessageRandomness > r, const SphincsTreeNode &root, const SphincsMessageInternal &message)
virtual std::string	msg_hash_function_name () const =0
void	PRF (StrongSpan< ForsLeafSecret > out, const SphincsSecretSeed &sk_seed, const Sphincs_Address &address)
void	PRF (StrongSpan< WotsNode > out, const SphincsSecretSeed &sk_seed, const Sphincs_Address &address)
virtual void	PRF_msg (StrongSpan< SphincsMessageRandomness > out, StrongSpan< const SphincsSecretPRF > sk_prf, StrongSpan< const SphincsOptionalRandomness > opt_rand, const SphincsMessageInternal &msg)=0
template<typename OutT = std::vector<uint8_t>, typename... BufferTs>
OutT	T (const Sphincs_Address &address, BufferTs &&... in)
template<typename... BufferTs>
void	T (std::span< uint8_t > out, const Sphincs_Address &address, BufferTs &&... in)
virtual	~Sphincs_Hash_Functions ()=default

Static Public Member Functions
static std::unique_ptr< Sphincs_Hash_Functions >	create (const Sphincs_Parameters &sphincs_params, const SphincsPublicSeed &pub_seed)

Protected Member Functions
virtual std::vector< uint8_t >	H_msg_digest (StrongSpan< const SphincsMessageRandomness > r, const SphincsTreeNode &root, const SphincsMessageInternal &message)=0
	Sphincs_Hash_Functions (const Sphincs_Parameters &sphincs_params, const SphincsPublicSeed &pub_seed)
virtual HashFunction &	tweak_hash (const Sphincs_Address &address, size_t input_length)=0

Protected Attributes
const SphincsPublicSeed &	m_pub_seed
const Sphincs_Parameters &	m_sphincs_params

Detailed Description

A collection of pseudorandom hash functions required for SLH-DSA computations. See FIPS 205, Section 11.2.1 and 11.2.2.

Definition at line 23 of file sp_hash.h.

Constructor & Destructor Documentation

~Sphincs_Hash_Functions()

virtual Botan::Sphincs_Hash_Functions::~Sphincs_Hash_Functions ( )

virtualdefault

Sphincs_Hash_Functions()

Botan::Sphincs_Hash_Functions::Sphincs_Hash_Functions ( const Sphincs_Parameters & sphincs_params, const SphincsPublicSeed & pub_seed )

protected

Definition at line 30 of file sp_hash.cpp.

                                                                                  :
      m_sphincs_params(sphincs_params), m_pub_seed(pub_seed) {}

Member Function Documentation

create()

std::unique_ptr< Sphincs_Hash_Functions > Botan::Sphincs_Hash_Functions::create ( const Sphincs_Parameters & sphincs_params, const SphincsPublicSeed & pub_seed )

static

Creates a Sphincs_Hash_Functions object instantiating the hash functions used for the specified sphincs_params. The pub_seed is used to seed the hash functions (possibly padded). This is pre-computed and the respective state is copied on the further calls on H(seed) with tweak_hash, i.e., T and PRF.

Definition at line 34 of file sp_hash.cpp.

                                                                                                          {
   switch(sphincs_params.hash_type()) {
      case Sphincs_Hash_Type::Sha256:
#if defined(BOTAN_HAS_SPHINCS_PLUS_SHA2_BASE)
         return std::make_unique<Sphincs_Hash_Functions_Sha2>(sphincs_params, pub_seed);
#else
         throw Not_Implemented("SLH-DSA (or SPHINCS+) with SHA-256 is not available in this build");
#endif
 
      case Sphincs_Hash_Type::Shake256:
#if defined(BOTAN_HAS_SPHINCS_PLUS_SHAKE_BASE)
         return std::make_unique<Sphincs_Hash_Functions_Shake>(sphincs_params, pub_seed);
#else
         throw Not_Implemented("SLH-DSA (or SPHINCS+) with SHAKE is not available in this build");
#endif
 
      case Sphincs_Hash_Type::Haraka:
         throw Not_Implemented("Haraka is not implemented");
   }
   BOTAN_ASSERT_UNREACHABLE();
}

References BOTAN_ASSERT_UNREACHABLE, Botan::Haraka, Botan::Sphincs_Parameters::hash_type(), Botan::Sha256, and Botan::Shake256.

Referenced by Botan::SphincsPlus_PrivateKey::SphincsPlus_PrivateKey().

H_msg()

std::tuple< SphincsHashedMessage, XmssTreeIndexInLayer, TreeNodeIndex > Botan::Sphincs_Hash_Functions::H_msg	(	StrongSpan< const SphincsMessageRandomness >	r,
		const SphincsTreeNode &	root,
		const SphincsMessageInternal &	message )

Definition at line 78 of file sp_hash.cpp.

                                                                                                                     {
   const auto digest = H_msg_digest(r, root, message);
 
   // The following calculates the message digest and indices from the
   // raw message digest. See FIPS 205, Algorithm 19, Line 5-10.
   const auto& p = m_sphincs_params;
   BufferSlicer s(digest);
   auto msg_hash = s.copy<SphincsHashedMessage>(p.fors_message_bytes());
   auto tree_index_bytes = s.take(p.tree_digest_bytes());
   auto leaf_index_bytes = s.take(p.leaf_digest_bytes());
   BOTAN_ASSERT_NOMSG(s.empty());
 
   auto tree_index = from_first_n_bits<XmssTreeIndexInLayer>(p.h() - p.xmss_tree_height(), tree_index_bytes);
   auto leaf_index = from_first_n_bits<TreeNodeIndex>(p.xmss_tree_height(), leaf_index_bytes);
   return {std::move(msg_hash), tree_index, leaf_index};
}

References BOTAN_ASSERT_NOMSG, Botan::BufferSlicer::copy(), Botan::BufferSlicer::empty(), H_msg_digest(), m_sphincs_params, Botan::root(), and Botan::BufferSlicer::take().

H_msg_digest()

virtual std::vector< uint8_t > Botan::Sphincs_Hash_Functions::H_msg_digest ( StrongSpan< const SphincsMessageRandomness > r, const SphincsTreeNode & root, const SphincsMessageInternal & message )

protectedpure virtual

Referenced by H_msg().

msg_hash_function_name()

virtual std::string Botan::Sphincs_Hash_Functions::msg_hash_function_name ( ) const

pure virtual

Implemented in Botan::Sphincs_Hash_Functions_Sha2, and Botan::Sphincs_Hash_Functions_Shake.

PRF() [1/2]

void Botan::Sphincs_Hash_Functions::PRF ( StrongSpan< ForsLeafSecret > out, const SphincsSecretSeed & sk_seed, const Sphincs_Address & address )

inline

Definition at line 70 of file sp_hash.h.

                                                                                                                 {
         T(out, address, sk_seed);
      }

References T.

Referenced by Botan::fors_sign_and_pkgen(), and Botan::wots_sign_and_pkgen().

PRF() [2/2]

void Botan::Sphincs_Hash_Functions::PRF ( StrongSpan< WotsNode > out, const SphincsSecretSeed & sk_seed, const Sphincs_Address & address )

inline

Definition at line 74 of file sp_hash.h.

                                                                                                           {
         T(out, address, sk_seed);
      }

References T.

PRF_msg()

virtual void Botan::Sphincs_Hash_Functions::PRF_msg ( StrongSpan< SphincsMessageRandomness > out, StrongSpan< const SphincsSecretPRF > sk_prf, StrongSpan< const SphincsOptionalRandomness > opt_rand, const SphincsMessageInternal & msg )

pure virtual

Using SK.PRF, the optional randomness, and a message, computes the message random R, and the tree and leaf indices.

Parameters

out	output location for the message hash
sk_prf	SK.PRF
opt_rand	optional randomness
msg	message

Implemented in Botan::Sphincs_Hash_Functions_Sha2, and Botan::Sphincs_Hash_Functions_Shake.

T() [1/2]

template<typename OutT = std::vector<uint8_t>, typename... BufferTs>

OutT Botan::Sphincs_Hash_Functions::T ( const Sphincs_Address & address, BufferTs &&... in )

inline

Definition at line 64 of file sp_hash.h.

                                                               {
         OutT t(m_sphincs_params.n());
         T(t, address, std::forward<BufferTs>(in)...);
         return t;
      }

References T.

T() [2/2]

template<typename... BufferTs>

void Botan::Sphincs_Hash_Functions::T ( std::span< uint8_t > out, const Sphincs_Address & address, BufferTs &&... in )

inline

Definition at line 57 of file sp_hash.h.

                                                                                     {
         auto& hash = tweak_hash(address, (std::forward<BufferTs>(in).size() + ...));
         (hash.update(std::forward<BufferTs>(in)), ...);
         hash.final(out);
      }

Referenced by Botan::compute_root(), Botan::fors_public_key_from_signature(), Botan::fors_sign_and_pkgen(), Botan::ht_verify(), Botan::treehash(), and Botan::wots_sign_and_pkgen().

tweak_hash()

virtual HashFunction & Botan::Sphincs_Hash_Functions::tweak_hash ( const Sphincs_Address & address, size_t input_length )

protectedpure virtual

Prepare the underlying hash function for hashing any given input depending on the expected input length.

Parameters

address	the SLH-DSA address of the hash to be tweaked
input_length	the input buffer length that will be processed with the tweaked hash (typically N or 2*N)

Returns

a reference to a Botan::HashFunction that is preconditioned with the given tweaking parameters.

Note

Callers are expected to finalize (i.e. reset) the returned HashFunction after use.

Member Data Documentation

m_pub_seed

const SphincsPublicSeed& Botan::Sphincs_Hash_Functions::m_pub_seed

protected

Definition at line 103 of file sp_hash.h.

Referenced by Botan::Sphincs_Hash_Functions_Shake::Sphincs_Hash_Functions_Shake().

m_sphincs_params

const Sphincs_Parameters& Botan::Sphincs_Hash_Functions::m_sphincs_params

protected

Definition at line 102 of file sp_hash.h.

Referenced by H_msg().

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/sphincsplus/sphincsplus_common/sp_hash.h
• src/lib/pubkey/sphincsplus/sphincsplus_common/sp_hash.cpp