Botan::XMSS_Hash Class Reference

#include <xmss_hash.h>

Public Member Functions
void	f (secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
void	h (secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
secure_vector< uint8_t >	h_msg (std::span< const uint8_t > randomness, std::span< const uint8_t > root, std::span< const uint8_t > index_bytes, std::span< const uint8_t > data)
secure_vector< uint8_t >	h_msg_final ()
void	h_msg_init (std::span< const uint8_t > randomness, std::span< const uint8_t > root, std::span< const uint8_t > index_bytes)
void	h_msg_update (std::span< const uint8_t > data)
std::string	hash_function () const
XMSS_Hash &	operator= (const XMSS_Hash &)=delete
XMSS_Hash &	operator= (XMSS_Hash &&)=default
size_t	output_length () const
void	prf (secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
void	prf_keygen (secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
	XMSS_Hash (const XMSS_Hash &hash)
	XMSS_Hash (const XMSS_Parameters &params)
	XMSS_Hash (XMSS_Hash &&hash)=default
	~XMSS_Hash ()=default

Detailed Description

A collection of pseudorandom hash functions required for XMSS and WOTS computations.

Definition at line 23 of file xmss_hash.h.

Constructor & Destructor Documentation

XMSS_Hash() [1/3]

Botan::XMSS_Hash::XMSS_Hash ( const XMSS_Parameters & params )

explicit

Definition at line 24 of file xmss_hash.cpp.

                                                  :
      m_hash(HashFunction::create(params.hash_function_name())),
      m_msg_hash(HashFunction::create(params.hash_function_name())),
      m_zero_padding(params.hash_id_size() - 1 /* hash IDs are a single uint8_t */) {
   if(!m_hash || !m_msg_hash) {
      throw Lookup_Error(fmt("XMSS cannot use hash {} because it is unavailable", params.hash_function_name()));
   }
 
   BOTAN_ASSERT(m_hash->output_length() > 0, "Hash output length of zero is invalid.");
}

References BOTAN_ASSERT, Botan::fmt(), and Botan::XMSS_Parameters::hash_function_name().

Referenced by operator=(), operator=(), XMSS_Hash(), and XMSS_Hash().

XMSS_Hash() [2/3]

Botan::XMSS_Hash::XMSS_Hash

(

const XMSS_Hash &

hash

)

Definition at line 19 of file xmss_hash.cpp.

                                          :
      m_hash(hash.m_hash->new_object()),
      m_msg_hash(hash.m_msg_hash->new_object()),
      m_zero_padding(hash.m_zero_padding) {}

References XMSS_Hash().

XMSS_Hash() [3/3]

Botan::XMSS_Hash::XMSS_Hash ( XMSS_Hash && hash )

default

References XMSS_Hash().

~XMSS_Hash()

Botan::XMSS_Hash::~XMSS_Hash ( )

default

Member Function Documentation

f()

void Botan::XMSS_Hash::f ( secure_vector< uint8_t > & result, std::span< const uint8_t > key, std::span< const uint8_t > data )

inline

F is a keyed cryptographic hash function used by the WOTS+ algorithm.

Parameters

[out]	result	The hash calculated using key and data.
[in]	key	key of length n bytes.
[in]	data	string of arbitrary length.

Definition at line 85 of file xmss_hash.h.

                                                                                                      {
         calculate_hash(0x00, result, key, data);
      }

h()

void Botan::XMSS_Hash::h ( secure_vector< uint8_t > & result, std::span< const uint8_t > key, std::span< const uint8_t > data )

inline

Cryptographic hash function h accepting n byte keys and 2n byte strings of data.

Parameters

[out]	result	The hash calculated using key and data.
[in]	key	key of length n bytes.
[in]	data	string of 2n bytes length.

Definition at line 97 of file xmss_hash.h.

                                                                                                      {
         calculate_hash(0x01, result, key, data);
      }

Referenced by Botan::XMSS_Common_Ops::randomize_tree_hash().

h_msg()

secure_vector< uint8_t > Botan::XMSS_Hash::h_msg ( std::span< const uint8_t > randomness, std::span< const uint8_t > root, std::span< const uint8_t > index_bytes, std::span< const uint8_t > data )

inline

Cryptographic hash function h accepting 3n byte keys and data strings of arbitrary length.

Parameters

randomness	n-byte value.
root	n-byte root node.
index_bytes	Index value padded with leading zeros.
data	string of arbitrary length.

Returns

hash value of n-bytes length.

Definition at line 112 of file xmss_hash.h.

                                                                {
         h_msg_init(randomness, root, index_bytes);
         h_msg_update(data);
         return m_msg_hash->final();
      }

References h_msg_init(), h_msg_update(), and Botan::root().

h_msg_final()

secure_vector< uint8_t > Botan::XMSS_Hash::h_msg_final

(

)

Finalizes buffered h_msg computation and retrieves the result.

Returns

Hash calculated using the prefix set by h_msg_init() and message blocks provided through calls to h_msg_update().

Definition at line 50 of file xmss_hash.cpp.

                                              {
   return m_msg_hash->final();
}

h_msg_init()

void Botan::XMSS_Hash::h_msg_init	(	std::span< const uint8_t >	randomness,
		std::span< const uint8_t >	root,
		std::span< const uint8_t >	index_bytes )

Initializes buffered h_msg computation with prefix data.

Parameters

randomness	random n-byte value.
root	n-byte root node.
index_bytes	Index value padded with leading zeros.

Definition at line 35 of file xmss_hash.cpp.

                                                               {
   m_msg_hash->clear();
   m_msg_hash->update(m_zero_padding);
   m_msg_hash->update(0x02);
   m_msg_hash->update(randomness.data(), randomness.size());
   m_msg_hash->update(root.data(), root.size());
   m_msg_hash->update(index_bytes.data(), index_bytes.size());
}

References Botan::root().

Referenced by h_msg().

h_msg_update()

void Botan::XMSS_Hash::h_msg_update

(

std::span< const uint8_t >

data

)

Adds a message block to buffered h_msg computation.

Parameters

data	A message block

Definition at line 46 of file xmss_hash.cpp.

                                                        {
   m_msg_hash->update(data.data(), data.size());
}

Referenced by h_msg().

hash_function()

std::string Botan::XMSS_Hash::hash_function ( ) const

inline

Definition at line 34 of file xmss_hash.h.

{ return m_hash->name(); }

operator=() [1/2]

XMSS_Hash & Botan::XMSS_Hash::operator= ( const XMSS_Hash & )

delete

References XMSS_Hash().

operator=() [2/2]

XMSS_Hash & Botan::XMSS_Hash::operator= ( XMSS_Hash && )

default

References XMSS_Hash().

output_length()

size_t Botan::XMSS_Hash::output_length ( ) const

inline

Definition at line 147 of file xmss_hash.h.

{ return m_hash->output_length(); }

prf()

void Botan::XMSS_Hash::prf ( secure_vector< uint8_t > & result, std::span< const uint8_t > key, std::span< const uint8_t > data )

inline

Pseudorandom function creating a hash out of a key and data using a cryptographic hash function.

Parameters

[out]	result	The hash calculated using key and data.
[in]	key	An n-byte key value.
[in]	data	A 32-byte XMSS_Address data value

Definition at line 57 of file xmss_hash.h.

                                                                                                               {
         calculate_hash(0x03, result, key, data);
      }

Referenced by Botan::XMSS_Common_Ops::randomize_tree_hash(), and Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey().

prf_keygen()

void Botan::XMSS_Hash::prf_keygen ( secure_vector< uint8_t > & result, std::span< const uint8_t > key, std::span< const uint8_t > data )

inline

Pseudoranom function creating a hash out of a key and data using a cryptographic hash function for key derivation.

This function is described in NIST SP.800-208 Section 5 as a separate PRF to avoid a multi-target attack vector.

Parameters

[out]	result	The hash calculated using key and data.
[in]	key	An n-byte key value.
[in]	data	A 32-byte XMSS_Address data value

Definition at line 72 of file xmss_hash.h.

                                                          {
         calculate_hash(0x04, result, key, data);
      }

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/xmss/xmss_hash.h
• src/lib/pubkey/xmss/xmss_hash.cpp