Botan::XMSS_Hash Class Reference

#include <xmss_hash.h>

Public Member Functions
void	f (secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
void	h (secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
secure_vector< uint8_t >	h_msg (std::span< const uint8_t > randomness, std::span< const uint8_t > root, std::span< const uint8_t > index_bytes, std::span< const uint8_t > data)
secure_vector< uint8_t >	h_msg_final ()
void	h_msg_init (std::span< const uint8_t > randomness, std::span< const uint8_t > root, std::span< const uint8_t > index_bytes)
void	h_msg_update (std::span< const uint8_t > data)
std::string	hash_function () const
XMSS_Hash &	operator= (const XMSS_Hash &)=delete
XMSS_Hash &	operator= (XMSS_Hash &&)=default
size_t	output_length () const
void	prf (secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
void	prf_keygen (secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
	XMSS_Hash (const XMSS_Hash &hash)
	XMSS_Hash (const XMSS_Parameters &params)
	XMSS_Hash (XMSS_Hash &&hash)=default
	~XMSS_Hash ()=default

Detailed Description

A collection of pseudorandom hash functions required for XMSS and WOTS computations.

Definition at line 23 of file xmss_hash.h.

Constructor & Destructor Documentation

XMSS_Hash() [1/3]

Botan::XMSS_Hash::XMSS_Hash

(

const XMSS_Parameters &

params

)

Definition at line 22 of file xmss_hash.cpp.

   : m_hash(HashFunction::create(params.hash_function_name()))
   , m_msg_hash(HashFunction::create(params.hash_function_name()))
   , m_zero_padding(params.hash_id_size() - 1 /* hash IDs are a single uint8_t */)
   {
   if(!m_hash || !m_msg_hash)
      {
      throw Lookup_Error(fmt("XMSS cannot use hash {} because it is unavailable",
                             params.hash_function_name()));
      }
 
   BOTAN_ASSERT(m_hash->output_length() > 0, "Hash output length of zero is invalid.");
   }

References BOTAN_ASSERT, Botan::fmt(), and Botan::XMSS_Parameters::hash_function_name().

XMSS_Hash() [2/3]

Botan::XMSS_Hash::XMSS_Hash

(

const XMSS_Hash &

hash

)

Definition at line 17 of file xmss_hash.cpp.

   : m_hash(hash.m_hash->new_object())
   , m_msg_hash(hash.m_msg_hash->new_object())
   , m_zero_padding(hash.m_zero_padding) {}

XMSS_Hash() [3/3]

Botan::XMSS_Hash::XMSS_Hash ( XMSS_Hash &&  hash )

default

~XMSS_Hash()

Botan::XMSS_Hash::~XMSS_Hash ( )

default

Member Function Documentation

f()

void Botan::XMSS_Hash::f ( secure_vector< uint8_t > &  result, std::span< const uint8_t >  key, std::span< const uint8_t >  data  )

inline

F is a keyed cryptographic hash function used by the WOTS+ algorithm.

Parameters

[out]	result	The hash calculated using key and data.
[in]	key	key of length n bytes.
[in]	data	string of arbitrary length.

Definition at line 91 of file xmss_hash.h.

         {
         calculate_hash(0x00, result, key, data);
         }

h()

void Botan::XMSS_Hash::h ( secure_vector< uint8_t > &  result, std::span< const uint8_t >  key, std::span< const uint8_t >  data  )

inline

Cryptographic hash function h accepting n byte keys and 2n byte strings of data.

Parameters

[out]	result	The hash calculated using key and data.
[in]	key	key of length n bytes.
[in]	data	string of 2n bytes length.

Definition at line 106 of file xmss_hash.h.

         {
         calculate_hash(0x01, result, key, data);
         }

Referenced by Botan::XMSS_Common_Ops::randomize_tree_hash().

h_msg()

secure_vector< uint8_t > Botan::XMSS_Hash::h_msg ( std::span< const uint8_t >  randomness, std::span< const uint8_t >  root, std::span< const uint8_t >  index_bytes, std::span< const uint8_t >  data  )

inline

Cryptographic hash function h accepting 3n byte keys and data strings of arbitrary length.

Parameters

randomness	n-byte value.
root	n-byte root node.
index_bytes	Index value padded with leading zeros.
data	string of arbitrary length.

Returns

hash value of n-bytes length.

Definition at line 124 of file xmss_hash.h.

         {
         h_msg_init(randomness, root, index_bytes);
         h_msg_update(data);
         return m_msg_hash->final();
         }

References h_msg_init(), and h_msg_update().

h_msg_final()

secure_vector< uint8_t > Botan::XMSS_Hash::h_msg_final

(

)

Finalizes buffered h_msg computation and retrieves the result.

Returns

Hash calculated using the prefix set by h_msg_init() and message blocks provided through calls to h_msg_update().

Definition at line 53 of file xmss_hash.cpp.

   {
   return m_msg_hash->final();
   }

Referenced by Botan::XMSS_Signature_Operation::sign().

h_msg_init()

void Botan::XMSS_Hash::h_msg_init	(	std::span< const uint8_t >	randomness,
		std::span< const uint8_t >	root,
		std::span< const uint8_t >	index_bytes
	)

Initializes buffered h_msg computation with prefix data.

Parameters

randomness	random n-byte value.
root	n-byte root node.
index_bytes	Index value padded with leading zeros.

Definition at line 36 of file xmss_hash.cpp.

   {
   m_msg_hash->clear();
   m_msg_hash->update(m_zero_padding);
   m_msg_hash->update(0x02);
   m_msg_hash->update(randomness.data(), randomness.size());
   m_msg_hash->update(root.data(), root.size());
   m_msg_hash->update(index_bytes.data(), index_bytes.size());
   }

Referenced by h_msg().

h_msg_update()

void Botan::XMSS_Hash::h_msg_update

(

std::span< const uint8_t >

data

)

Adds a message block to buffered h_msg computation.

Parameters

data	A message block

Definition at line 48 of file xmss_hash.cpp.

   {
   m_msg_hash->update(data.data(), data.size());
   }

Referenced by h_msg(), and Botan::XMSS_Signature_Operation::update().

hash_function()

std::string Botan::XMSS_Hash::hash_function ( ) const

inline

Definition at line 35 of file xmss_hash.h.

{ return m_hash->name(); }

Referenced by Botan::XMSS_Signature_Operation::hash_function(), and Botan::XMSS_Verification_Operation::hash_function().

operator=() [1/2]

XMSS_Hash & Botan::XMSS_Hash::operator= ( const XMSS_Hash &  )

delete

operator=() [2/2]

XMSS_Hash & Botan::XMSS_Hash::operator= ( XMSS_Hash &&  )

default

output_length()

size_t Botan::XMSS_Hash::output_length ( ) const

inline

Definition at line 160 of file xmss_hash.h.

{ return m_hash->output_length(); }

prf()

void Botan::XMSS_Hash::prf ( secure_vector< uint8_t > &  result, std::span< const uint8_t >  key, std::span< const uint8_t >  data  )

inline

Pseudorandom function creating a hash out of a key and data using a cryptographic hash function.

Parameters

[out]	result	The hash calculated using key and data.
[in]	key	An n-byte key value.
[in]	data	A 32-byte XMSS_Address data value

Definition at line 59 of file xmss_hash.h.

         {
         calculate_hash(0x03, result, key, data);
         }

Referenced by Botan::XMSS_Common_Ops::randomize_tree_hash(), and Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey().

prf_keygen()

void Botan::XMSS_Hash::prf_keygen ( secure_vector< uint8_t > &  result, std::span< const uint8_t >  key, std::span< const uint8_t >  data  )

inline

Pseudoranom function creating a hash out of a key and data using a cryptographic hash function for key derivation.

This function is described in NIST SP.800-208 Section 5 as a separate PRF to avoid a multi-target attack vector.

Parameters

[out]	result	The hash calculated using key and data.
[in]	key	An n-byte key value.
[in]	data	A 32-byte XMSS_Address data value

Definition at line 77 of file xmss_hash.h.

         {
         calculate_hash(0x04, result, key, data);
         }

Referenced by Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey().

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/xmss/xmss_hash.h
• src/lib/pubkey/xmss/xmss_hash.cpp