Botan::XMSS_PrivateKey Class Reference

#include <xmss.h>

Inheritance diagram for Botan::XMSS_PrivateKey:

Public Member Functions
virtual Signature_Format	_default_x509_signature_format () const
virtual std::optional< size_t >	_signature_element_size_for_DER_encoding () const
std::string	algo_name () const override
AlgorithmIdentifier	algorithm_identifier () const override
bool	check_key (RandomNumberGenerator &rng, bool strong) const override
virtual std::unique_ptr< PK_Ops::Decryption >	create_decryption_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
virtual std::unique_ptr< PK_Ops::Encryption >	create_encryption_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
virtual std::unique_ptr< PK_Ops::KEM_Decryption >	create_kem_decryption_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
virtual std::unique_ptr< PK_Ops::KEM_Encryption >	create_kem_encryption_op (std::string_view params, std::string_view provider) const
virtual std::unique_ptr< PK_Ops::Key_Agreement >	create_key_agreement_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
std::unique_ptr< PK_Ops::Signature >	create_signature_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
std::unique_ptr< PK_Ops::Verification >	create_verification_op (std::string_view params, std::string_view provider) const override
std::unique_ptr< PK_Ops::Verification >	create_x509_verification_op (const AlgorithmIdentifier &alg_id, std::string_view provider) const override
Signature_Format	default_x509_signature_format () const
size_t	estimated_strength () const override
std::string	fingerprint_private (std::string_view alg) const
std::string	fingerprint_public (std::string_view alg="SHA-256") const
std::unique_ptr< Private_Key >	generate_another (RandomNumberGenerator &rng) const final
virtual const BigInt &	get_int_field (std::string_view field) const
OID	get_oid () const
size_t	key_length () const override
size_t	message_part_size () const
size_t	message_parts () const
virtual OID	object_identifier () const
virtual AlgorithmIdentifier	pkcs8_algorithm_identifier () const
secure_vector< uint8_t >	private_key_bits () const override
secure_vector< uint8_t >	private_key_info () const
std::unique_ptr< Public_Key >	public_key () const override
std::vector< uint8_t >	public_key_bits () const override
secure_vector< uint8_t >	raw_private_key () const
virtual secure_vector< uint8_t >	raw_private_key_bits () const
std::vector< uint8_t >	raw_public_key () const
std::vector< uint8_t >	raw_public_key_bits () const override
std::optional< uint64_t >	remaining_operations () const override
	Retrieves the number of remaining operations if this is a stateful private key.
size_t	remaining_signatures () const
bool	stateful_operation () const override
std::vector< uint8_t >	subject_public_key () const
bool	supports_operation (PublicKeyOperation op) const override
size_t	unused_leaf_index () const
WOTS_Derivation_Method	wots_derivation_method () const
BOTAN_FUTURE_EXPLICIT	XMSS_PrivateKey (std::span< const uint8_t > raw_key)
	XMSS_PrivateKey (XMSS_Parameters::xmss_algorithm_t xmss_algo_id, RandomNumberGenerator &rng, WOTS_Derivation_Method wots_derivation_method=WOTS_Derivation_Method::NIST_SP800_208)
	XMSS_PrivateKey (XMSS_Parameters::xmss_algorithm_t xmss_algo_id, size_t idx_leaf, secure_vector< uint8_t > wots_priv_seed, secure_vector< uint8_t > prf, secure_vector< uint8_t > root, secure_vector< uint8_t > public_seed, WOTS_Derivation_Method wots_derivation_method=WOTS_Derivation_Method::NIST_SP800_208)

Protected Member Functions
const secure_vector< uint8_t > &	public_seed () const
const secure_vector< uint8_t > &	root () const
void	set_root (secure_vector< uint8_t > root)
const XMSS_Parameters &	xmss_parameters () const

Friends
class	XMSS_Signature_Operation

Detailed Description

An XMSS: Extended Hash-Based Signature private key. The XMSS private key does not support the X509 and PKCS7 standard. Instead the raw format described in [1] is used.

[1] XMSS: Extended Hash-Based Signatures, Request for Comments: 8391 Release: May 2018. https://datatracker.ietf.org/doc/rfc8391/

Definition at line 163 of file xmss.h.

Constructor & Destructor Documentation

XMSS_PrivateKey() [1/3]

Botan::XMSS_PrivateKey::XMSS_PrivateKey	(	XMSS_Parameters::xmss_algorithm_t	xmss_algo_id,
		RandomNumberGenerator &	rng,
		WOTS_Derivation_Method	wots_derivation_method = WOTS_Derivation_Method::NIST_SP800_208 )

Creates a new XMSS private key for the chosen XMSS signature method. New seeds for public/private key and pseudo random function input are generated using the provided RNG. The appropriate WOTS signature method will be automatically set based on the chosen XMSS signature method.

Parameters

xmss_algo_id	Identifier for the selected XMSS signature method.
Random Number Generators	A random number generator to use for key generation.
wots_derivation_method	The method used to derive WOTS+ private keys

Definition at line 190 of file xmss_privatekey.cpp.

                                                                                :
      XMSS_PublicKey(xmss_algo_id, rng),
      m_private(std::make_shared<XMSS_PrivateKey_Internal>(xmss_algo_id, wots_derivation_method, rng)) {
   const XMSS_Address adrs;
   XMSS_Hash hash(xmss_parameters());
   set_root(tree_hash(0, xmss_parameters().tree_height(), adrs, hash));
}

References Botan::XMSS_PublicKey::set_root(), wots_derivation_method(), Botan::XMSS_PublicKey::xmss_parameters(), and Botan::XMSS_PublicKey::XMSS_PublicKey().

XMSS_PrivateKey() [2/3]

Botan::XMSS_PrivateKey::XMSS_PrivateKey

(

std::span< const uint8_t >

raw_key

)

Creates an XMSS_PrivateKey from a byte sequence produced by raw_private_key().

Parameters

raw_key

An XMSS private key serialized using raw_private_key().

Definition at line 186 of file xmss_privatekey.cpp.

                                                                :
      XMSS_PublicKey(key_bits),
      m_private(std::make_shared<XMSS_PrivateKey_Internal>(xmss_parameters().oid(), key_bits)) {}

References Botan::XMSS_PublicKey::xmss_parameters(), and Botan::XMSS_PublicKey::XMSS_PublicKey().

XMSS_PrivateKey() [3/3]

Botan::XMSS_PrivateKey::XMSS_PrivateKey	(	XMSS_Parameters::xmss_algorithm_t	xmss_algo_id,
		size_t	idx_leaf,
		secure_vector< uint8_t >	wots_priv_seed,
		secure_vector< uint8_t >	prf,
		secure_vector< uint8_t >	root,
		secure_vector< uint8_t >	public_seed,
		WOTS_Derivation_Method	wots_derivation_method = WOTS_Derivation_Method::NIST_SP800_208 )

Creates a new XMSS private key for the chosen XMSS signature method using precomputed seeds for public/private keys and pseudo random function input. The appropriate WOTS signature method will be automatically set, based on the chosen XMSS signature method.

Parameters

xmss_algo_id	Identifier for the selected XMSS signature method.
idx_leaf	Index of the next unused leaf.
wots_priv_seed	A seed to generate a Winternitz-One-Time- Signature private key from.
prf	a secret n-byte key sourced from a secure source of uniformly random data.
root	Root node of the binary hash tree.
public_seed	The public seed.
wots_derivation_method	The method used to derive WOTS+ private keys

Definition at line 200 of file xmss_privatekey.cpp.

                                                                                :
      XMSS_PublicKey(xmss_algo_id, std::move(root), std::move(public_seed)),
      m_private(std::make_shared<XMSS_PrivateKey_Internal>(
         xmss_algo_id, wots_derivation_method, std::move(wots_priv_seed), std::move(prf))) {
   m_private->set_unused_leaf_index(idx_leaf);
   BOTAN_ARG_CHECK(m_private->prf_value().size() == xmss_parameters().element_size(),
                   "XMSS: unexpected byte length of PRF value");
   BOTAN_ARG_CHECK(m_private->private_seed().size() == xmss_parameters().element_size(),
                   "XMSS: unexpected byte length of private seed");
}

References BOTAN_ARG_CHECK, Botan::XMSS_PublicKey::public_seed(), Botan::XMSS_PublicKey::root(), wots_derivation_method(), Botan::XMSS_PublicKey::xmss_parameters(), and Botan::XMSS_PublicKey::XMSS_PublicKey().

Member Function Documentation

_default_x509_signature_format()

Signature_Format Botan::Asymmetric_Key::_default_x509_signature_format ( ) const

virtualinherited

Reimplemented in Botan::GOST_3410_PublicKey.

Definition at line 30 of file pk_keys.cpp.

                                                                      {
   if(_signature_element_size_for_DER_encoding()) {
      return Signature_Format::DerSequence;
   } else {
      return Signature_Format::Standard;
   }
}

References _signature_element_size_for_DER_encoding(), Botan::DerSequence, and Botan::Standard.

Referenced by Botan::X509_Object::choose_sig_format(), Botan::Public_Key::default_x509_signature_format(), and Botan::PK_Verifier::PK_Verifier().

_signature_element_size_for_DER_encoding()

virtual std::optional< size_t > Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding ( ) const

inlinevirtualinherited

Certain signatures schemes such as ECDSA have more than one element, and certain unfortunate protocols decided the thing to do was not concatenate them as normally done, but instead DER encode each of the elements as independent values.

If this returns a value x then the signature is checked to be exactly 2*x bytes and split in half for DER encoding.

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 144 of file pk_keys.h.

{ return {}; }

Referenced by _default_x509_signature_format(), Botan::Public_Key::message_part_size(), Botan::Public_Key::message_parts(), Botan::PK_Verifier::PK_Verifier(), and Botan::PK_Verifier::PK_Verifier().

algo_name()

std::string Botan::XMSS_PublicKey::algo_name ( ) const

inlineoverridevirtualinherited

Get the name of the underlying public key scheme.

Returns

name of the public key scheme

Implements Botan::Asymmetric_Key.

Definition at line 71 of file xmss.h.

{ return "XMSS"; }

Referenced by Botan::XMSS_PrivateKey::create_signature_op(), create_verification_op(), and create_x509_verification_op().

algorithm_identifier()

AlgorithmIdentifier Botan::XMSS_PublicKey::algorithm_identifier ( ) const

inlineoverridevirtualinherited

Returns

X.509 AlgorithmIdentifier for this key

Implements Botan::Public_Key.

Definition at line 73 of file xmss.h.

                                                                {
         return AlgorithmIdentifier(object_identifier(), AlgorithmIdentifier::USE_EMPTY_PARAM);
      }

References Botan::Asymmetric_Key::object_identifier(), and Botan::AlgorithmIdentifier::USE_EMPTY_PARAM.

Referenced by create_x509_verification_op().

check_key()

bool Botan::XMSS_PublicKey::check_key ( RandomNumberGenerator & rng, bool strong ) const

overridevirtualinherited

Implements Botan::Asymmetric_Key.

Definition at line 158 of file xmss_publickey.cpp.

                                                                     {
   // The public key consists of (OID, root hash, public seed). The OID is
   // validated and the byte lengths of root and public_seed are verified
   // against the parameter set during deserialization. These are opaque
   // hash outputs with no further structural invariants to check.
   return true;
}

create_decryption_op()

std::unique_ptr< PK_Ops::Decryption > Botan::Private_Key::create_decryption_op ( RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

virtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return an decryption operation for this key/params or throw

Parameters

Random Number Generators	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented in Botan::ElGamal_PrivateKey, Botan::RSA_PrivateKey, Botan::SM2_PrivateKey, and Botan::TPM2::RSA_PrivateKey.

Definition at line 126 of file pk_keys.cpp.

                                                                                              {
   throw Lookup_Error(fmt("{} does not support decryption", algo_name()));
}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_Decryptor_EME::PK_Decryptor_EME().

create_encryption_op()

std::unique_ptr< PK_Ops::Encryption > Botan::Public_Key::create_encryption_op ( RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters

Random Number Generators	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented in Botan::ElGamal_PublicKey, Botan::RSA_PublicKey, Botan::SM2_PublicKey, and Botan::TPM2::RSA_PublicKey.

Definition at line 105 of file pk_keys.cpp.

                                                                                             {
   throw Lookup_Error(fmt("{} does not support encryption", algo_name()));
}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_Encryptor_EME::PK_Encryptor_EME().

create_kem_decryption_op()

std::unique_ptr< PK_Ops::KEM_Decryption > Botan::Private_Key::create_kem_decryption_op ( RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

virtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a KEM decryption operation for this key/params or throw

Parameters

Random Number Generators	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented in Botan::Classic_McEliece_PrivateKey, Botan::FrodoKEM_PrivateKey, Botan::KEX_to_KEM_Adapter_PrivateKey, Botan::Kyber_PrivateKey, Botan::McEliece_PrivateKey, Botan::RSA_PrivateKey, and Botan::TLS::Hybrid_KEM_PrivateKey.

Definition at line 132 of file pk_keys.cpp.

                                                                                                      {
   throw Lookup_Error(fmt("{} does not support KEM decryption", algo_name()));
}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_KEM_Decryptor::PK_KEM_Decryptor().

create_kem_encryption_op()

std::unique_ptr< PK_Ops::KEM_Encryption > Botan::Public_Key::create_kem_encryption_op ( std::string_view params, std::string_view provider ) const

virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters

params	additional parameters
provider	the provider to use

Reimplemented in Botan::Classic_McEliece_PublicKey, Botan::FrodoKEM_PublicKey, Botan::KEX_to_KEM_Adapter_PublicKey, Botan::Kyber_PublicKey, Botan::McEliece_PublicKey, Botan::RSA_PublicKey, and Botan::TLS::Hybrid_KEM_PublicKey.

Definition at line 111 of file pk_keys.cpp.

                                                                                                     {
   throw Lookup_Error(fmt("{} does not support KEM encryption", algo_name()));
}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_KEM_Encryptor::PK_KEM_Encryptor().

create_key_agreement_op()

std::unique_ptr< PK_Ops::Key_Agreement > Botan::Private_Key::create_key_agreement_op ( RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

virtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a key agreement operation for this key/params or throw

Parameters

Random Number Generators	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented in Botan::DH_PrivateKey, Botan::ECDH_PrivateKey, Botan::X25519_PrivateKey, and Botan::X448_PrivateKey.

Definition at line 144 of file pk_keys.cpp.

                                                                                                    {
   throw Lookup_Error(fmt("{} does not support key agreement", algo_name()));
}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_Key_Agreement::PK_Key_Agreement().

create_signature_op()

std::unique_ptr< PK_Ops::Signature > Botan::XMSS_PrivateKey::create_signature_op ( RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

overridevirtual

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a signature operation for this key/params or throw

Parameters

Random Number Generators	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented from Botan::Private_Key.

Definition at line 417 of file xmss_privatekey.cpp.

                                                                                                       {
   if(provider == "base" || provider.empty()) {
      return std::make_unique<XMSS_Signature_Operation>(*this);
   }
 
   throw Provider_Not_Found(algo_name(), provider);
}

References Botan::XMSS_PublicKey::algo_name().

create_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::XMSS_PublicKey::create_verification_op ( std::string_view params, std::string_view provider ) const

overridevirtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters

params	additional parameters
provider	the provider to use

Reimplemented from Botan::Public_Key.

Definition at line 166 of file xmss_publickey.cpp.

                                                                                                            {
   if(provider == "base" || provider.empty()) {
      return std::make_unique<XMSS_Verification_Operation>(*this);
   }
   throw Provider_Not_Found(algo_name(), provider);
}

References algo_name().

create_x509_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::XMSS_PublicKey::create_x509_verification_op ( const AlgorithmIdentifier & signature_algorithm, std::string_view provider ) const

overridevirtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a verification operation for this combination of key and signature algorithm or throw.

Parameters

signature_algorithm	is the X.509 algorithm identifier encoding the padding scheme and hash hash function used in the signature if applicable.
provider	the provider to use

Reimplemented from Botan::Public_Key.

Definition at line 174 of file xmss_publickey.cpp.

                                                                                                                 {
   if(provider == "base" || provider.empty()) {
      if(alg_id != this->algorithm_identifier()) {
         throw Decoding_Error("Unexpected AlgorithmIdentifier for XMSS X509 signature");
      }
      return std::make_unique<XMSS_Verification_Operation>(*this);
   }
   throw Provider_Not_Found(algo_name(), provider);
}

References algo_name(), and algorithm_identifier().

default_x509_signature_format()

Signature_Format Botan::Public_Key::default_x509_signature_format ( ) const

inlineinherited

Definition at line 237 of file pk_keys.h.

                                                                                                           {
         return _default_x509_signature_format();
      }

References Botan::Asymmetric_Key::_default_x509_signature_format(), and default_x509_signature_format().

Referenced by default_x509_signature_format().

estimated_strength()

size_t Botan::XMSS_PublicKey::estimated_strength ( ) const

overridevirtualinherited

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns

estimated strength in bits

Implements Botan::Asymmetric_Key.

Definition at line 150 of file xmss_publickey.cpp.

                                                {
   return xmss_parameters().estimated_strength();
}

References Botan::XMSS_Parameters::estimated_strength(), and xmss_parameters().

fingerprint_private()

std::string Botan::Private_Key::fingerprint_private ( std::string_view alg ) const

inherited

Returns

Hash of the PKCS #8 encoding for this key object

Definition at line 101 of file pk_keys.cpp.

                                                                         {
   return create_hex_fingerprint(private_key_bits(), hash_algo);
}

References Botan::create_hex_fingerprint(), and private_key_bits().

Referenced by Botan::Certificate_Store_In_SQL::find_certs_for_key(), Botan::Certificate_Store_In_SQL::insert_key(), and Botan::Certificate_Store_In_SQL::remove_key().

fingerprint_public()

std::string Botan::Public_Key::fingerprint_public ( std::string_view alg = "SHA-256" ) const

inherited

Returns

Hash of the subject public key

Definition at line 94 of file pk_keys.cpp.

                                                                       {
   return create_hex_fingerprint(subject_public_key(), hash_algo);
}

References Botan::create_hex_fingerprint(), and subject_public_key().

Referenced by public_key_bits().

generate_another()

std::unique_ptr< Private_Key > Botan::XMSS_PublicKey::generate_another ( RandomNumberGenerator & rng ) const

finalvirtualinherited

Generate another (cryptographically independent) key pair using the same algorithm parameters as this key. This is most useful for algorithms that support PublicKeyOperation::KeyAgreement to generate a fitting ephemeral key pair. For other key types it might throw Not_Implemented.

Implements Botan::Asymmetric_Key.

Definition at line 199 of file xmss_publickey.cpp.

                                                                                            {
   // Note: Given only an XMSS public key we cannot know which WOTS key
   //       derivation method was used to build the XMSS tree. Hence, we have to
   //       use the default here.
   return std::make_unique<XMSS_PrivateKey>(xmss_parameters().oid(), rng);
}

References xmss_parameters().

get_int_field()

const BigInt & Botan::Asymmetric_Key::get_int_field ( std::string_view field ) const

virtualinherited

Access an algorithm specific field

If the field is not known for this algorithm, an Invalid_Argument is thrown. The interpretation of the result requires knowledge of which algorithm is involved. For instance for RSA "p" represents one of the secret primes, while for DSA "p" is the public prime.

Some algorithms may not implement this method at all.

This is primarily used to implement the FFI botan_pubkey_get_field and botan_privkey_get_field functions.

TODO(Botan4) Change this to return by value

Reimplemented in Botan::DH_PrivateKey, Botan::DH_PublicKey, Botan::DSA_PrivateKey, Botan::DSA_PublicKey, Botan::EC_PrivateKey, Botan::EC_PublicKey, Botan::ElGamal_PrivateKey, Botan::ElGamal_PublicKey, Botan::RSA_PrivateKey, and Botan::RSA_PublicKey.

Definition at line 18 of file pk_keys.cpp.

                                                                      {
   throw Unknown_PK_Field_Name(algo_name(), field);
}

References algo_name().

Referenced by estimated_strength(), Botan::EC_PublicKey::get_int_field(), and Botan::RSA_PublicKey::get_int_field().

get_oid()

OID Botan::Public_Key::get_oid ( ) const

inlineinherited

Deprecated version of object_identifier

Definition at line 168 of file pk_keys.h.

{ return this->object_identifier(); }

References get_oid(), and Botan::Asymmetric_Key::object_identifier().

Referenced by get_oid().

key_length()

size_t Botan::XMSS_PublicKey::key_length ( ) const

overridevirtualinherited

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implements Botan::Public_Key.

Definition at line 154 of file xmss_publickey.cpp.

                                        {
   return xmss_parameters().estimated_strength();
}

References Botan::XMSS_Parameters::estimated_strength(), and xmss_parameters().

message_part_size()

size_t Botan::Public_Key::message_part_size ( ) const

inlineinherited

Returns how large each of the message parts referred to by message_parts() is

This function is public but applications should have few reasons to ever call this.

Returns

size of the message parts in bits

Definition at line 228 of file pk_keys.h.

                                                                                     {
         return _signature_element_size_for_DER_encoding().value_or(0);
      }

References Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding(), and message_part_size().

Referenced by message_part_size().

message_parts()

size_t Botan::Public_Key::message_parts ( ) const

inlineinherited

Returns more than 1 if the output of this algorithm (ciphertext, signature) should be treated as more than one value. This is used for algorithms like DSA and ECDSA, where the (r,s) output pair can be encoded as either a plain binary list or a TLV tagged DER encoding depending on the protocol.

This function is public but applications should have few reasons to ever call this.

Returns

number of message parts

Definition at line 215 of file pk_keys.h.

                                                                                 {
         return _signature_element_size_for_DER_encoding() ? 2 : 1;
      }

References Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding(), and message_parts().

Referenced by message_parts().

object_identifier()

OID Botan::Asymmetric_Key::object_identifier ( ) const

virtualinherited

Get the OID of the underlying public key scheme.

Returns

OID of the public key scheme

Reimplemented in Botan::Classic_McEliece_PublicKey, Botan::Dilithium_PublicKey, Botan::FrodoKEM_PublicKey, Botan::HSS_LMS_PublicKey, Botan::Kyber_PublicKey, and Botan::SphincsPlus_PublicKey.

Definition at line 22 of file pk_keys.cpp.

                                            {
   try {
      return OID::from_string(algo_name());
   } catch(Lookup_Error&) {
      throw Lookup_Error(fmt("Public key algorithm {} has no defined OIDs", algo_name()));
   }
}

References algo_name(), Botan::fmt(), and Botan::OID::from_string().

Referenced by Botan::DH_PublicKey::algorithm_identifier(), Botan::DSA_PublicKey::algorithm_identifier(), Botan::EC_PublicKey::algorithm_identifier(), Botan::Ed25519_PublicKey::algorithm_identifier(), Botan::Ed448_PublicKey::algorithm_identifier(), Botan::ElGamal_PublicKey::algorithm_identifier(), Botan::GOST_3410_PublicKey::algorithm_identifier(), Botan::McEliece_PublicKey::algorithm_identifier(), Botan::RSA_PublicKey::algorithm_identifier(), Botan::TPM_PrivateKey::algorithm_identifier(), Botan::X25519_PublicKey::algorithm_identifier(), Botan::X448_PublicKey::algorithm_identifier(), Botan::XMSS_PublicKey::algorithm_identifier(), estimated_strength(), and Botan::Public_Key::get_oid().

pkcs8_algorithm_identifier()

virtual AlgorithmIdentifier Botan::Private_Key::pkcs8_algorithm_identifier ( ) const

inlinevirtualinherited

Returns

PKCS #8 AlgorithmIdentifier for this key Might be different from the X.509 identifier, but normally is not

Reimplemented in Botan::GOST_3410_PrivateKey, and Botan::HSS_LMS_PrivateKey.

Definition at line 334 of file pk_keys.h.

{ return algorithm_identifier(); }

References Botan::Public_Key::algorithm_identifier().

Referenced by private_key_info().

private_key_bits()

secure_vector< uint8_t > Botan::XMSS_PrivateKey::private_key_bits ( ) const

overridevirtual

Returns

BER encoded private key bits

Implements Botan::Private_Key.

Definition at line 381 of file xmss_privatekey.cpp.

                                                               {
   return DER_Encoder().encode(raw_private_key(), ASN1_Type::OctetString).get_contents();
}

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents(), Botan::OctetString, and raw_private_key().

private_key_info()

secure_vector< uint8_t > Botan::Private_Key::private_key_info ( ) const

inherited

Returns

PKCS #8 private key encoding for this key object

Definition at line 75 of file pk_keys.cpp.

                                                           {
   const size_t PKCS8_VERSION = 0;
 
   return DER_Encoder()
      .start_sequence()
      .encode(PKCS8_VERSION)
      .encode(pkcs8_algorithm_identifier())
      .encode(private_key_bits(), ASN1_Type::OctetString)
      .end_cons()
      .get_contents();
}

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::OctetString, pkcs8_algorithm_identifier(), private_key_bits(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::PKCS8::BER_encode(), Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(), Botan::PKCS8::BER_encode_encrypted_pbkdf_msec(), Botan::PKCS8::PEM_encode(), and public_key().

public_key()

std::unique_ptr< Public_Key > Botan::XMSS_PrivateKey::public_key ( ) const

overridevirtual

Allocate a new object for the public key associated with this private key.

Returns

public key

Implements Botan::Private_Key.

Definition at line 413 of file xmss_privatekey.cpp.

                                                            {
   return std::make_unique<XMSS_PublicKey>(xmss_parameters().oid(), root(), public_seed());
}

References Botan::XMSS_PublicKey::public_seed(), Botan::XMSS_PublicKey::root(), and Botan::XMSS_PublicKey::xmss_parameters().

public_key_bits()

std::vector< uint8_t > Botan::XMSS_PublicKey::public_key_bits ( ) const

overridevirtualinherited

Returns the encoded public key as defined in RFC draft-vangeest-x509-hash-sigs-03.

Returns

encoded public key bits

Implements Botan::Public_Key.

Definition at line 189 of file xmss_publickey.cpp.

                                                         {
   std::vector<uint8_t> output;
   DER_Encoder(output).encode(raw_public_key_bits(), ASN1_Type::OctetString);
   return output;
}

References Botan::DER_Encoder::encode(), Botan::OctetString, and raw_public_key_bits().

public_seed()

const secure_vector< uint8_t > & Botan::XMSS_PublicKey::public_seed ( ) const

protectedinherited

Definition at line 134 of file xmss_publickey.cpp.

                                                                {
   return m_public_key->public_seed();
}

Referenced by Botan::XMSS_PrivateKey::public_key(), Botan::XMSS_PrivateKey::XMSS_PrivateKey(), XMSS_PublicKey(), XMSS_PublicKey(), and XMSS_Verification_Operation.

raw_private_key()

secure_vector< uint8_t > Botan::XMSS_PrivateKey::raw_private_key

(

)

const

Generates a non standardized byte sequence representing the XMSS private key.

Returns

byte sequence consisting of the following elements in order: 4-byte OID, n-byte root node, n-byte public seed, 4-byte unused leaf index, n-byte prf seed, n-byte private seed. At last 1-byte that encodes the WOTS+ key derivation method.

Definition at line 405 of file xmss_privatekey.cpp.

                                                              {
   return m_private->serialize(raw_public_key());
}

References Botan::XMSS_PublicKey::raw_public_key().

Referenced by private_key_bits().

raw_private_key_bits()

secure_vector< uint8_t > Botan::Private_Key::raw_private_key_bits ( ) const

virtualinherited

Returns

binary private key bits, with no additional encoding

Note: some algorithms (for example RSA) do not have an obvious encoding for this value due to having many different values, and thus not implement this function. The default implementation throws Not_Implemented

Reimplemented in Botan::Classic_McEliece_PrivateKey, Botan::DH_PrivateKey, Botan::Dilithium_PrivateKey, Botan::DSA_PrivateKey, Botan::EC_PrivateKey, Botan::Ed25519_PrivateKey, Botan::Ed448_PrivateKey, Botan::ElGamal_PrivateKey, Botan::FrodoKEM_PrivateKey, Botan::HSS_LMS_PrivateKey, Botan::KEX_to_KEM_Adapter_PrivateKey, Botan::Kyber_PrivateKey, Botan::SphincsPlus_PrivateKey, Botan::TPM2::PrivateKey, Botan::X25519_PrivateKey, and Botan::X448_PrivateKey.

Definition at line 87 of file pk_keys.cpp.

                                                               {
   throw Not_Implemented(algo_name() + " does not implement raw_private_key_bits");
}

References Botan::Asymmetric_Key::algo_name().

Referenced by private_key_bits().

raw_public_key()

std::vector< uint8_t > Botan::XMSS_PublicKey::raw_public_key ( ) const

inherited

Definition at line 195 of file xmss_publickey.cpp.

                                                        {
   return raw_public_key_bits();
}

References raw_public_key_bits().

Referenced by Botan::XMSS_PrivateKey::raw_private_key().

raw_public_key_bits()

std::vector< uint8_t > Botan::XMSS_PublicKey::raw_public_key_bits ( ) const

overridevirtualinherited

Generates a byte sequence representing the XMSS public key, as defined in [1] (p. 23, "XMSS Public Key")

Returns

4-byte OID, followed by n-byte root node, followed by public seed.

Implements Botan::Public_Key.

Definition at line 185 of file xmss_publickey.cpp.

                                                             {
   return m_public_key->raw_public_key_bits();
}

Referenced by public_key_bits(), and raw_public_key().

remaining_operations()

std::optional< uint64_t > Botan::XMSS_PrivateKey::remaining_operations ( ) const

overridevirtual

Retrieves the number of remaining operations if this is a stateful private key.

Returns

the number of remaining operations or std::nullopt if not applicable.

Reimplemented from Botan::Private_Key.

Definition at line 397 of file xmss_privatekey.cpp.

                                                                  {
   return m_private->remaining_signatures();
}

remaining_signatures()

size_t Botan::XMSS_PrivateKey::remaining_signatures

(

)

const

Retrieves the number of remaining signatures for this private key.

Definition at line 393 of file xmss_privatekey.cpp.

                                                   {
   return checked_cast_to<size_t>(m_private->remaining_signatures());
}

References Botan::checked_cast_to().

root()

const secure_vector< uint8_t > & Botan::XMSS_PublicKey::root ( ) const

protectedinherited

Definition at line 138 of file xmss_publickey.cpp.

                                                         {
   return m_public_key->root();
}

Referenced by Botan::XMSS_PrivateKey::public_key(), set_root(), Botan::XMSS_PrivateKey::XMSS_PrivateKey(), XMSS_PublicKey(), XMSS_PublicKey(), and XMSS_Verification_Operation.

set_root()

void Botan::XMSS_PublicKey::set_root ( secure_vector< uint8_t > root )

protectedinherited

Definition at line 146 of file xmss_publickey.cpp.

                                                         {
   m_public_key->set_root(std::move(root));
}

References root().

Referenced by Botan::XMSS_PrivateKey::XMSS_PrivateKey(), and XMSS_Verification_Operation.

stateful_operation()

bool Botan::XMSS_PrivateKey::stateful_operation ( ) const

inlineoverridevirtual

Indicates if this key is stateful, ie that performing a private key operation requires updating the key storage.

Reimplemented from Botan::Private_Key.

Definition at line 212 of file xmss.h.

{ return true; }

subject_public_key()

std::vector< uint8_t > Botan::Public_Key::subject_public_key ( ) const

inherited

Returns

X.509 subject key encoding for this key object

Definition at line 63 of file pk_keys.cpp.

                                                        {
   std::vector<uint8_t> output;
 
   DER_Encoder(output)
      .start_sequence()
      .encode(algorithm_identifier())
      .encode(public_key_bits(), ASN1_Type::BitString)
      .end_cons();
 
   return output;
}

References algorithm_identifier(), Botan::BitString, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), public_key_bits(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::X509::BER_encode(), Botan::PKCS10_Request::create(), fingerprint_public(), Botan::X509::PEM_encode(), and public_key_bits().

supports_operation()

bool Botan::XMSS_PublicKey::supports_operation ( PublicKeyOperation op ) const

inlineoverridevirtualinherited

Return true if this key could be used for the specified type of operation.

Implements Botan::Asymmetric_Key.

Definition at line 104 of file xmss.h.

{ return (op == PublicKeyOperation::Signature); }

References Botan::Signature, and supports_operation().

Referenced by supports_operation().

unused_leaf_index()

size_t Botan::XMSS_PrivateKey::unused_leaf_index

(

)

const

Retrieves the last unused leaf index of the private key. Reusing a leaf by utilizing leaf indices lower than the last unused leaf index will compromise security.

Returns

Index of the last unused leaf.

Definition at line 389 of file xmss_privatekey.cpp.

                                                {
   return m_private->unused_leaf_index();
}

wots_derivation_method()

WOTS_Derivation_Method Botan::XMSS_PrivateKey::wots_derivation_method

(

)

const

Definition at line 409 of file xmss_privatekey.cpp.

                                                                     {
   return m_private->wots_derivation_method();
}

Referenced by XMSS_PrivateKey(), and XMSS_PrivateKey().

xmss_parameters()

const XMSS_Parameters & Botan::XMSS_PublicKey::xmss_parameters ( ) const

protectedinherited

Definition at line 142 of file xmss_publickey.cpp.

                                                             {
   return m_public_key->xmss_parameters();
}

Referenced by estimated_strength(), generate_another(), key_length(), Botan::XMSS_PrivateKey::public_key(), Botan::XMSS_PrivateKey::XMSS_PrivateKey(), Botan::XMSS_PrivateKey::XMSS_PrivateKey(), Botan::XMSS_PrivateKey::XMSS_PrivateKey(), and XMSS_Verification_Operation.

Friends And Related Symbol Documentation

XMSS_Signature_Operation

friend class XMSS_Signature_Operation

friend

Definition at line 252 of file xmss.h.

References BOTAN_DIAGNOSTIC_POP, and XMSS_Signature_Operation.

Referenced by XMSS_Signature_Operation.

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/xmss/xmss.h
• src/lib/pubkey/xmss/xmss_privatekey.cpp