Botan 3.11.0
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::XMSS_Signature_Operation Class Referencefinal

#include <xmss_signature_operation.h>

Inheritance diagram for Botan::XMSS_Signature_Operation:
Botan::PK_Ops::Signature

Public Member Functions

AlgorithmIdentifier algorithm_identifier () const override
std::string hash_function () const override
std::vector< uint8_t > sign (RandomNumberGenerator &rng) override
size_t signature_length () const override
void update (std::span< const uint8_t > input) override
 XMSS_Signature_Operation (const XMSS_PrivateKey &private_key)

Detailed Description

Signature generation operation for Extended Hash-Based Signatures (XMSS) as defined in:

[1] XMSS: Extended Hash-Based Signatures, Request for Comments: 8391 Release: May 2018. https://datatracker.ietf.org/doc/rfc8391/

Definition at line 29 of file xmss_signature_operation.h.

Constructor & Destructor Documentation

◆ XMSS_Signature_Operation()

Botan::XMSS_Signature_Operation::XMSS_Signature_Operation ( const XMSS_PrivateKey & private_key)
explicit

Definition at line 23 of file xmss_signature_operation.cpp.

23 :
24 m_priv_key(private_key),
25 m_hash(private_key.xmss_parameters()),
26 m_randomness(0),
27 m_leaf_idx(0),
28 m_is_initialized(false) {}

Member Function Documentation

◆ algorithm_identifier()

AlgorithmIdentifier Botan::XMSS_Signature_Operation::algorithm_identifier ( ) const
overridevirtual

Return an algorithm identifier associated with this signature scheme.

Default implementation throws an exception

Reimplemented from Botan::PK_Ops::Signature.

Definition at line 90 of file xmss_signature_operation.cpp.

90 {
91 return AlgorithmIdentifier(OID::from_string("XMSS"), AlgorithmIdentifier::USE_EMPTY_PARAM);
92}
Botan::OID::from_string
static OID from_string(std::string_view str)
Definition asn1_oid.cpp:86

References Botan::OID::from_string(), and Botan::AlgorithmIdentifier::USE_EMPTY_PARAM.

◆ hash_function()

std::string Botan::XMSS_Signature_Operation::hash_function ( ) const
inlineoverridevirtual

Return the hash function being used by this signer

Implements Botan::PK_Ops::Signature.

Definition at line 47 of file xmss_signature_operation.h.

47{ return m_hash.hash_function(); }

◆ sign()

std::vector< uint8_t > Botan::XMSS_Signature_Operation::sign ( RandomNumberGenerator & rng)
overridevirtual

Creates an XMSS signature for the message provided through call to update().

Returns
serialized XMSS signature.

Implements Botan::PK_Ops::Signature.

Definition at line 41 of file xmss_signature_operation.cpp.

41 {
42 initialize();
43
44 const auto msg_hash = m_hash.h_msg_final();
45
46 const auto& params = m_priv_key.xmss_parameters();
47 wots_keysig_t auth_path(params.tree_height());
48
49 XMSS_Address adrs;
50 adrs.set_type(XMSS_Address::Type::Hash_Tree_Address);
51
52 for(size_t j = 0; j < params.tree_height(); j++) {
53 const size_t k = (m_leaf_idx / (static_cast<size_t>(1) << j)) ^ 0x01;
54 auth_path[j] = m_priv_key.tree_hash(k * (static_cast<size_t>(1) << j), j, adrs, m_hash);
55 }
56
57 adrs.set_type(XMSS_Address::Type::OTS_Hash_Address);
58 adrs.set_ots_address(m_leaf_idx);
59
60 XMSS_Signature::TreeSignature tree_sig;
61 tree_sig.authentication_path = auth_path;
62 tree_sig.ots_signature =
63 m_priv_key.wots_private_key_for(adrs, m_hash).sign(msg_hash, m_priv_key.public_seed(), adrs, m_hash);
64
65 const XMSS_Signature sig(m_leaf_idx, m_randomness, tree_sig);
66 m_is_initialized = false;
67 return sig.bytes();
68}
Botan::XMSS_Address::Type::OTS_Hash_Address
@ OTS_Hash_Address
Definition xmss_address.h:31
Botan::XMSS_Address::Type::Hash_Tree_Address
@ Hash_Tree_Address
Definition xmss_address.h:31
Botan::wots_keysig_t
std::vector< secure_vector< uint8_t > > wots_keysig_t
Definition xmss_common_ops.h:20

References Botan::XMSS_Signature::TreeSignature::authentication_path, Botan::XMSS_Signature::bytes(), Botan::XMSS_Address::Hash_Tree_Address, Botan::XMSS_Address::OTS_Hash_Address, Botan::XMSS_Signature::TreeSignature::ots_signature, Botan::XMSS_Address::set_ots_address(), and Botan::XMSS_Address::set_type().

◆ signature_length()

size_t Botan::XMSS_Signature_Operation::signature_length ( ) const
overridevirtual

Return an upper bound on the length of the output signature

Implements Botan::PK_Ops::Signature.

Definition at line 30 of file xmss_signature_operation.cpp.

30 {
31 const auto& params = m_priv_key.xmss_parameters();
32 return sizeof(uint64_t) + // size of leaf index
33 params.element_size() + params.len() * params.element_size() + params.tree_height() * params.element_size();
34}

◆ update()

void Botan::XMSS_Signature_Operation::update ( std::span< const uint8_t > input)
overridevirtual

Add more data to the message currently being signed

Parameters
inputthe input to be hashed/signed

Implements Botan::PK_Ops::Signature.

Definition at line 36 of file xmss_signature_operation.cpp.

36 {
37 initialize();
38 m_hash.h_msg_update(input);
39}
The documentation for this class was generated from the following files:
Generated by doxygen 1.15.0