Botan 3.9.0
Crypto and TLS for C&
Public Member Functions | Protected Attributes | List of all members
Botan::XMSS_WOTS_PrivateKey Class Reference

#include <xmss_wots.h>

Inheritance diagram for Botan::XMSS_WOTS_PrivateKey:
Botan::XMSS_WOTS_Base

Public Member Functions

const wots_keysig_tkey_data () const
wots_keysig_t sign (const secure_vector< uint8_t > &msg, std::span< const uint8_t > public_seed, XMSS_Address &adrs, XMSS_Hash &hash)
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters params, std::span< const uint8_t > private_seed, XMSS_Address adrs, XMSS_Hash &hash)
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters params, std::span< const uint8_t > public_seed, std::span< const uint8_t > private_seed, XMSS_Address adrs, XMSS_Hash &hash)

Protected Attributes

wots_keysig_t m_key_data
XMSS_WOTS_Parameters m_params

Detailed Description

A Winternitz One Time Signature private key for use with Extended Hash-Based Signatures.

Definition at line 98 of file xmss_wots.h.

Constructor & Destructor Documentation

◆ XMSS_WOTS_PrivateKey() [1/2]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters params,
std::span< const uint8_t > public_seed,
std::span< const uint8_t > private_seed,
XMSS_Address adrs,
XMSS_Hash & hash )

Algorithm 3: "Generating a WOTS+ Private Key". Generates a private key.

Note that this is implemented according to the recommendations in NIST SP.800-208 Section 6.2 to avoid a multi-target attack vulnerability. This does not influence the sign/verify interoperability with implementations that do not implement this recommendation.

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
paramsThe WOTS parameters to use
public_seedThe public seed for the private key generation
private_seedThe private seed for the private key generation
adrsThe address of the key to retrieve.
hashInstance of XMSS_Hash, that may only be used by the thread executing at.

Definition at line 132 of file xmss_wots.cpp.

136 :
137 XMSS_WOTS_Base(std::move(params)) {
138 m_key_data.resize(m_params.len());
139 for(size_t i = 0; i < m_params.len(); ++i) {
140 adrs.set_chain_address(static_cast<uint32_t>(i));
141 const auto data = concat<std::vector<uint8_t>>(public_seed, adrs.bytes());
142 hash.prf_keygen(m_key_data[i], private_seed, data);
143 }
144}
Botan::XMSS_WOTS_Base::XMSS_WOTS_Base
XMSS_WOTS_Base(XMSS_WOTS_Parameters params)
Definition xmss_wots.h:33
Botan::XMSS_WOTS_Base::m_key_data
wots_keysig_t m_key_data
Definition xmss_wots.h:42
Botan::XMSS_WOTS_Base::m_params
XMSS_WOTS_Parameters m_params
Definition xmss_wots.h:41
Botan::concat
constexpr auto concat(Rs &&... ranges)
Definition stl_util.h:255

References Botan::XMSS_WOTS_Base::m_key_data, Botan::XMSS_WOTS_Base::m_params, and Botan::XMSS_WOTS_Base::XMSS_WOTS_Base().

◆ XMSS_WOTS_PrivateKey() [2/2]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters params,
std::span< const uint8_t > private_seed,
XMSS_Address adrs,
XMSS_Hash & hash )

Constructor for the old derivation logic. Creates a WOTS+ private key using the old key derivation logic, i.e. the logic WITHOUT the recommendations in NIST SP.800-208. It is used to support XMSS_PrivateKeys created before the derivation logic was updated.

Parameters
paramsThe WOTS parameters to use
private_seedThe private seed for the private key generation
adrsThe address of the key to retrieve.
hashInstance of XMSS_Hash, that may only be used by the thread executing it.

Definition at line 147 of file xmss_wots.cpp.

150 :
151 XMSS_WOTS_Base(std::move(params)) {
152 m_key_data.resize(m_params.len());
153
154 secure_vector<uint8_t> r;
155 hash.prf(r, private_seed, adrs.bytes());
156
157 for(size_t i = 0; i < m_params.len(); ++i) {
158 xmss_concat<size_t>(m_key_data[i], i, 32);
159 hash.prf(m_key_data[i], r, m_key_data[i]);
160 }
161}
Botan::xmss_concat
void xmss_concat(secure_vector< uint8_t > &target, const T &src)
Definition xmss_tools.h:28
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69

References Botan::XMSS_Address::bytes(), Botan::XMSS_WOTS_Base::m_key_data, Botan::XMSS_WOTS_Base::m_params, Botan::XMSS_Hash::prf(), and Botan::XMSS_WOTS_Base::XMSS_WOTS_Base().

Member Function Documentation

◆ key_data()

const wots_keysig_t & Botan::XMSS_WOTS_Base::key_data ( ) const
inlineinherited

Definition at line 38 of file xmss_wots.h.

38{ return m_key_data; }

References m_key_data.

Referenced by Botan::XMSS_WOTS_PrivateKey::sign(), XMSS_WOTS_Base(), and Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey().

◆ sign()

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::sign ( const secure_vector< uint8_t > & msg,
std::span< const uint8_t > public_seed,
XMSS_Address & adrs,
XMSS_Hash & hash )

Algorithm 5: "WOTS_sign" Generates a signature from a private key and a message.

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
msgA message to sign.
public_seedThe public seed to use for the signature
adrsAn OTS hash address identifying the WOTS+ key pair used for signing.
hashInstance of XMSS_Hash, that may only be used by the thread executing sign.
Returns
signature for msg.

Definition at line 115 of file xmss_wots.cpp.

118 {
119 secure_vector<uint8_t> msg_digest{m_params.base_w(msg, m_params.len_1())};
120
121 m_params.append_checksum(msg_digest);
122 auto sig = this->key_data();
123
124 for(size_t i = 0; i < m_params.len(); i++) {
125 adrs.set_chain_address(static_cast<uint32_t>(i));
126 chain(m_params, sig[i], 0, msg_digest[i], adrs, public_seed, hash);
127 }
128
129 return sig;
130}
Botan::XMSS_WOTS_Base::key_data
const wots_keysig_t & key_data() const
Definition xmss_wots.h:38

References Botan::XMSS_WOTS_Base::key_data(), Botan::XMSS_WOTS_Base::m_params, and Botan::XMSS_Address::set_chain_address().

Member Data Documentation

◆ m_key_data

wots_keysig_t Botan::XMSS_WOTS_Base::m_key_data
protectedinherited

Definition at line 42 of file xmss_wots.h.

Referenced by key_data(), XMSS_WOTS_Base(), Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey(), and Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey().

◆ m_params

XMSS_WOTS_Parameters Botan::XMSS_WOTS_Base::m_params
protectedinherited

Definition at line 41 of file xmss_wots.h.

Referenced by Botan::XMSS_WOTS_PrivateKey::sign(), XMSS_WOTS_Base(), XMSS_WOTS_Base(), Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey(), and Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey().

The documentation for this class was generated from the following files:
Generated by doxygen 1.14.0