Botan 3.4.0
Crypto and TLS for C&
Public Member Functions | Protected Attributes | List of all members
Botan::XMSS_WOTS_PrivateKey Class Reference

#include <xmss_wots.h>

Inheritance diagram for Botan::XMSS_WOTS_PrivateKey:
Botan::XMSS_WOTS_Base

Public Member Functions

const wots_keysig_tkey_data () const
 
wots_keysig_t sign (const secure_vector< uint8_t > &msg, std::span< const uint8_t > public_seed, XMSS_Address &adrs, XMSS_Hash &hash)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters params, std::span< const uint8_t > private_seed, XMSS_Address adrs, XMSS_Hash &hash)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters params, std::span< const uint8_t > public_seed, std::span< const uint8_t > private_seed, XMSS_Address adrs, XMSS_Hash &hash)
 

Protected Attributes

wots_keysig_t m_key_data
 
XMSS_WOTS_Parameters m_params
 

Detailed Description

A Winternitz One Time Signature private key for use with Extended Hash-Based Signatures.

Definition at line 98 of file xmss_wots.h.

Constructor & Destructor Documentation

◆ XMSS_WOTS_PrivateKey() [1/2]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters params,
std::span< const uint8_t > public_seed,
std::span< const uint8_t > private_seed,
XMSS_Address adrs,
XMSS_Hash & hash )

Algorithm 3: "Generating a WOTS+ Private Key". Generates a private key.

Note that this is implemented according to the recommendations in NIST SP.800-208 Section 6.2 to avoid a multi-target attack vulnerability. This does not influence the sign/verify interoperability with implementations that do not implement this recommendation.

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
paramsThe WOTS parameters to use
public_seedThe public seed for the private key generation
private_seedThe private seed for the private key generation
adrsThe address of the key to retrieve.
hashInstance of XMSS_Hash, that may only be used by the thread executing at.

Definition at line 131 of file xmss_wots.cpp.

135 :
136 XMSS_WOTS_Base(std::move(params)) {
137 m_key_data.resize(m_params.len());
138 for(size_t i = 0; i < m_params.len(); ++i) {
139 adrs.set_chain_address(static_cast<uint32_t>(i));
140 const auto data = concat_as<std::vector<uint8_t>>(public_seed, adrs.bytes());
141 hash.prf_keygen(m_key_data[i], private_seed, data);
142 }
143}
Botan::XMSS_WOTS_Base::XMSS_WOTS_Base
XMSS_WOTS_Base(XMSS_WOTS_Parameters params)
Definition xmss_wots.h:33
Botan::XMSS_WOTS_Base::m_key_data
wots_keysig_t m_key_data
Definition xmss_wots.h:42
Botan::XMSS_WOTS_Base::m_params
XMSS_WOTS_Parameters m_params
Definition xmss_wots.h:41
Botan::XMSS_WOTS_Parameters::len
size_t len() const
Definition xmss_parameters.h:90

References Botan::XMSS_Address::bytes(), Botan::XMSS_WOTS_Parameters::len(), Botan::XMSS_WOTS_Base::m_key_data, Botan::XMSS_WOTS_Base::m_params, Botan::XMSS_Hash::prf_keygen(), and Botan::XMSS_Address::set_chain_address().

◆ XMSS_WOTS_PrivateKey() [2/2]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters params,
std::span< const uint8_t > private_seed,
XMSS_Address adrs,
XMSS_Hash & hash )

Constructor for the old derivation logic. Creates a WOTS+ private key using the old key derivation logic, i.e. the logic WITHOUT the recommendations in NIST SP.800-208. It is used to support XMSS_PrivateKeys created before the derivation logic was updated.

Parameters
paramsThe WOTS parameters to use
private_seedThe private seed for the private key generation
adrsThe address of the key to retrieve.
hashInstance of XMSS_Hash, that may only be used by the thread executing it.

Definition at line 146 of file xmss_wots.cpp.

149 :
150 XMSS_WOTS_Base(std::move(params)) {
151 m_key_data.resize(m_params.len());
152
153 secure_vector<uint8_t> r;
154 hash.prf(r, private_seed, adrs.bytes());
155
156 for(size_t i = 0; i < m_params.len(); ++i) {
157 XMSS_Tools::concat<size_t>(m_key_data[i], i, 32);
158 hash.prf(m_key_data[i], r, m_key_data[i]);
159 }
160}

References Botan::XMSS_Address::bytes(), Botan::XMSS_WOTS_Parameters::len(), Botan::XMSS_WOTS_Base::m_key_data, Botan::XMSS_WOTS_Base::m_params, and Botan::XMSS_Hash::prf().

Member Function Documentation

◆ key_data()

const wots_keysig_t & Botan::XMSS_WOTS_Base::key_data ( ) const
inlineinherited

Definition at line 38 of file xmss_wots.h.

38{ return m_key_data; }

References Botan::XMSS_WOTS_Base::m_key_data.

Referenced by sign().

◆ sign()

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::sign ( const secure_vector< uint8_t > & msg,
std::span< const uint8_t > public_seed,
XMSS_Address & adrs,
XMSS_Hash & hash )

Algorithm 5: "WOTS_sign" Generates a signature from a private key and a message.

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
msgA message to sign.
public_seedThe public seed to use for the signature
adrsAn OTS hash address identifying the WOTS+ key pair used for signing.
hashInstance of XMSS_Hash, that may only be used by the thread executing sign.
Returns
signature for msg.

Definition at line 114 of file xmss_wots.cpp.

117 {
118 secure_vector<uint8_t> msg_digest{m_params.base_w(msg, m_params.len_1())};
119
120 m_params.append_checksum(msg_digest);
121 auto sig = this->key_data();
122
123 for(size_t i = 0; i < m_params.len(); i++) {
124 adrs.set_chain_address(static_cast<uint32_t>(i));
125 chain(m_params, sig[i], 0, msg_digest[i], adrs, public_seed, hash);
126 }
127
128 return sig;
129}
Botan::XMSS_WOTS_Base::key_data
const wots_keysig_t & key_data() const
Definition xmss_wots.h:38
Botan::XMSS_WOTS_Parameters::len_1
size_t len_1() const
Definition xmss_parameters.h:92
Botan::XMSS_WOTS_Parameters::base_w
secure_vector< uint8_t > base_w(const secure_vector< uint8_t > &msg, size_t out_size) const
Definition xmss_wots_parameters.cpp:123
Botan::XMSS_WOTS_Parameters::append_checksum
void append_checksum(secure_vector< uint8_t > &data) const
Definition xmss_wots_parameters.cpp:151

References Botan::XMSS_WOTS_Parameters::append_checksum(), Botan::XMSS_WOTS_Parameters::base_w(), Botan::XMSS_WOTS_Base::key_data(), Botan::XMSS_WOTS_Parameters::len(), Botan::XMSS_WOTS_Parameters::len_1(), Botan::XMSS_WOTS_Base::m_params, and Botan::XMSS_Address::set_chain_address().

Member Data Documentation

◆ m_key_data

wots_keysig_t Botan::XMSS_WOTS_Base::m_key_data
protectedinherited

Definition at line 42 of file xmss_wots.h.

Referenced by Botan::XMSS_WOTS_Base::key_data(), XMSS_WOTS_PrivateKey(), XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey(), and Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey().

◆ m_params

XMSS_WOTS_Parameters Botan::XMSS_WOTS_Base::m_params
protectedinherited

Definition at line 41 of file xmss_wots.h.

Referenced by sign(), XMSS_WOTS_PrivateKey(), XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey(), and Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey().

The documentation for this class was generated from the following files:
Generated by doxygen 1.10.0