Botan 3.12.0
Crypto and TLS for C&
Public Member Functions | Protected Attributes | List of all members
Botan::XMSS_WOTS_PrivateKey Class Reference

#include <xmss_wots.h>

Inheritance diagram for Botan::XMSS_WOTS_PrivateKey:
Botan::XMSS_WOTS_Base

Public Member Functions

const wots_keysig_tkey_data () const
wots_keysig_t sign (const secure_vector< uint8_t > &msg, std::span< const uint8_t > public_seed, XMSS_Address adrs, XMSS_Hash &hash)
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters params, std::span< const uint8_t > private_seed, XMSS_Address adrs, XMSS_Hash &hash)
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters params, std::span< const uint8_t > public_seed, std::span< const uint8_t > private_seed, XMSS_Address adrs, XMSS_Hash &hash)

Protected Attributes

wots_keysig_t m_key_data
XMSS_WOTS_Parameters m_params

Detailed Description

A Winternitz One Time Signature private key for use with Extended Hash-Based Signatures.

Definition at line 91 of file xmss_wots.h.

Constructor & Destructor Documentation

◆ XMSS_WOTS_PrivateKey() [1/2]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters params,
std::span< const uint8_t > public_seed,
std::span< const uint8_t > private_seed,
XMSS_Address adrs,
XMSS_Hash & hash )

Algorithm 3: "Generating a WOTS+ Private Key". Generates a private key.

Note that this is implemented according to the recommendations in NIST SP.800-208 Section 6.2 to avoid a multi-target attack vulnerability. This does not influence the sign/verify interoperability with implementations that do not implement this recommendation.

This overload is used in multithreaded scenarios, where it is required to provide separate instances of XMSS_Hash to each thread.

Parameters
paramsThe WOTS parameters to use
public_seedThe public seed for the private key generation
private_seedThe private seed for the private key generation
adrsThe address of the key to retrieve.
HashesInstance of XMSS_Hash, that may only be used by the thread executing at.

Definition at line 171 of file xmss_wots.cpp.

175 :
176 XMSS_WOTS_Base(params) {
177 m_key_data.resize(m_params.len());
178 for(size_t i = 0; i < m_params.len(); ++i) {
179 adrs.set_chain_address(static_cast<uint32_t>(i));
180 const auto data = concat<std::vector<uint8_t>>(public_seed, adrs.bytes());
181 hash.prf_keygen(m_key_data[i], private_seed, data);
182 }
183}
Botan::XMSS_WOTS_Base::XMSS_WOTS_Base
XMSS_WOTS_Base(XMSS_WOTS_Parameters params)
Definition xmss_wots.h:26
Botan::XMSS_WOTS_Base::m_key_data
wots_keysig_t m_key_data
Definition xmss_wots.h:35
Botan::XMSS_WOTS_Base::m_params
XMSS_WOTS_Parameters m_params
Definition xmss_wots.h:34
Botan::concat
constexpr auto concat(Rs &&... ranges)
Definition concat_util.h:90

References Botan::XMSS_WOTS_Base::m_key_data, Botan::XMSS_WOTS_Base::m_params, and Botan::XMSS_WOTS_Base::XMSS_WOTS_Base().

◆ XMSS_WOTS_PrivateKey() [2/2]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters params,
std::span< const uint8_t > private_seed,
XMSS_Address adrs,
XMSS_Hash & hash )

Constructor for the old derivation logic. Creates a WOTS+ private key using the old key derivation logic, i.e. the logic WITHOUT the recommendations in NIST SP.800-208. It is used to support XMSS_PrivateKeys created before the derivation logic was updated.

Parameters
paramsThe WOTS parameters to use
private_seedThe private seed for the private key generation
adrsThe address of the key to retrieve.
HashesInstance of XMSS_Hash, that may only be used by the thread executing it.

Definition at line 186 of file xmss_wots.cpp.

189 :
190 XMSS_WOTS_Base(params) {
191 m_key_data.resize(m_params.len());
192
193 secure_vector<uint8_t> r;
194 hash.prf(r, private_seed, adrs.bytes());
195
196 for(size_t i = 0; i < m_params.len(); ++i) {
197 xmss_concat<size_t>(m_key_data[i], i, 32);
198 hash.prf(m_key_data[i], r, m_key_data[i]);
199 }
200}
Botan::xmss_concat
void xmss_concat(secure_vector< uint8_t > &target, const T &src)
Definition xmss_tools.h:28
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:68

References Botan::XMSS_Address::bytes(), Botan::XMSS_WOTS_Base::m_key_data, Botan::XMSS_WOTS_Base::m_params, Botan::XMSS_Hash::prf(), and Botan::XMSS_WOTS_Base::XMSS_WOTS_Base().

Member Function Documentation

◆ key_data()

const wots_keysig_t & Botan::XMSS_WOTS_Base::key_data ( ) const
inlineinherited

Definition at line 31 of file xmss_wots.h.

31{ return m_key_data; }

References m_key_data.

Referenced by Botan::XMSS_WOTS_PrivateKey::sign(), XMSS_WOTS_Base(), and Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey().

◆ sign()

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::sign ( const secure_vector< uint8_t > & msg,
std::span< const uint8_t > public_seed,
XMSS_Address adrs,
XMSS_Hash & hash )

Algorithm 5: "WOTS_sign" Generates a signature from a private key and a message.

This overload is used in multithreaded scenarios, where it is required to provide separate instances of XMSS_Hash to each thread.

Parameters
msgA message to sign.
public_seedThe public seed to use for the signature
adrsAn OTS hash address identifying the WOTS+ key pair used for signing.
HashesInstance of XMSS_Hash, that may only be used by the thread executing sign.
Returns
signature for msg.

Definition at line 156 of file xmss_wots.cpp.

159 {
160 const secure_vector<uint8_t> msg_digest = base_w_with_checksum(m_params, msg);
161 auto sig = this->key_data();
162
163 for(size_t i = 0; i < m_params.len(); i++) {
164 adrs.set_chain_address(static_cast<uint32_t>(i));
165 chain(m_params, sig[i], 0, msg_digest[i], adrs, public_seed, hash);
166 }
167
168 return sig;
169}
Botan::XMSS_WOTS_Base::key_data
const wots_keysig_t & key_data() const
Definition xmss_wots.h:31

References Botan::XMSS_WOTS_Base::key_data(), Botan::XMSS_WOTS_Base::m_params, and Botan::XMSS_Address::set_chain_address().

Member Data Documentation

◆ m_key_data

wots_keysig_t Botan::XMSS_WOTS_Base::m_key_data
protectedinherited

Definition at line 35 of file xmss_wots.h.

Referenced by key_data(), XMSS_WOTS_Base(), Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey(), and Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey().

◆ m_params

XMSS_WOTS_Parameters Botan::XMSS_WOTS_Base::m_params
protectedinherited

Definition at line 34 of file xmss_wots.h.

Referenced by Botan::XMSS_WOTS_PrivateKey::sign(), XMSS_WOTS_Base(), XMSS_WOTS_Base(), Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey(), Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey(), and Botan::XMSS_WOTS_PublicKey::XMSS_WOTS_PublicKey().

The documentation for this class was generated from the following files:
Generated by doxygen 1.16.1