9#include <botan/hss_lms.h>
12#include <botan/internal/hss.h>
13#include <botan/internal/pk_ops_impl.h>
31 return 8 *
m_public->lms_pub_key().lms_params().m() - 1;
39 return m_public->algorithm_identifier();
43 return m_public->object_identifier();
63 HSS_LMS_Verification_Operation(std::shared_ptr<HSS_LMS_PublicKeyInternal> pub_key) :
64 m_public(std::move(pub_key)) {}
66 void update(
const uint8_t msg[],
size_t msg_len)
override {
67 m_msg_buffer.insert(m_msg_buffer.end(), msg, msg + msg_len);
70 bool is_valid_signature(
const uint8_t* sig,
size_t sig_len)
override {
71 std::vector<uint8_t> message_to_verify = std::exchange(m_msg_buffer, {});
74 return m_public->verify_signature(message_to_verify, signature);
75 }
catch(
const Decoding_Error&) {
81 std::string hash_function()
const override {
return m_public->lms_pub_key().lms_params().hash_name(); }
84 std::shared_ptr<HSS_LMS_PublicKeyInternal> m_public;
85 std::vector<uint8_t> m_msg_buffer;
89 std::string_view provider)
const {
90 if(provider.empty() || provider ==
"base") {
91 return std::make_unique<HSS_LMS_Verification_Operation>(
m_public);
98 if(provider.empty() || provider ==
"base") {
100 throw Decoding_Error(
"Unexpected AlgorithmIdentifier for HSS-LMS signature");
102 return std::make_unique<HSS_LMS_Verification_Operation>(
m_public);
114 throw Not_Implemented(
"Cannot generate a new HSS/LMS keypair from a public key");
124 m_private = std::make_shared<HSS_LMS_PrivateKeyInternal>(hss_params, rng);
135 return m_private->to_bytes();
143 return std::make_unique<HSS_LMS_PublicKey>(*
this);
154 return (m_private->hss_params().max_sig_count() - m_private->get_idx()).get();
159 return std::unique_ptr<HSS_LMS_PrivateKey>(
160 new HSS_LMS_PrivateKey(std::make_shared<HSS_LMS_PrivateKeyInternal>(m_private->hss_params(), rng)));
165 HSS_LMS_Signature_Operation(std::shared_ptr<HSS_LMS_PrivateKeyInternal> private_key,
166 std::shared_ptr<HSS_LMS_PublicKeyInternal> public_key) :
167 m_private(std::move(private_key)), m_public(std::move(public_key)) {}
169 void update(
const uint8_t msg[],
size_t msg_len)
override {
170 m_msg_buffer.insert(m_msg_buffer.end(), msg, msg + msg_len);
174 std::vector<uint8_t> message_to_sign = std::exchange(m_msg_buffer, {});
175 return m_private->sign(message_to_sign);
178 size_t signature_length()
const override {
return m_private->signature_size(); }
180 AlgorithmIdentifier algorithm_identifier()
const override {
return m_public->algorithm_identifier(); }
182 std::string hash_function()
const override {
return m_public->lms_pub_key().lms_params().hash_name(); }
185 std::shared_ptr<HSS_LMS_PrivateKeyInternal> m_private;
186 std::shared_ptr<HSS_LMS_PublicKeyInternal> m_public;
187 std::vector<uint8_t> m_msg_buffer;
191 std::string_view params,
192 std::string_view provider)
const {
194 BOTAN_ARG_CHECK(params.empty(),
"Unexpected parameters for signing with HSS-LMS");
196 if(provider.empty() || provider ==
"base") {
197 return std::make_unique<HSS_LMS_Signature_Operation>(m_private,
m_public);
#define BOTAN_ARG_CHECK(expr, msg)
static std::shared_ptr< HSS_LMS_PrivateKeyInternal > from_bytes_or_throw(std::span< const uint8_t > key_bytes)
Parse a private HSS-LMS key.
std::unique_ptr< Public_Key > public_key() const override
AlgorithmIdentifier pkcs8_algorithm_identifier() const override
std::unique_ptr< Private_Key > generate_another(RandomNumberGenerator &rng) const override
secure_vector< uint8_t > raw_private_key_bits() const override
std::optional< uint64_t > remaining_operations() const override
HSS_LMS_PrivateKey(std::span< const uint8_t > private_key_bytes)
Load an existing LMS private key using its bytes.
~HSS_LMS_PrivateKey() override
secure_vector< uint8_t > private_key_bits() const override
std::unique_ptr< PK_Ops::Signature > create_signature_op(RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
The internal HSS-LMS public key.
static HSS_LMS_PublicKeyInternal create(const HSS_LMS_PrivateKeyInternal &hss_sk)
Create the public HSS-LMS key from its private key.
std::unique_ptr< PK_Ops::Verification > create_verification_op(std::string_view params, std::string_view provider) const override
std::unique_ptr< Private_Key > generate_another(RandomNumberGenerator &rng) const override
size_t key_length() const override
~HSS_LMS_PublicKey() override
bool supports_operation(PublicKeyOperation op) const override
std::vector< uint8_t > raw_public_key_bits() const override
HSS_LMS_PublicKey()=default
std::string algo_name() const override
OID object_identifier() const override
size_t estimated_strength() const override
std::unique_ptr< PK_Ops::Verification > create_x509_verification_op(const AlgorithmIdentifier &signature_algorithm, std::string_view provider) const override
bool check_key(RandomNumberGenerator &rng, bool strong) const override
std::vector< uint8_t > public_key_bits() const override
std::shared_ptr< HSS_LMS_PublicKeyInternal > m_public
AlgorithmIdentifier algorithm_identifier() const override
static HSS_Signature from_bytes_or_throw(std::span< const uint8_t > sig_bytes)
Parse a HSS-LMS signature.
static OID from_string(std::string_view str)
int(* update)(CTX *, const void *, CC_LONG len)
int(* final)(unsigned char *, CTX *)
std::vector< T, secure_allocator< T > > secure_vector