Botan 3.7.1
Crypto and TLS for C&
sp_wots.h
Go to the documentation of this file.
1/*
2 * SLH-DSA's WOTS+ - Winternitz One Time Signature Plus Scheme (FIPS 205, Section 5)
3 * (C) 2023 Jack Lloyd
4 * 2023 Fabian Albert, René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity
5 *
6 * Parts of this file have been adapted from https://github.com/sphincs/sphincsplus
7 *
8 * Botan is released under the Simplified BSD License (see license.txt)
9 **/
10
11#ifndef BOTAN_SP_WOTS_H_
12#define BOTAN_SP_WOTS_H_
13
14#include <botan/internal/sp_types.h>
15#include <optional>
16
17namespace Botan {
18
19class Sphincs_Address;
20class Sphincs_Hash_Functions;
21class Sphincs_Parameters;
22
23/**
24 * @brief FIPS 205, Algorithm 6 and 7: wots_pkGen and wots_sign
25 *
26 * Implements a domain specific wrapper for the one-time signature scheme WOTS+
27 * (Winternitz OTS). It is meant to be used inside SLH-DSA and does not aim to
28 * be applicable for other use cases. If this function is not used in a signing
29 * operation (i.e. @p sign_leaf_idx is not set), @p wots_steps may be empty.
30 */
31BOTAN_TEST_API void wots_sign_and_pkgen(StrongSpan<WotsSignature> sig_out,
32 StrongSpan<SphincsTreeNode> leaf_out,
33 const SphincsSecretSeed& secret_seed,
34 TreeNodeIndex leaf_idx,
35 std::optional<TreeNodeIndex> sign_leaf_idx,
36 const std::vector<WotsHashIndex>& wots_steps,
37 Sphincs_Address& leaf_addr,
38 Sphincs_Address& pk_addr,
39 const Sphincs_Parameters& params,
40 Sphincs_Hash_Functions& hashes);
41
42/**
43 * @brief FIPS 205, Algorithm 8: wots_pkFromSig
44 *
45 * Reconstructs the WOTS public key from a given WOTS @p signature and
46 * @p message. This is tailored for the use case in the SLH-DSA implementation
47 * and is not meant for general usability in non SLH-DSA algorithms.
48 */
49BOTAN_TEST_API WotsPublicKey wots_public_key_from_signature(const SphincsTreeNode& hashed_message,
50 StrongSpan<const WotsSignature> signature,
51 Sphincs_Address& address,
52 const Sphincs_Parameters& params,
53 Sphincs_Hash_Functions& hashes);
54
55/**
56 * Given a @p msg construct the lengths (amount of hashes for signature) for each WOTS+ chain, including the checksum.
57 *
58 * Corresponds to FIPS 205, Algorithm 7 or 8, Step 1-7
59 */
60BOTAN_TEST_API std::vector<WotsHashIndex> chain_lengths(const SphincsTreeNode& msg, const Sphincs_Parameters& params);
61
62} // namespace Botan
63
64#endif
BOTAN_TEST_API
#define BOTAN_TEST_API
Definition api.h:39
Botan::SphincsTreeNode
Strong< std::vector< uint8_t >, struct SphincsTreeNode_ > SphincsTreeNode
Either an XMSS or FORS tree node or leaf.
Definition sp_types.h:70
Botan::wots_public_key_from_signature
WotsPublicKey wots_public_key_from_signature(const SphincsTreeNode &hashed_message, StrongSpan< const WotsSignature > signature, Sphincs_Address &address, const Sphincs_Parameters &params, Sphincs_Hash_Functions &hashes)
FIPS 205, Algorithm 8: wots_pkFromSig.
Definition sp_wots.cpp:103
Botan::wots_sign_and_pkgen
void wots_sign_and_pkgen(StrongSpan< WotsSignature > sig_out, StrongSpan< SphincsTreeNode > leaf_out, const SphincsSecretSeed &secret_seed, TreeNodeIndex leaf_idx, std::optional< TreeNodeIndex > sign_leaf_idx, const std::vector< WotsHashIndex > &wots_steps, Sphincs_Address &leaf_addr, Sphincs_Address &pk_addr, const Sphincs_Parameters &params, Sphincs_Hash_Functions &hashes)
FIPS 205, Algorithm 6 and 7: wots_pkGen and wots_sign.
Definition sp_wots.cpp:132
Botan::WotsPublicKey
Strong< std::vector< uint8_t >, struct WotsPublicKey_ > WotsPublicKey
Definition sp_types.h:73
Botan::SphincsSecretSeed
Strong< secure_vector< uint8_t >, struct SphincsSecretSeed_ > SphincsSecretSeed
Definition sp_types.h:61
Botan::TreeNodeIndex
Strong< uint32_t, struct TreeNodeIndex_, EnableArithmeticWithPlainNumber > TreeNodeIndex
Index of an individual node inside an XMSS or FORS tree.
Definition sp_types.h:92
Botan::chain_lengths
std::vector< WotsHashIndex > chain_lengths(const SphincsTreeNode &msg, const Sphincs_Parameters &params)
Definition sp_wots.cpp:91
Generated by doxygen 1.12.0