Botan 3.9.0
Crypto and TLS for C&
sphincsplus.h
Go to the documentation of this file.
1/*
2 * SLH-DSA - Stateless Hash-Based Digital Signature Standard - FIPS 205
3 * Based on the creative commons (CC0 1.0) SPHINCS+ reference implementation by the
4 * designers (https://github.com/sphincs/sphincsplus/)
5 *
6 * (C) 2023 Jack Lloyd
7 * 2023 Fabian Albert, René Meusel, Rohde & Schwarz Cybersecurity
8 *
9 * Botan is released under the Simplified BSD License (see license.txt)
10 **/
11
12#ifndef BOTAN_SPHINCS_PLUS_H_
13#define BOTAN_SPHINCS_PLUS_H_
14
15#include <botan/pk_keys.h>
16#include <botan/sp_parameters.h>
17
18#include <memory>
19#include <vector>
20
21namespace Botan {
22
23class SphincsPlus_PublicKeyInternal;
24class SphincsPlus_PrivateKeyInternal;
25
26/**
27 * @brief An SLH-DSA (or SPHINCS+ Round 3.1) public key.
28 *
29 * For more information see the documentation of SphincsPlus_PrivateKey.
30 */
32 public:
33 SphincsPlus_PublicKey(std::span<const uint8_t> pub_key, Sphincs_Parameter_Set type, Sphincs_Hash_Type hash);
34 SphincsPlus_PublicKey(std::span<const uint8_t> pub_key, Sphincs_Parameters params);
35 SphincsPlus_PublicKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits);
36
38
43
44 size_t key_length() const override;
45
46 std::string algo_name() const override;
47
48 size_t estimated_strength() const override;
50 OID object_identifier() const override;
51 bool check_key(RandomNumberGenerator& rng, bool strong) const override;
52 std::vector<uint8_t> raw_public_key_bits() const override;
53 std::vector<uint8_t> public_key_bits() const override;
54
55 std::unique_ptr<Private_Key> generate_another(RandomNumberGenerator& rng) const final;
56
57 std::unique_ptr<PK_Ops::Verification> create_verification_op(std::string_view params,
58 std::string_view provider) const override;
59
60 std::unique_ptr<PK_Ops::Verification> create_x509_verification_op(const AlgorithmIdentifier& signature_algorithm,
61 std::string_view provider) const override;
62
63 bool supports_operation(PublicKeyOperation op) const override;
64
65 protected:
67
68 std::shared_ptr<SphincsPlus_PublicKeyInternal> m_public; // NOLINT(*non-private-member-variable*)
69};
70
73
74/**
75 * @brief An SLH-DSA private key.
76 *
77 * This class represents an SLH-DSA private key (or a SPHINCS+ Round 3.1 private key).
78 * Supported are all parameter sets defined in FIPS 205, Section 11. Parameter
79 * sets are specified using the Sphincs_Parameter_Set and
80 * Sphincs_Hash_Type enums, for example SLH-DSA-SHA2-128s is defined as
81 * Sphincs_Parameter_Set::SLHDSA128Small and Sphincs_Hash_Type::Sha256.
82 *
83 * For legacy usage of SPHINCS+ Round 3 (not recommended), the parameter sets
84 * Sphincs128Small, ..., Sphincs256Fast are used.
85 *
86 * Note that the parameter sets denoted as 'small' optimize for signature size
87 * at the expense of signing speed, whereas 'fast' trades larger signatures for
88 * faster signing speeds.
89 *
90 * This implementation is based on the SPHINCS+
91 * https://github.com/sphincs/sphincsplus/commit/06f42f47491085ac879a72b486ca8edb10891963
92 * which implements SPHINCS+ Specification Round 3.1 (https://sphincs.org/data/sphincs+-r3.1-specification.pdf).
93 * The used tweaked hashes are implemented according to the variant 'simple' ('robust' is not supported).
94 */
96 public virtual Private_Key {
97 public:
98 SphincsPlus_PrivateKey(std::span<const uint8_t> private_key, Sphincs_Parameter_Set type, Sphincs_Hash_Type hash);
99 SphincsPlus_PrivateKey(std::span<const uint8_t> private_key, Sphincs_Parameters params);
100 SphincsPlus_PrivateKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits);
103
105
110
113 std::unique_ptr<Public_Key> public_key() const override;
114
115 std::unique_ptr<PK_Ops::Signature> create_signature_op(RandomNumberGenerator& rng,
116 std::string_view params,
117 std::string_view provider) const override;
118
119 private:
120 std::shared_ptr<SphincsPlus_PrivateKeyInternal> m_private;
121};
122
124
125} // namespace Botan
126
127#endif
#define BOTAN_DIAGNOSTIC_POP
Definition api.h:122
#define BOTAN_DIAGNOSTIC_PUSH
Definition api.h:119
#define BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
Definition api.h:121
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:21
secure_vector< uint8_t > raw_private_key_bits() const override
std::unique_ptr< PK_Ops::Signature > create_signature_op(RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
SphincsPlus_PrivateKey(std::span< const uint8_t > private_key, Sphincs_Parameter_Set type, Sphincs_Hash_Type hash)
SphincsPlus_PrivateKey & operator=(const SphincsPlus_PrivateKey &other)=delete
SphincsPlus_PrivateKey & operator=(SphincsPlus_PrivateKey &&other)=delete
secure_vector< uint8_t > private_key_bits() const override
SphincsPlus_PrivateKey(const SphincsPlus_PrivateKey &other)=default
SphincsPlus_PrivateKey(SphincsPlus_PrivateKey &&other)=default
std::unique_ptr< Public_Key > public_key() const override
std::vector< uint8_t > public_key_bits() const override
std::vector< uint8_t > raw_public_key_bits() const override
std::unique_ptr< PK_Ops::Verification > create_x509_verification_op(const AlgorithmIdentifier &signature_algorithm, std::string_view provider) const override
std::unique_ptr< PK_Ops::Verification > create_verification_op(std::string_view params, std::string_view provider) const override
SphincsPlus_PublicKey(SphincsPlus_PublicKey &&other)=default
bool supports_operation(PublicKeyOperation op) const override
std::string algo_name() const override
size_t key_length() const override
SphincsPlus_PublicKey & operator=(const SphincsPlus_PublicKey &other)=default
std::unique_ptr< Private_Key > generate_another(RandomNumberGenerator &rng) const final
bool check_key(RandomNumberGenerator &rng, bool strong) const override
AlgorithmIdentifier algorithm_identifier() const override
SphincsPlus_PublicKey & operator=(SphincsPlus_PublicKey &&other)=default
SphincsPlus_PublicKey(const SphincsPlus_PublicKey &other)=default
std::shared_ptr< SphincsPlus_PublicKeyInternal > m_public
Definition sphincsplus.h:68
size_t estimated_strength() const override
SphincsPlus_PublicKey(std::span< const uint8_t > pub_key, Sphincs_Parameter_Set type, Sphincs_Hash_Type hash)
OID object_identifier() const override
Sphincs_Parameter_Set
Sphincs_Hash_Type
PublicKeyOperation
Definition pk_keys.h:46
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69