Botan 3.0.0
Crypto and TLS for C&
xmss_common_ops.cpp
Go to the documentation of this file.
1/*
2 * XMSS Common Ops
3 * Operations shared by XMSS signature generation and verification operations.
4 * (C) 2016,2017 Matthias Gierlings
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 **/
8
9#include <botan/internal/xmss_common_ops.h>
10#include <botan/internal/xmss_hash.h>
11
12namespace Botan {
13
14void
16 const secure_vector<uint8_t>& left,
17 const secure_vector<uint8_t>& right,
18 XMSS_Address& adrs,
19 const secure_vector<uint8_t>& seed,
20 XMSS_Hash& hash,
21 const XMSS_Parameters& params)
22 {
25 hash.prf(key, seed, adrs.bytes());
26
28 secure_vector<uint8_t> bitmask_l;
29 hash.prf(bitmask_l, seed, adrs.bytes());
30
32 secure_vector<uint8_t> bitmask_r;
33 hash.prf(bitmask_r, seed, adrs.bytes());
34
35 BOTAN_ASSERT(bitmask_l.size() == left.size() &&
36 bitmask_r.size() == right.size(),
37 "Bitmask size doesn't match node size.");
38
39 secure_vector<uint8_t> concat_xor(params.element_size() * 2);
40 for(size_t i = 0; i < left.size(); i++)
41 {
42 concat_xor[i] = left[i] ^ bitmask_l[i];
43 concat_xor[i + left.size()] = right[i] ^ bitmask_r[i];
44 }
45
46 hash.h(result, key, concat_xor);
47 }
48
49
50void
53 XMSS_Address& adrs,
54 const secure_vector<uint8_t>& seed,
55 XMSS_Hash& hash,
56 const XMSS_Parameters& params)
57 {
58 size_t l = params.len();
59 adrs.set_tree_height(0);
60
61 while(l > 1)
62 {
63 for(size_t i = 0; i < l >> 1; i++)
64 {
65 adrs.set_tree_index(static_cast<uint32_t>(i));
66 randomize_tree_hash(pk[i], pk[2 * i], pk[2 * i + 1], adrs, seed, hash, params);
67 }
68 if(l & 0x01)
69 {
70 pk[l >> 1] = pk[l - 1];
71 }
72 l = (l >> 1) + (l & 0x01);
73 adrs.set_tree_height(adrs.get_tree_height() + 1);
74 }
75 result = pk[0];
76 }
77
78}
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:54
void set_key_mask_mode(Key_Mask value)
Definition: xmss_address.h:135
uint32_t get_tree_height() const
Definition: xmss_address.h:236
void set_tree_height(uint32_t value)
Definition: xmss_address.h:252
void set_tree_index(uint32_t value)
Definition: xmss_address.h:314
const secure_vector< uint8_t > & bytes() const
Definition: xmss_address.h:323
static void create_l_tree(secure_vector< uint8_t > &result, wots_keysig_t pk, XMSS_Address &adrs, const secure_vector< uint8_t > &seed, XMSS_Hash &hash, const XMSS_Parameters &params)
static void randomize_tree_hash(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &left, const secure_vector< uint8_t > &right, XMSS_Address &adrs, const secure_vector< uint8_t > &seed, XMSS_Hash &hash, const XMSS_Parameters &params)
void prf(secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
Definition: xmss_hash.h:59
void h(secure_vector< uint8_t > &result, std::span< const uint8_t > key, std::span< const uint8_t > data)
Definition: xmss_hash.h:106
size_t element_size() const
Definition: alg_id.cpp:12
std::vector< secure_vector< uint8_t > > wots_keysig_t
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:64