Botan 2.19.1
Crypto and TLS for C&
xmss_hash.h
Go to the documentation of this file.
1/*
2 * XMSS Hash
3 * (C) 2016,2017 Matthias Gierlings
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 **/
7
8#ifndef BOTAN_XMSS_HASH_H_
9#define BOTAN_XMSS_HASH_H_
10
11#include <botan/hash.h>
12
13//BOTAN_FUTURE_INTERNAL_HEADER(xmss_hash.h)
14
15namespace Botan {
16
17/**
18 * A collection of pseudorandom hash functions required for XMSS and WOTS
19 * computations.
20 **/
22 {
23 public:
24 XMSS_Hash(const std::string& h_func_name);
25 XMSS_Hash(const XMSS_Hash& hash);
26
27 /**
28 * Pseudoranom function creating a hash out of a key and data using
29 * a cryptographic hash function.
30 *
31 * @param[out] result The hash calculated using key and data.
32 * @param[in] key An n-byte key value.
33 * @param[in] data A 32-byte XMSS_Address data value
34 **/
35 inline void prf(secure_vector<uint8_t>& result,
36 const secure_vector<uint8_t>& key,
37 const secure_vector<uint8_t>& data)
38 {
39 m_hash->update(m_zero_padding);
40 m_hash->update(m_id_prf);
41 m_hash->update(key);
42 m_hash->update(data);
43 m_hash->final(result);
44 }
45
46 /**
47 * Pseudoranom function creating a hash out of a key and data using
48 * a cryptographic hash function.
49 *
50 * @param[in] key An n-byte key value.
51 * @param[in] data A 32-byte XMSS_Address data value
52 * @return result The hash calculated using key and data.
53 **/
55 const secure_vector<uint8_t>& data)
56 {
57 m_hash->update(m_zero_padding);
58 m_hash->update(m_id_prf);
59 m_hash->update(key);
60 m_hash->update(data);
61 return m_hash->final();
62 }
63
64 /**
65 * F is a keyed cryptographic hash function used by the WOTS+ algorithm.
66 *
67 * @param[out] result The hash calculated using key and data.
68 * @param[in] key key of length n bytes.
69 * @param[in] data string of arbitrary length.
70 **/
72 const secure_vector<uint8_t>& key,
73 const secure_vector<uint8_t>& data)
74 {
75 m_hash->update(m_zero_padding);
76 m_hash->update(m_id_f);
77 m_hash->update(key);
78 m_hash->update(data);
79 m_hash->final(result);
80 }
81
82 /**
83 * Cryptographic hash function h accepting n byte keys and 2n byte
84 * strings of data.
85 *
86 * @param[out] result The hash calculated using key and data.
87 * @param[in] key key of length n bytes.
88 * @param[in] data string of 2n bytes length.
89 **/
90 void h(secure_vector<uint8_t>& result,
91 const secure_vector<uint8_t>& key,
92 const secure_vector<uint8_t>& data);
93
94 /**
95 * Cryptographic hash function h accepting 3n byte keys and data
96 * strings of arbitrary length.
97 *
98 * @param randomness n-byte value.
99 * @param root n-byte root node.
100 * @param index_bytes Index value padded with leading zeros.
101 * @param data string of arbitrary length.
102 *
103 * @return hash value of n-bytes length.
104 **/
106 const secure_vector<uint8_t>& root,
107 const secure_vector<uint8_t>& index_bytes,
108 const secure_vector<uint8_t>& data);
109
110 /**
111 * Initializes buffered h_msg computation with prefix data.
112 *
113 * @param randomness random n-byte value.
114 * @param root n-byte root node.
115 * @param index_bytes Index value padded with leading zeros.
116 **/
117 void h_msg_init(const secure_vector<uint8_t>& randomness,
118 const secure_vector<uint8_t>& root,
119 const secure_vector<uint8_t>& index_bytes);
120
121 /**
122 * Adds a message block to buffered h_msg computation.
123 *
124 * @param data A message block
125 * @param size Length of the message block in bytes.
126 **/
127 void h_msg_update(const uint8_t data[], size_t size);
128
129 /**
130 * Finalizes buffered h_msg computation and retrieves the result.
131 *
132 * @return Hash calculated using the prefix set by h_msg_init() and
133 * message blocks provided through calls to h_msg_update().
134 **/
136
137 size_t output_length() const { return m_output_length; }
138
139 private:
140 static const uint8_t m_id_f = 0x00;
141 static const uint8_t m_id_h = 0x01;
142 static const uint8_t m_id_hmsg = 0x02;
143 static const uint8_t m_id_prf = 0x03;
144
145 std::unique_ptr<HashFunction> m_hash;
146 std::unique_ptr<HashFunction> m_msg_hash;
147 //32 byte id prefixes prepended to the hash input.
148 std::vector<uint8_t> m_zero_padding;
149 size_t m_output_length;
150 const std::string m_hash_func_name;
151
152 };
153
154}
155
156#endif
secure_vector< uint8_t > h_msg(const secure_vector< uint8_t > &randomness, const secure_vector< uint8_t > &root, const secure_vector< uint8_t > &index_bytes, const secure_vector< uint8_t > &data)
Definition: xmss_hash.cpp:70
void f(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:71
secure_vector< uint8_t > prf(const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:54
size_t output_length() const
Definition: xmss_hash.h:137
void h_msg_update(const uint8_t data[], size_t size)
Definition: xmss_hash.cpp:59
secure_vector< uint8_t > h_msg_final()
Definition: xmss_hash.cpp:64
void h_msg_init(const secure_vector< uint8_t > &randomness, const secure_vector< uint8_t > &root, const secure_vector< uint8_t > &index_bytes)
Definition: xmss_hash.cpp:47
void h(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.cpp:36
XMSS_Hash(const std::string &h_func_name)
Definition: xmss_hash.cpp:20
void prf(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:35
int(* final)(unsigned char *, CTX *)
Definition: alg_id.cpp:13
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
MechanismType hash