Botan  2.16.0
Crypto and TLS for C++11
xmss_publickey.cpp
Go to the documentation of this file.
1 /*
2  * XMSS Public Key
3  * An XMSS: Extended Hash-Based Siganture public key.
4  * The XMSS public key does not support the X509 standard. Instead the
5  * raw format described in [1] is used.
6  *
7  * [1] XMSS: Extended Hash-Based Signatures,
8  * Request for Comments: 8391
9  * Release: May 2018.
10  * https://datatracker.ietf.org/doc/rfc8391/
11  *
12  * (C) 2016,2017 Matthias Gierlings
13  *
14  * Botan is released under the Simplified BSD License (see license.txt)
15  **/
16 
17 #include <botan/internal/xmss_verification_operation.h>
18 #include <botan/xmss_publickey.h>
19 #include <botan/der_enc.h>
20 #include <botan/ber_dec.h>
21 
22 namespace Botan {
23 
24 namespace {
25 
26 // fall back to raw decoding for previous versions, which did not encode an OCTET STRING
27 std::vector<uint8_t> extract_raw_key(const std::vector<uint8_t>& key_bits)
28  {
29  std::vector<uint8_t> raw_key;
30  try
31  {
32  BER_Decoder(key_bits).decode(raw_key, OCTET_STRING);
33  }
34  catch(Decoding_Error&)
35  {
36  raw_key = key_bits;
37  }
38  return raw_key;
39  }
40 
41 }
42 
43 XMSS_PublicKey::XMSS_PublicKey(const std::vector<uint8_t>& key_bits)
44  : m_raw_key(extract_raw_key(key_bits)),
45  m_xmss_params(XMSS_PublicKey::deserialize_xmss_oid(m_raw_key)),
46  m_wots_params(m_xmss_params.ots_oid())
47  {
48  if(m_raw_key.size() < XMSS_PublicKey::size())
49  {
50  throw Decoding_Error("Invalid XMSS public key size detected");
51  }
52 
53  // extract & copy root from raw key
54  m_root.clear();
56  auto begin = m_raw_key.begin() + sizeof(uint32_t);
57  auto end = begin + m_xmss_params.element_size();
58  std::copy(begin, end, std::back_inserter(m_root));
59 
60  // extract & copy public seed from raw key
61  begin = end;
62  end = begin + m_xmss_params.element_size();
63  m_public_seed.clear();
65  std::copy(begin, end, std::back_inserter(m_public_seed));
66  }
67 
69 XMSS_PublicKey::deserialize_xmss_oid(const std::vector<uint8_t>& raw_key)
70  {
71  if(raw_key.size() < 4)
72  {
73  throw Decoding_Error("XMSS signature OID missing.");
74  }
75 
76  // extract and convert algorithm id to enum type
77  uint32_t raw_id = 0;
78  for(size_t i = 0; i < 4; i++)
79  { raw_id = ((raw_id << 8) | raw_key[i]); }
80 
81  return static_cast<XMSS_Parameters::xmss_algorithm_t>(raw_id);
82  }
83 
84 std::unique_ptr<PK_Ops::Verification>
86  const std::string& provider) const
87  {
88  if(provider == "base" || provider.empty())
89  {
90  return std::unique_ptr<PK_Ops::Verification>(
91  new XMSS_Verification_Operation(*this));
92  }
93  throw Provider_Not_Found(algo_name(), provider);
94  }
95 
96 std::vector<uint8_t> XMSS_PublicKey::raw_public_key() const
97  {
98  std::vector<uint8_t> result
99  {
100  static_cast<uint8_t>(m_xmss_params.oid() >> 24),
101  static_cast<uint8_t>(m_xmss_params.oid() >> 16),
102  static_cast<uint8_t>(m_xmss_params.oid() >> 8),
103  static_cast<uint8_t>(m_xmss_params.oid())
104  };
105 
106  std::copy(m_root.begin(), m_root.end(), std::back_inserter(result));
107  std::copy(m_public_seed.begin(),
108  m_public_seed.end(),
109  std::back_inserter(result));
110 
111  return result;
112  }
113 
114 }
std::unique_ptr< PK_Ops::Verification > create_verification_op(const std::string &, const std::string &provider) const override
secure_vector< uint8_t > m_public_seed
secure_vector< uint8_t > m_root
virtual std::vector< uint8_t > raw_public_key() const
virtual size_t size() const
Definition: alg_id.cpp:13
std::string algo_name() const override
size_t element_size() const
XMSS_PublicKey(XMSS_Parameters::xmss_algorithm_t xmss_oid, RandomNumberGenerator &rng)
XMSS_Parameters m_xmss_params
xmss_algorithm_t oid() const
std::vector< uint8_t > m_raw_key