Botan  2.18.1
Crypto and TLS for C++11
xmss_wots.h
Go to the documentation of this file.
1 /*
2  * XMSS WOTS
3  * (C) 2016,2018 Matthias Gierlings
4  *
5  * Botan is released under the Simplified BSD License (see license.txt)
6  **/
7 
8 #ifndef BOTAN_XMSS_WOTS_H_
9 #define BOTAN_XMSS_WOTS_H_
10 
11 #include <botan/asn1_obj.h>
12 #include <botan/exceptn.h>
13 #include <botan/pk_keys.h>
14 #include <botan/rng.h>
15 #include <botan/secmem.h>
16 #include <botan/xmss_hash.h>
17 #include <map>
18 #include <memory>
19 #include <string>
20 #include <vector>
21 
22 namespace Botan {
23 
24 /**
25  * Descibes a signature method for XMSS Winternitz One Time Signatures,
26  * as defined in:
27  * [1] XMSS: Extended Hash-Based Signatures,
28  * Request for Comments: 8391
29  * Release: May 2018.
30  * https://datatracker.ietf.org/doc/rfc8391/
31  **/
33  {
34  public:
36  {
37  WOTSP_SHA2_256 = 0x00000001,
38  WOTSP_SHA2_512 = 0x00000002,
39  WOTSP_SHAKE_256 = 0x00000003,
40  WOTSP_SHAKE_512 = 0x00000004
41  };
42 
43  XMSS_WOTS_Parameters(const std::string& algo_name);
45 
46  static ots_algorithm_t xmss_wots_id_from_string(const std::string& param_set);
47 
48  /**
49  * Algorithm 1: convert input string to base.
50  *
51  * @param msg Input string (referred to as X in [1]).
52  * @param out_size size of message in base w.
53  *
54  * @return Input string converted to the given base.
55  **/
56  secure_vector<uint8_t> base_w(const secure_vector<uint8_t>& msg, size_t out_size) const;
57 
58  secure_vector<uint8_t> base_w(size_t value) const;
59 
61 
62  /**
63  * @return XMSS WOTS registry name for the chosen parameter set.
64  **/
65  const std::string& name() const
66  {
67  return m_name;
68  }
69 
70  /**
71  * @return Botan name for the hash function used.
72  **/
73  const std::string& hash_function_name() const
74  {
75  return m_hash_name;
76  }
77 
78  /**
79  * Retrieves the uniform length of a message, and the size of
80  * each node. This correlates to XMSS parameter "n" defined
81  * in [1].
82  *
83  * @return element length in bytes.
84  **/
85  size_t element_size() const { return m_element_size; }
86 
87  /**
88  * The Winternitz parameter.
89  *
90  * @return numeric base used for internal representation of
91  * data.
92  **/
93  size_t wots_parameter() const { return m_w; }
94 
95  size_t len() const { return m_len; }
96 
97  size_t len_1() const { return m_len_1; }
98 
99  size_t len_2() const { return m_len_2; }
100 
101  size_t lg_w() const { return m_lg_w; }
102 
103  ots_algorithm_t oid() const { return m_oid; }
104 
105  size_t estimated_strength() const { return m_strength; }
106 
107  bool operator==(const XMSS_WOTS_Parameters& p) const
108  {
109  return m_oid == p.m_oid;
110  }
111 
112  private:
113  static const std::map<std::string, ots_algorithm_t> m_oid_name_lut;
114  ots_algorithm_t m_oid;
115  std::string m_name;
116  std::string m_hash_name;
117  size_t m_element_size;
118  size_t m_w;
119  size_t m_len_1;
120  size_t m_len_2;
121  size_t m_len;
122  size_t m_strength;
123  uint8_t m_lg_w;
124  };
125 
126 class XMSS_Address;
127 
128 typedef std::vector<secure_vector<uint8_t>> wots_keysig_t;
129 
130 /**
131  * A Winternitz One Time Signature public key for use with Extended Hash-Based
132  * Signatures.
133  **/
134 class XMSS_WOTS_PublicKey : virtual public Public_Key
135  {
136  public:
138  {
139  public:
140  TreeSignature() = default;
141 
142  TreeSignature(const wots_keysig_t& ots_sig,
143  const wots_keysig_t& auth_path)
144  : m_ots_sig(ots_sig), m_auth_path(auth_path)
145  {}
146 
148  wots_keysig_t&& auth_path)
149  : m_ots_sig(std::move(ots_sig)),
150  m_auth_path(std::move(auth_path))
151  {}
152 
154  {
155  return m_ots_sig;
156  }
157 
159  {
160  return m_ots_sig;
161  }
162 
164  {
165  return m_auth_path;
166  }
167 
169  {
170  return m_auth_path;
171  }
172 
173  private:
174  wots_keysig_t m_ots_sig;
175  wots_keysig_t m_auth_path;
176  };
177 
178  /**
179  * Creates a XMSS_WOTS_PublicKey for the signature method identified by
180  * oid. The public seed for this key will be initialized with a
181  * uniformly random n-byte value, where "n" is the element size of the
182  * selected signature method.
183  *
184  * @param oid Identifier for the selected signature method.
185  **/
187  : m_wots_params(oid),
188  m_hash(m_wots_params.hash_function_name()) {}
189 
190  /**
191  * Creates a XMSS_WOTS_PublicKey for the signature method identified by
192  * oid. The public seed for this key will be initialized with a
193  * uniformly random n-byte value, where "n" is the element size of the
194  * selected signature method.
195  *
196  * @param oid Identifier for the selected signature method.
197  * @param rng A random number generate used to generate the public seed.
198  **/
201  : m_wots_params(oid),
202  m_hash(m_wots_params.hash_function_name()),
203  m_public_seed(rng.random_vec(m_wots_params.element_size())) {}
204 
205  /**
206  * Creates a XMSS_WOTS_PrivateKey for the signature method identified by
207  * oid, with a precomputed public seed.
208  *
209  * @param oid Identifier for the selected signature method.
210  * @param public_seed A precomputed public seed of n-bytes length.
211  **/
214  : m_wots_params(oid),
215  m_hash(m_wots_params.hash_function_name()),
217 
218  /**
219  * Creates a XMSS_WOTS_PublicKey for the signature method identified by
220  * oid. The public seed will be initialized with a precomputed seed and
221  * and precomputed key data which should be derived from a
222  * XMSS_WOTS_PrivateKey.
223  *
224  * @param oid Ident:s/ifier for the selected signature methods.
225  * @param public_seed A precomputed public seed of n-bytes length.
226  * @param key Precomputed raw key data of the XMSS_WOTS_PublicKey.
227  **/
230  wots_keysig_t&& key)
231  : m_wots_params(oid),
232  m_hash(m_wots_params.hash_function_name()),
233  m_key(std::move(key)),
235  {}
236 
237  /**
238  * Creates a XMSS_WOTS_PublicKey for the signature method identified by
239  * oid. The public seed will be initialized with a precomputed seed and
240  * and precomputed key data which should be derived from a
241  * XMSS_WOTS_PrivateKey.
242  *
243  * @param oid Identifier for the selected signature methods.
244  * @param public_seed A precomputed public seed of n-bytes length.
245  * @param key Precomputed raw key data of the XMSS_WOTS_PublicKey.
246  **/
249  const wots_keysig_t& key)
250  : m_wots_params(oid),
251  m_hash(m_wots_params.hash_function_name()),
252  m_key(key),
254  {}
255 
256  /**
257  * Creates a XMSS_WOTS_PublicKey form a message and signature using
258  * Algorithm 6 WOTS_pkFromSig defined in the XMSS standard. This
259  * overload is used to verify a message using a public key.
260  *
261  * @param oid WOTSP algorithm identifier.
262  * @param msg A message.
263  * @param sig A WOTS signature for msg.
264  * @param adrs An XMSS_Address.
265  * @param public_seed The public public_seed.
266  **/
268  const secure_vector<uint8_t>& msg,
269  const wots_keysig_t& sig,
270  XMSS_Address& adrs,
272  : m_wots_params(oid),
273  m_hash(m_wots_params.hash_function_name()),
274  m_key(pub_key_from_signature(msg,
275  sig,
276  adrs,
277  public_seed)),
279  {}
280 
281  /**
282  * Retrieves the i-th element out of the length len chain of
283  * n-byte elements contained in the public key.
284  *
285  * @param i index of the element.
286  * @returns n-byte element addressed by i.
287  **/
288  const secure_vector<uint8_t>& operator[](size_t i) const { return m_key[i]; }
289  secure_vector<uint8_t>& operator[](size_t i) { return m_key[i]; }
290 
291  /**
292  * Convert the key into the raw key data. The key becomes a length
293  * len vector of n-byte elements.
294  **/
295  operator const wots_keysig_t& () const { return m_key; }
296 
297  /**
298  * Convert the key into the raw key data. The key becomes a length
299  * len vector of n-byte elements.
300  **/
301  operator wots_keysig_t& () { return m_key; }
302 
304 
306 
308  {
310  }
311 
313  {
314  m_public_seed = std::move(public_seed);
315  }
316 
317  const wots_keysig_t& key_data() const { return m_key; }
318 
319  wots_keysig_t& key_data() { return m_key; }
320 
322  {
323  m_key = key_data;
324  }
325 
327  {
328  m_key = std::move(key_data);
329  }
330 
332  {
333  return m_wots_params;
334  }
335 
336  std::string algo_name() const override
337  {
338  return m_wots_params.name();
339  }
340 
342  {
343  throw Not_Implemented("No AlgorithmIdentifier available for XMSS-WOTS.");
344  }
345 
346  bool check_key(RandomNumberGenerator&, bool) const override
347  {
348  return true;
349  }
350 
351  size_t estimated_strength() const override
352  {
354  }
355 
356  size_t key_length() const override
357  {
359  }
360 
361  std::vector<uint8_t> public_key_bits() const override
362  {
363  throw Not_Implemented("No key format defined for XMSS-WOTS");
364  }
365 
367  {
368  return m_key == key.m_key;
369  }
370 
372  {
373  return !(*this == key);
374  }
375 
376  protected:
377  /**
378  * Algorithm 2: Chaining Function.
379  *
380  * Takes an n-byte input string and transforms it into a the function
381  * result iterating the cryptographic hash function "F" steps times on
382  * the input x using the outputs of the PRNG "G".
383  *
384  * This overload is used in multithreaded scenarios, where it is
385  * required to provide seperate instances of XMSS_Hash to each
386  * thread.
387  *
388  * @param[out] x An n-byte input string, that will be transformed into
389  * the chaining function result.
390  * @param start_idx The start index.
391  * @param steps A number of steps.
392  * @param adrs An OTS Hash Address.
393  * @param public_seed A public seed.
394  * @param hash Instance of XMSS_Hash, that may only by the thead
395  * executing chain.
396  **/
398  size_t start_idx,
399  size_t steps,
400  XMSS_Address& adrs,
402  XMSS_Hash& hash);
403 
404  /**
405  * Algorithm 2: Chaining Function.
406  *
407  * Takes an n-byte input string and transforms it into a the function
408  * result iterating the cryptographic hash function "F" steps times on
409  * the input x using the outputs of the PRNG "G".
410  *
411  * @param[out] x An n-byte input string, that will be transformed into
412  * the chaining function result.
413  * @param start_idx The start index.
414  * @param steps A number of steps.
415  * @param adrs An OTS Hash Address.
416  * @param public_seed A public seed.
417  **/
419  size_t start_idx,
420  size_t steps,
421  XMSS_Address& adrs,
423  {
424  chain(x, start_idx, steps, adrs, public_seed, m_hash);
425  }
426 
431 
432  private:
433  /**
434  * Algorithm 6: "WOTS_pkFromSig"
435  * Computes a Winternitz One Time Signature+ public key from a message and
436  * its signature.
437  *
438  * @param msg A message.
439  * @param sig The signature for msg.
440  * @param adrs An address.
441  * @param public_seed A public_seed.
442  *
443  * @return Temporary WOTS+ public key.
444  **/
445  wots_keysig_t pub_key_from_signature(
446  const secure_vector<uint8_t>& msg,
447  const wots_keysig_t& sig,
448  XMSS_Address& adrs,
450  };
451 
452 /** A Winternitz One Time Signature private key for use with Extended Hash-Based
453  * Signatures.
454  **/
456  public virtual Private_Key
457  {
458  public:
459  /**
460  * Creates a WOTS private key for the chosen XMSS WOTS signature method.
461  * Members need to be initialized manually.
462  *
463  * @param oid Identifier for the selected signature method.
464  **/
466  : XMSS_WOTS_PublicKey(oid)
467  {}
468 
469  /**
470  * Creates a WOTS private key for the chosen XMSS WOTS signature method.
471  *
472  * @param oid Identifier for the selected signature method.
473  * @param rng A random number generator to use for key generation.
474  **/
477  : XMSS_WOTS_PublicKey(oid, rng),
478  m_private_seed(rng.random_vec(m_wots_params.element_size()))
479  {
480  set_key_data(generate(m_private_seed));
481  }
482 
483  /**
484  * Constructs a WOTS private key. Chains will be generated on demand
485  * applying a hash function to a unique value generated from a secret
486  * seed and a counter. The secret seed of length n, will be
487  * automatically generated using AutoSeeded_RNG(). "n" equals
488  * the element size of the chosen WOTS security parameter set.
489  *
490  * @param oid Identifier for the selected signature method.
491  * @param public_seed A public seed used for the pseudo random generation
492  * of public keys derived from this private key.
493  * @param rng A random number generator to use for key generation.
494  **/
499  m_private_seed(rng.random_vec(m_wots_params.element_size()))
500  {
501  set_key_data(generate(m_private_seed));
502  }
503 
504  /**
505  * Constructs a WOTS private key. Chains will be generated on demand
506  * applying a hash function to a unique value generated from a secret
507  * seed and a counter. The secret seed of length n, will be
508  * automatically generated using AutoSeeded_RNG(). "n" equals
509  * the element size of the chosen WOTS security parameter set.
510  *
511  * @param oid Identifier for the selected signature method.
512  * @param public_seed A public seed used for the pseudo random generation
513  * of public keys derived from this private key.
514  **/
518  {}
519 
520  /**
521  * Constructs a WOTS private key. Chains will be generated on demand
522  * applying a hash function to a unique value generated from the
523  * secret seed and a counter.
524  *
525  * @param oid Identifier for the selected signature method.
526  * @param public_seed A public seed used for the pseudo random generation
527  * of public keys derived from this private key.
528  * @param private_seed A secret uniformly random n-byte value.
529  **/
534  m_private_seed(private_seed)
535  {
536  set_key_data(generate(private_seed));
537  }
538 
539  /**
540  * Retrieves the i-th WOTS private key using pseudo random key
541  * (re-)generation.
542  *
543  * This overload is used in multithreaded scenarios, where it is
544  * required to provide seperate instances of XMSS_Hash to each
545  * thread.
546  *
547  * @param i Index of the key to retrieve.
548  * @param hash Instance of XMSS_Hash, that may only be used by the
549  * thead executing at.
550  *
551  * @return WOTS secret key.
552  **/
553  wots_keysig_t at(size_t i, XMSS_Hash& hash);
554 
555  /**
556  * Retrieves the i-th WOTS private key using pseudo random key
557  * (re-)generation.
558  *
559  * @param i Index of the key to retrieve.
560  *
561  * @return WOTS secret key.
562  **/
563  inline wots_keysig_t operator[](size_t i)
564  {
565  return this->at(i, m_hash);
566  }
567 
568  /**
569  * Retrieves the i-th WOTS private key using pseudo random key
570  * (re-)generation.
571  *
572  * This overload is used in multithreaded scenarios, where it is
573  * required to provide seperate instances of XMSS_Hash to each
574  * thread.
575  *
576  * @param adrs The address of the key to retrieve.
577  * @param hash Instance of XMSS_Hash, that may only be used by the
578  * thead executing at.
579  *
580  * @return WOTS secret key.
581  **/
582  wots_keysig_t at(const XMSS_Address& adrs, XMSS_Hash& hash);
583 
585  {
586  return this->at(adrs, m_hash);
587  }
588 
590 
591  /**
592  * Algorithm 4: "WOTS_genPK"
593  * Generates a Winternitz One Time Signature+ (WOTS+) Public Key from a
594  * given private key.
595  *
596  * @param adrs Hash function address encoding the address of the WOTS+
597  * key pair within a greater structure.
598  *
599  * @return A XMSS_WOTS_PublicKey.
600  **/
602 
603  /**
604  * Algorithm 4: "WOTS_genPK"
605  * Initializes a Winternitz One Time Signature+ (WOTS+) Public Key's
606  * key_data() member, with data derived from in_key_data using the
607  * WOTS chaining function.
608  *
609  * This overload is used in multithreaded scenarios, where it is
610  * required to provide seperate instances of XMSS_Hash to each
611  * thread.
612  *
613  * @param[out] pub_key Public key to initialize key_data() member on.
614  * @param in_key_data Input key material from private key used for
615  * public key generation.
616  * @param adrs Hash function address encoding the address of
617  * the WOTS+ key pair within a greater structure.
618  * @param hash Instance of XMSS_Hash, that may only by the thead
619  * executing generate_public_key.
620  **/
622  wots_keysig_t&& in_key_data,
623  XMSS_Address& adrs,
624  XMSS_Hash& hash);
625  /**
626  * Algorithm 4: "WOTS_genPK"
627  * Initializes a Winternitz One Time Signature+ (WOTS+) Public Key's
628  * key_data() member, with data derived from in_key_data using the
629  * WOTS chaining function.
630  *
631  * @param[out] pub_key Public key to initialize key_data() member on.
632  * @param in_key_data Input key material from private key used for
633  * public key generation.
634  * @param adrs Hash function address encoding the address of
635  * the WOTS+ key pair within a greater structure.
636  **/
638  wots_keysig_t&& in_key_data,
639  XMSS_Address& adrs)
640  {
641  generate_public_key(pub_key, std::forward<wots_keysig_t>(in_key_data), adrs, m_hash);
642  }
643 
644  /**
645  * Algorithm 5: "WOTS_sign"
646  * Generates a signature from a private key and a message.
647  *
648  * @param msg A message to sign.
649  * @param adrs An OTS hash address identifying the WOTS+ key pair
650  * used for signing.
651  *
652  * @return signature for msg.
653  **/
655  XMSS_Address& adrs)
656  {
657  return sign(msg, adrs, m_hash);
658  }
659 
660  /**
661  * Algorithm 5: "WOTS_sign"
662  * Generates a signature from a private key and a message.
663  *
664  * This overload is used in multithreaded scenarios, where it is
665  * required to provide seperate instances of XMSS_Hash to each
666  * thread.
667  *
668  * @param msg A message to sign.
669  * @param adrs An OTS hash address identifying the WOTS+ key pair
670  * used for signing.
671  * @param hash Instance of XMSS_Hash, that may only be used by the
672  * thead executing sign.
673  *
674  * @return signature for msg.
675  **/
677  XMSS_Address& adrs,
678  XMSS_Hash& hash);
679 
680  /**
681  * Retrieves the secret seed used to generate WOTS+ chains. The seed
682  * should be a uniformly random n-byte value.
683  *
684  * @return secret seed.
685  **/
687  {
688  return m_private_seed;
689  }
690 
691  /**
692  * Sets the secret seed used to generate WOTS+ chains. The seed
693  * should be a uniformly random n-byte value.
694  *
695  * @param private_seed Uniformly random n-byte value.
696  **/
698  {
699  m_private_seed = private_seed;
700  }
701 
702  /**
703  * Sets the secret seed used to generate WOTS+ chains. The seed
704  * should be a uniformly random n-byte value.
705  *
706  * @param private_seed Uniformly random n-byte value.
707  **/
709  {
710  m_private_seed = std::move(private_seed);
711  }
712 
714  pkcs8_algorithm_identifier() const override
715  {
716  throw Not_Implemented("No AlgorithmIdentifier available for XMSS-WOTS.");
717  }
718 
720  {
721  throw Not_Implemented("No PKCS8 key format defined for XMSS-WOTS.");
722  }
723 
724  private:
725  /**
726  * Algorithm 3: "Generating a WOTS+ Private Key".
727  * Generates a private key.
728  *
729  * This overload is used in multithreaded scenarios, where it is
730  * required to provide seperate instances of XMSS_Hash to each thread.
731  *
732  * @param private_seed Uniformly random n-byte value.
733  * @param[in] hash Instance of XMSS_Hash, that may only be used by the
734  * thead executing generate.
735  *
736  * @returns a vector of length key_size() of vectors of n bytes length
737  * containing uniformly random data.
738  **/
740  XMSS_Hash& hash);
741 
742  inline wots_keysig_t generate(const secure_vector<uint8_t>& private_seed)
743  {
744  return generate(private_seed, m_hash);
745  }
746 
747  secure_vector<uint8_t> m_private_seed;
748  };
749 
750 }
751 
752 #endif
const secure_vector< uint8_t > & public_seed() const
Definition: xmss_wots.h:303
static ots_algorithm_t xmss_wots_id_from_string(const std::string &param_set)
TreeSignature(wots_keysig_t &&ots_sig, wots_keysig_t &&auth_path)
Definition: xmss_wots.h:147
const std::string & hash_function_name() const
Definition: xmss_wots.h:73
size_t len_1() const
Definition: xmss_wots.h:97
size_t estimated_strength() const
Definition: xmss_wots.h:105
XMSS_WOTS_PrivateKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, RandomNumberGenerator &rng)
Definition: xmss_wots.h:475
secure_vector< uint8_t > base_w(const secure_vector< uint8_t > &msg, size_t out_size) const
XMSS_WOTS_PrivateKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed, const secure_vector< uint8_t > &private_seed)
Definition: xmss_wots.h:530
void set_public_seed(secure_vector< uint8_t > &&public_seed)
Definition: xmss_wots.h:312
void set_public_seed(const secure_vector< uint8_t > &public_seed)
Definition: xmss_wots.h:307
wots_keysig_t sign(const secure_vector< uint8_t > &msg, XMSS_Address &adrs)
Definition: xmss_wots.h:654
wots_keysig_t operator[](const XMSS_Address &adrs)
Definition: xmss_wots.h:584
int(* final)(unsigned char *, CTX *)
TreeSignature(const wots_keysig_t &ots_sig, const wots_keysig_t &auth_path)
Definition: xmss_wots.h:142
secure_vector< uint8_t > & public_seed()
Definition: xmss_wots.h:305
secure_vector< uint8_t > m_public_seed
Definition: xmss_wots.h:430
XMSS_WOTS_PrivateKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed)
Definition: xmss_wots.h:515
bool operator==(const XMSS_WOTS_Parameters &p) const
Definition: xmss_wots.h:107
wots_keysig_t at(size_t i, XMSS_Hash &hash)
void generate_public_key(XMSS_WOTS_PublicKey &pub_key, wots_keysig_t &&in_key_data, XMSS_Address &adrs)
Definition: xmss_wots.h:637
Definition: bigint.h:1143
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, secure_vector< uint8_t > public_seed)
Definition: xmss_wots.h:212
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &msg, const wots_keysig_t &sig, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed)
Definition: xmss_wots.h:267
const wots_keysig_t & authentication_path() const
Definition: xmss_wots.h:163
AlgorithmIdentifier pkcs8_algorithm_identifier() const override
Definition: xmss_wots.h:714
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, RandomNumberGenerator &rng)
Definition: xmss_wots.h:199
size_t estimated_strength() const override
Definition: xmss_wots.h:351
bool check_key(RandomNumberGenerator &, bool) const override
Definition: xmss_wots.h:346
void chain(secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed, XMSS_Hash &hash)
const secure_vector< uint8_t > & operator[](size_t i) const
Definition: xmss_wots.h:288
XMSS_WOTS_PrivateKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed, RandomNumberGenerator &rng)
Definition: xmss_wots.h:495
std::vector< uint8_t > public_key_bits() const override
Definition: xmss_wots.h:361
secure_vector< uint8_t > & operator[](size_t i)
Definition: xmss_wots.h:289
wots_keysig_t generate_private_key(const secure_vector< uint8_t > &priv_seed)
XMSS_WOTS_PrivateKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
Definition: xmss_wots.h:465
void set_private_seed(secure_vector< uint8_t > &&private_seed)
Definition: xmss_wots.h:708
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
Definition: xmss_wots.h:186
const wots_keysig_t & key_data() const
Definition: xmss_wots.h:317
bool operator!=(const XMSS_WOTS_PublicKey &key)
Definition: xmss_wots.h:371
XMSS_WOTS_PublicKey generate_public_key(XMSS_Address &adrs)
Definition: alg_id.cpp:13
std::vector< secure_vector< uint8_t > > wots_keysig_t
const XMSS_WOTS_Parameters & wots_parameters() const
Definition: xmss_wots.h:331
const wots_keysig_t & ots_signature() const
Definition: xmss_wots.h:153
const std::string & name() const
Definition: xmss_wots.h:65
wots_keysig_t operator[](size_t i)
Definition: xmss_wots.h:563
void set_key_data(const wots_keysig_t &key_data)
Definition: xmss_wots.h:321
size_t len_2() const
Definition: xmss_wots.h:99
bool operator==(const XMSS_WOTS_PublicKey &key)
Definition: xmss_wots.h:366
void set_key_data(wots_keysig_t &&key_data)
Definition: xmss_wots.h:326
void append_checksum(secure_vector< uint8_t > &data)
XMSS_WOTS_Parameters(const std::string &algo_name)
const secure_vector< uint8_t > & private_seed() const
Definition: xmss_wots.h:686
void chain(secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed)
Definition: xmss_wots.h:418
AlgorithmIdentifier algorithm_identifier() const override
Definition: xmss_wots.h:341
secure_vector< uint8_t > private_key_bits() const override
Definition: xmss_wots.h:719
size_t wots_parameter() const
Definition: xmss_wots.h:93
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
void set_private_seed(const secure_vector< uint8_t > &private_seed)
Definition: xmss_wots.h:697
wots_keysig_t & key_data()
Definition: xmss_wots.h:319
size_t key_length() const override
Definition: xmss_wots.h:356
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, secure_vector< uint8_t > &&public_seed, wots_keysig_t &&key)
Definition: xmss_wots.h:228
size_t element_size() const
Definition: xmss_wots.h:85
MechanismType hash
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed, const wots_keysig_t &key)
Definition: xmss_wots.h:247
XMSS_WOTS_Parameters m_wots_params
Definition: xmss_wots.h:427
ots_algorithm_t oid() const
Definition: xmss_wots.h:103
std::string algo_name() const override
Definition: xmss_wots.h:336