15#include <botan/internal/xmss_wots.h>
17#include <botan/assert.h>
18#include <botan/exceptn.h>
19#include <botan/internal/fmt.h>
20#include <botan/internal/xmss_tools.h>
26 if(param_set ==
"WOTSP-SHA2_256") {
29 if(param_set ==
"WOTSP-SHA2_512") {
32 if(param_set ==
"WOTSP-SHAKE_256") {
35 if(param_set ==
"WOTSP-SHAKE_512") {
38 if(param_set ==
"WOTSP-SHA2_192") {
41 if(param_set ==
"WOTSP-SHAKE_256_256") {
44 if(param_set ==
"WOTSP-SHAKE_256_192") {
48 throw Lookup_Error(
fmt(
"Unknown XMSS-WOTS algorithm param '{}'", param_set));
60 m_name =
"WOTSP-SHA2_256";
61 m_hash_name =
"SHA-256";
68 m_name =
"WOTSP-SHA2_512";
69 m_hash_name =
"SHA-512";
76 m_name =
"WOTSP-SHAKE_256";
77 m_hash_name =
"SHAKE-128(256)";
84 m_name =
"WOTSP-SHAKE_512";
85 m_hash_name =
"SHAKE-256(512)";
92 m_name =
"WOTSP-SHA2_192";
93 m_hash_name =
"Truncated(SHA-256,192)";
100 m_name =
"WOTSP-SHAKE_256_256";
101 m_hash_name =
"SHAKE-256(256)";
108 m_name =
"WOTSP-SHAKE_256_192";
109 m_hash_name =
"SHAKE-256(192)";
113 throw Not_Implemented(
"Algorithm id does not match any known XMSS WOTS algorithm id.");
116 m_lg_w = (m_w == 16) ? 4 : 2;
117 m_len_1 =
static_cast<size_t>(std::ceil((8 *
element_size()) / m_lg_w));
118 m_len_2 =
static_cast<size_t>(floor(log2(m_len_1 * (
wots_parameter() - 1)) / m_lg_w) + 1);
120 "Invalid XMSS WOTS parameter "
121 "\"len\" detected.");
126 result.reserve(out_size);
132 for(
size_t i = 0; i < out_size; i++) {
139 result.push_back(
static_cast<uint8_t
>((total >> bits) & (m_w - 1)));
145 value <<= (8 - ((m_len_2 * m_lg_w) % 8));
146 size_t len_2_bytes =
static_cast<size_t>(std::ceil(
static_cast<float>(m_len_2 * m_lg_w) / 8.0));
149 return base_w(result, m_len_2);
155 for(
size_t i = 0; i < data.size(); i++) {
160 std::move(csum_bytes.begin(), csum_bytes.end(), std::back_inserter(data));
#define BOTAN_ASSERT(expr, assertion_made)
size_t wots_parameter() const
size_t element_size() const
XMSS_WOTS_Parameters(std::string_view algo_name)
static ots_algorithm_t xmss_wots_id_from_string(std::string_view param_set)
ots_algorithm_t oid() const
secure_vector< uint8_t > base_w(const secure_vector< uint8_t > &msg, size_t out_size) const
void append_checksum(secure_vector< uint8_t > &data) const
std::string fmt(std::string_view format, const T &... args)
std::vector< T, secure_allocator< T > > secure_vector