Botan  2.18.1
Crypto and TLS for C++11
xmss_wots_privatekey.cpp
Go to the documentation of this file.
1 /*
2  * XMSS WOTS Private Key
3  * A Winternitz One Time Signature private key for use with Extended Hash-Based
4  * Signatures.
5  *
6  * (C) 2016,2017 Matthias Gierlings
7  *
8  * Botan is released under the Simplified BSD License (see license.txt)
9  **/
10 
11 #include <botan/xmss_wots.h>
12 #include <botan/internal/xmss_tools.h>
13 #include <botan/internal/xmss_address.h>
14 
15 namespace Botan {
16 
18 XMSS_WOTS_PrivateKey::generate(const secure_vector<uint8_t>& priv_seed,
19  XMSS_Hash& hash)
20  {
21  wots_keysig_t priv_key(m_wots_params.len(),
22  secure_vector<uint8_t>(0));
23 
24  for(size_t i = 0; i < m_wots_params.len(); i++)
25  {
26  XMSS_Tools::concat<size_t>(priv_key[i], i, 32);
27  hash.prf(priv_key[i], priv_seed, priv_key[i]);
28  }
29  return priv_key;
30  }
31 
32 
33 XMSS_WOTS_PublicKey
35  {
37  public_seed());
38  generate_public_key(pub_key, wots_keysig_t((*this)[adrs]), adrs);
39  return pub_key;
40  }
41 
42 void
44  wots_keysig_t&& in_key_data,
45  XMSS_Address& adrs,
46  XMSS_Hash& hash)
47  {
49  public_seed() == pub_key.public_seed(),
50  "Conflicting public key data.");
51 
52  pub_key.set_key_data(std::move(in_key_data));
53  for(size_t i = 0; i < m_wots_params.len(); i++)
54  {
55  adrs.set_chain_address(static_cast<uint32_t>(i));
56  chain(pub_key[i], 0, m_wots_params.wots_parameter() - 1, adrs,
57  public_seed(), hash);
58  }
59  }
60 
63  XMSS_Address& adrs,
64  XMSS_Hash& hash)
65 
66  {
67  secure_vector<uint8_t> msg_digest
68  {
70  };
71 
72  m_wots_params.append_checksum(msg_digest);
73  wots_keysig_t sig(this->at(adrs, hash));
74 
75  for(size_t i = 0; i < m_wots_params.len(); i++)
76  {
77  adrs.set_chain_address(static_cast<uint32_t>(i));
78  chain(sig[i], 0 , msg_digest[i], adrs, m_public_seed, hash);
79  }
80 
81  return sig;
82  }
83 
85  {
87  hash.prf(result, m_private_seed, adrs.bytes());
88  return generate(result, hash);
89  }
90 
92  {
93  secure_vector<uint8_t> idx_bytes;
95  hash.h(idx_bytes, m_private_seed, idx_bytes);
96  return generate(idx_bytes, hash);
97  }
98 
99 }
const secure_vector< uint8_t > & public_seed() const
Definition: xmss_wots.h:303
size_t len_1() const
Definition: xmss_wots.h:97
secure_vector< uint8_t > base_w(const secure_vector< uint8_t > &msg, size_t out_size) const
wots_keysig_t sign(const secure_vector< uint8_t > &msg, XMSS_Address &adrs)
Definition: xmss_wots.h:654
secure_vector< uint8_t > m_public_seed
Definition: xmss_wots.h:430
wots_keysig_t at(size_t i, XMSS_Hash &hash)
void chain(secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed, XMSS_Hash &hash)
const secure_vector< uint8_t > & bytes() const
Definition: xmss_address.h:322
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55
XMSS_WOTS_PublicKey generate_public_key(XMSS_Address &adrs)
Definition: alg_id.cpp:13
void set_chain_address(uint32_t value)
Definition: xmss_address.h:220
std::vector< secure_vector< uint8_t > > wots_keysig_t
static void concat(secure_vector< uint8_t > &target, const T &src)
Definition: xmss_tools.h:63
const XMSS_WOTS_Parameters & wots_parameters() const
Definition: xmss_wots.h:331
void set_key_data(const wots_keysig_t &key_data)
Definition: xmss_wots.h:321
void append_checksum(secure_vector< uint8_t > &data)
size_t wots_parameter() const
Definition: xmss_wots.h:93
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
size_t element_size() const
Definition: xmss_wots.h:85
MechanismType hash
XMSS_WOTS_Parameters m_wots_params
Definition: xmss_wots.h:427
ots_algorithm_t oid() const
Definition: xmss_wots.h:103