Botan  2.19.1
Crypto and TLS for C++11
xmss_publickey.cpp
Go to the documentation of this file.
1 /*
2  * XMSS Public Key
3  * An XMSS: Extended Hash-Based Siganture public key.
4  * The XMSS public key does not support the X509 standard. Instead the
5  * raw format described in [1] is used.
6  *
7  * [1] XMSS: Extended Hash-Based Signatures,
8  * Request for Comments: 8391
9  * Release: May 2018.
10  * https://datatracker.ietf.org/doc/rfc8391/
11  *
12  * (C) 2016,2017 Matthias Gierlings
13  *
14  * Botan is released under the Simplified BSD License (see license.txt)
15  **/
16 
17 #include <botan/xmss.h>
18 #include <botan/internal/xmss_verification_operation.h>
19 #include <botan/der_enc.h>
20 #include <botan/ber_dec.h>
21 #include <iterator>
22 
23 namespace Botan {
24 
25 namespace {
26 
27 // fall back to raw decoding for previous versions, which did not encode an OCTET STRING
28 std::vector<uint8_t> extract_raw_key(const std::vector<uint8_t>& key_bits)
29  {
30  std::vector<uint8_t> raw_key;
31  try
32  {
33  BER_Decoder(key_bits).decode(raw_key, OCTET_STRING);
34  }
35  catch(Decoding_Error&)
36  {
37  raw_key = key_bits;
38  }
39  return raw_key;
40  }
41 
42 }
43 
46  : m_xmss_params(xmss_oid), m_wots_params(m_xmss_params.ots_oid()),
47  m_root(m_xmss_params.element_size()),
48  m_public_seed(rng.random_vec(m_xmss_params.element_size()))
49  {}
50 
51 XMSS_PublicKey::XMSS_PublicKey(const std::vector<uint8_t>& key_bits)
52  : m_raw_key(extract_raw_key(key_bits)),
53  m_xmss_params(XMSS_PublicKey::deserialize_xmss_oid(m_raw_key)),
54  m_wots_params(m_xmss_params.ots_oid())
55  {
56  if(m_raw_key.size() < XMSS_PublicKey::size())
57  {
58  throw Decoding_Error("Invalid XMSS public key size detected");
59  }
60 
61  // extract & copy root from raw key
62  m_root.clear();
64  auto begin = m_raw_key.begin() + sizeof(uint32_t);
65  auto end = begin + m_xmss_params.element_size();
66  std::copy(begin, end, std::back_inserter(m_root));
67 
68  // extract & copy public seed from raw key
69  begin = end;
70  end = begin + m_xmss_params.element_size();
71  m_public_seed.clear();
73  std::copy(begin, end, std::back_inserter(m_public_seed));
74  }
75 
77 XMSS_PublicKey::deserialize_xmss_oid(const std::vector<uint8_t>& raw_key)
78  {
79  if(raw_key.size() < 4)
80  {
81  throw Decoding_Error("XMSS signature OID missing.");
82  }
83 
84  // extract and convert algorithm id to enum type
85  uint32_t raw_id = 0;
86  for(size_t i = 0; i < 4; i++)
87  { raw_id = ((raw_id << 8) | raw_key[i]); }
88 
89  return static_cast<XMSS_Parameters::xmss_algorithm_t>(raw_id);
90  }
91 
92 std::unique_ptr<PK_Ops::Verification>
94  const std::string& provider) const
95  {
96  if(provider == "base" || provider.empty())
97  {
98  return std::unique_ptr<PK_Ops::Verification>(
99  new XMSS_Verification_Operation(*this));
100  }
101  throw Provider_Not_Found(algo_name(), provider);
102  }
103 
104 std::vector<uint8_t> XMSS_PublicKey::raw_public_key() const
105  {
106  std::vector<uint8_t> result
107  {
108  static_cast<uint8_t>(m_xmss_params.oid() >> 24),
109  static_cast<uint8_t>(m_xmss_params.oid() >> 16),
110  static_cast<uint8_t>(m_xmss_params.oid() >> 8),
111  static_cast<uint8_t>(m_xmss_params.oid())
112  };
113 
114  std::copy(m_root.begin(), m_root.end(), std::back_inserter(result));
115  std::copy(m_public_seed.begin(),
116  m_public_seed.end(),
117  std::back_inserter(result));
118 
119  return result;
120  }
121 
122 std::vector<uint8_t> XMSS_PublicKey::public_key_bits() const
123  {
124  std::vector<uint8_t> output;
126  return output;
127  }
128 
129 }
std::unique_ptr< PK_Ops::Verification > create_verification_op(const std::string &, const std::string &provider) const override
secure_vector< uint8_t > m_public_seed
Definition: xmss.h:248
size_t element_size() const
secure_vector< uint8_t > m_root
Definition: xmss.h:247
DER_Encoder & encode(bool b)
Definition: der_enc.cpp:285
xmss_algorithm_t oid() const
virtual std::vector< uint8_t > raw_public_key() const
virtual size_t size() const
Definition: xmss.h:229
Definition: alg_id.cpp:13
std::string algo_name() const override
Definition: xmss.h:186
XMSS_PublicKey(XMSS_Parameters::xmss_algorithm_t xmss_oid, RandomNumberGenerator &rng)
XMSS_Parameters m_xmss_params
Definition: xmss.h:245
std::vector< uint8_t > m_raw_key
Definition: xmss.h:244
std::vector< uint8_t > public_key_bits() const override