Botan  2.1.0
Crypto and TLS for C++11
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Botan::XMSS_Common_Ops Class Reference

#include <xmss_common_ops.h>

Inheritance diagram for Botan::XMSS_Common_Ops:
Botan::XMSS_PrivateKey Botan::XMSS_Signature_Operation Botan::XMSS_Verification_Operation

Public Member Functions

 XMSS_Common_Ops (XMSS_Parameters::xmss_algorithm_t oid)
 

Protected Member Functions

void create_l_tree (secure_vector< uint8_t > &result, wots_keysig_t pk, XMSS_Address &adrs, const secure_vector< uint8_t > &seed)
 
void randomize_tree_hash (secure_vector< uint8_t > &result, const secure_vector< uint8_t > &left, const secure_vector< uint8_t > &right, XMSS_Address &adrs, const secure_vector< uint8_t > &seed)
 

Protected Attributes

XMSS_Hash m_hash
 
XMSS_Parameters m_xmss_params
 

Detailed Description

Operations shared by XMSS signature generation and verification operations.

Definition at line 25 of file xmss_common_ops.h.

Constructor & Destructor Documentation

Botan::XMSS_Common_Ops::XMSS_Common_Ops ( XMSS_Parameters::xmss_algorithm_t  oid)
inline

Definition at line 28 of file xmss_common_ops.h.

XMSS_Parameters m_xmss_params
const std::string & hash_function_name() const

Member Function Documentation

void Botan::XMSS_Common_Ops::create_l_tree ( secure_vector< uint8_t > &  result,
wots_keysig_t  pk,
XMSS_Address adrs,
const secure_vector< uint8_t > &  seed 
)
protected

Algorithm 8: "ltree" Create an L-tree used to compute the leaves of the binary hash tree. Takes a WOTS+ public key and compresses it to a single n-byte value.

Parameters
[out]resultPublic key compressed to a single n-byte value pk[0].
[in]pkWinternitz One Time Signatures+ public key.
[in]adrsAddress encoding the address of the L-Tree
[in]seedThe seed generated during the public key generation.

Definition at line 45 of file xmss_common_ops.cpp.

References Botan::XMSS_Address::get_tree_height(), Botan::XMSS_Parameters::len(), m_xmss_params, randomize_tree_hash(), Botan::XMSS_Address::set_tree_height(), and Botan::XMSS_Address::set_tree_index().

Referenced by Botan::XMSS_PrivateKey::tree_hash().

49  {
50  size_t l = m_xmss_params.len();
51  adrs.set_tree_height(0);
52 
53  while(l > 1)
54  {
55  for(size_t i = 0; i < l >> 1; i++)
56  {
57  adrs.set_tree_index(i);
58  randomize_tree_hash(pk[i], pk[2 * i], pk[2 * i + 1], adrs, seed);
59  }
60  if(l & 0x01)
61  {
62  pk[l >> 1] = pk[l - 1];
63  }
64  l = (l >> 1) + (l & 0x01);
65  adrs.set_tree_height(adrs.get_tree_height() + 1);
66  }
67  result = pk[0];
68  }
XMSS_Parameters m_xmss_params
void randomize_tree_hash(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &left, const secure_vector< uint8_t > &right, XMSS_Address &adrs, const secure_vector< uint8_t > &seed)
void Botan::XMSS_Common_Ops::randomize_tree_hash ( secure_vector< uint8_t > &  result,
const secure_vector< uint8_t > &  left,
const secure_vector< uint8_t > &  right,
XMSS_Address adrs,
const secure_vector< uint8_t > &  seed 
)
protected

Algorithm 7: "RAND_HASH"

Generates a randomized hash.

Parameters
[out]resultThe resulting randomized hash.
[in]leftLeft half of the hash function input.
[in]rightRight half of the hash function input.
[in]adrsAdress of the hash function call.
[in]seedThe seed for G.

Definition at line 14 of file xmss_common_ops.cpp.

References BOTAN_ASSERT, Botan::XMSS_Address::bytes(), Botan::XMSS_Parameters::element_size(), Botan::XMSS_Hash::h(), Botan::XMSS_Address::Key_Mode, m_hash, m_xmss_params, Botan::XMSS_Address::Mask_LSB_Mode, Botan::XMSS_Address::Mask_MSB_Mode, Botan::XMSS_Hash::prf(), and Botan::XMSS_Address::set_key_mask_mode().

Referenced by create_l_tree(), and Botan::XMSS_PrivateKey::tree_hash().

19  {
20  adrs.set_key_mask_mode(XMSS_Address::Key_Mask::Key_Mode);
21  secure_vector<uint8_t> key { m_hash.prf(seed, adrs.bytes()) };
22 
23  adrs.set_key_mask_mode(XMSS_Address::Key_Mask::Mask_MSB_Mode);
24  secure_vector<uint8_t> bitmask_l { m_hash.prf(seed, adrs.bytes()) };
25 
26  adrs.set_key_mask_mode(XMSS_Address::Key_Mask::Mask_LSB_Mode);
27  secure_vector<uint8_t> bitmask_r { m_hash.prf(seed, adrs.bytes()) };
28 
29  BOTAN_ASSERT(bitmask_l.size() == left.size() &&
30  bitmask_r.size() == right.size(),
31  "Bitmask size doesn't match node size.");
32 
33  secure_vector<uint8_t> concat_xor(m_xmss_params.element_size() * 2);
34  for(size_t i = 0; i < left.size(); i++)
35  {
36  concat_xor[i] = left[i] ^ bitmask_l[i];
37  concat_xor[i + left.size()] = right[i] ^ bitmask_r[i];
38  }
39 
40  m_hash.h(result, key, concat_xor);
41  }
size_t element_size() const
void h(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.cpp:36
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
void prf(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:38
XMSS_Parameters m_xmss_params

Member Data Documentation

XMSS_Hash Botan::XMSS_Common_Ops::m_hash
protected
XMSS_Parameters Botan::XMSS_Common_Ops::m_xmss_params
protected

Definition at line 68 of file xmss_common_ops.h.

Referenced by create_l_tree(), and randomize_tree_hash().


The documentation for this class was generated from the following files: