Botan  2.1.0
Crypto and TLS for C++11
xmss_wots_publickey.cpp
Go to the documentation of this file.
1 /*
2  * XMSS WOTS Public Key
3  * A Winternitz One Time Signature public key for use with Extended Hash-Based
4  * Signatures.
5  *
6  * (C) 2016 Matthias Gierlings
7  *
8  * Botan is released under the Simplified BSD License (see license.txt)
9  **/
10 
11 #include <botan/internal/xmss_wots_verification_operation.h>
12 #include <botan/xmss_wots_publickey.h>
13 
14 namespace Botan {
15 
16 void
18  size_t start_idx,
19  size_t steps,
20  XMSS_Address& adrs,
21  const secure_vector<uint8_t>& seed)
22  {
23  for(size_t i = start_idx;
24  i < (start_idx + steps) && i < m_wots_params.wots_parameter();
25  i++)
26  {
27  adrs.set_hash_address(i);
28 
29  //Calculate tmp XOR bitmask
31  xor_buf(result, m_hash.prf(seed, adrs.bytes()), result.size());
32 
33  // Calculate key
35 
36  //Calculate f(key, tmp XOR bitmask)
37  m_hash.f(result, m_hash.prf(seed, adrs.bytes()), result);
38  }
39  }
40 
42 XMSS_WOTS_PublicKey::pub_key_from_signature(const secure_vector<uint8_t>& msg,
43  const wots_keysig_t& sig,
44  XMSS_Address& adrs,
45  const secure_vector<uint8_t>& seed)
46  {
47  secure_vector<uint8_t> msg_digest
48  {
50  };
51 
52  m_wots_params.append_checksum(msg_digest);
53  wots_keysig_t result(sig);
54 
55  for(size_t i = 0; i < m_wots_params.len(); i++)
56  {
57  adrs.set_chain_address(i);
58  chain(result[i],
59  msg_digest[i],
60  m_wots_params.wots_parameter() - 1 - msg_digest[i],
61  adrs,
62  seed);
63  }
64  return result;
65  }
66 
67 std::unique_ptr<PK_Ops::Verification>
69  const std::string& provider) const
70  {
71  if(provider == "base" || provider.empty())
72  {
73  return std::unique_ptr<PK_Ops::Verification>(
75  }
76  throw Provider_Not_Found(algo_name(), provider);
77  }
78 
79 }
void xor_buf(T out[], const T in[], size_t length)
Definition: mem_ops.h:115
void f(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:74
secure_vector< uint8_t > base_w(const secure_vector< uint8_t > &msg, size_t out_size) const
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
void prf(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:38
virtual std::string algo_name() const override
Definition: alg_id.cpp:13
void set_chain_address(uint32_t value)
Definition: xmss_address.h:224
std::vector< secure_vector< uint8_t > > wots_keysig_t
virtual std::unique_ptr< PK_Ops::Verification > create_verification_op(const std::string &, const std::string &provider) const override
void append_checksum(secure_vector< uint8_t > &data)
void set_key_mask_mode(Key_Mask value)
Definition: xmss_address.h:136
void chain(secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed)
const secure_vector< uint8_t > & bytes() const
Definition: xmss_address.h:326
void set_hash_address(uint32_t value)
Definition: xmss_address.h:286
XMSS_WOTS_Parameters m_wots_params