Botan  2.1.0
Crypto and TLS for C++11
Public Member Functions | Protected Attributes | List of all members
Botan::XMSS_PublicKey Class Reference

#include <xmss_publickey.h>

Inheritance diagram for Botan::XMSS_PublicKey:
Botan::Public_Key Botan::XMSS_PrivateKey

Public Member Functions

std::string algo_name () const override
 
virtual AlgorithmIdentifier algorithm_identifier () const override
 
virtual bool check_key (RandomNumberGenerator &, bool) const override
 
virtual std::unique_ptr< PK_Ops::Encryptioncreate_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::KEM_Encryptioncreate_kem_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::Verificationcreate_verification_op (const std::string &, const std::string &provider) const override
 
virtual size_t estimated_strength () const override
 
virtual OID get_oid () const
 
virtual size_t key_length () const override
 
virtual size_t message_part_size () const
 
virtual size_t message_parts () const
 
virtual std::vector< uint8_t > public_key_bits () const override
 
virtual secure_vector< uint8_t > & public_seed ()
 
virtual const secure_vector< uint8_t > & public_seed () const
 
virtual std::vector< uint8_t > raw_public_key () const
 
secure_vector< uint8_t > & root ()
 
const secure_vector< uint8_t > & root () const
 
virtual void set_public_seed (const secure_vector< uint8_t > &public_seed)
 
virtual void set_public_seed (secure_vector< uint8_t > &&public_seed)
 
void set_root (const secure_vector< uint8_t > &root)
 
void set_root (secure_vector< uint8_t > &&root)
 
void set_xmss_oid (XMSS_Parameters::xmss_algorithm_t xmss_oid)
 
virtual size_t size () const
 
std::vector< uint8_t > subject_public_key () const
 
XMSS_WOTS_Parameters::ots_algorithm_t wots_oid () const
 
const XMSS_WOTS_Parameterswots_parameters () const
 
XMSS_Parameters::xmss_algorithm_t xmss_oid () const
 
const XMSS_Parametersxmss_parameters () const
 
 XMSS_PublicKey (XMSS_Parameters::xmss_algorithm_t xmss_oid, RandomNumberGenerator &rng)
 
 XMSS_PublicKey (const std::vector< uint8_t > &raw_key)
 
 XMSS_PublicKey (XMSS_Parameters::xmss_algorithm_t xmss_oid, const secure_vector< uint8_t > &root, const secure_vector< uint8_t > &public_seed)
 
 XMSS_PublicKey (XMSS_Parameters::xmss_algorithm_t xmss_oid, secure_vector< uint8_t > &&root, secure_vector< uint8_t > &&public_seed)
 

Protected Attributes

secure_vector< uint8_t > m_public_seed
 
secure_vector< uint8_t > m_root
 
XMSS_WOTS_Parameters m_wots_params
 
XMSS_Parameters m_xmss_params
 

Detailed Description

An XMSS: Extended Hash-Based Signature public key. The XMSS public key does not support the X509 standard. Instead the raw format described in [1] is used.

[1] XMSS: Extended Hash-Based Signatures, draft-itrf-cfrg-xmss-hash-based-signatures-06 Release: July 2016. https://datatracker.ietf.org/doc/ draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1

Definition at line 43 of file xmss_publickey.h.

Constructor & Destructor Documentation

Botan::XMSS_PublicKey::XMSS_PublicKey ( XMSS_Parameters::xmss_algorithm_t  xmss_oid,
RandomNumberGenerator rng 
)
inline

Creates a new XMSS public key for the chosen XMSS signature method. New public and prf seeds are generated using rng. The appropriate WOTS signature method will be automatically set based on the chosen XMSS signature method.

Parameters
xmss_oidIdentifier for the selected XMSS signature method.
rngA random number generator to use for key generation.

Definition at line 55 of file xmss_publickey.h.

59  m_public_seed(rng.random_vec(m_xmss_params.element_size())) {}
secure_vector< uint8_t > m_public_seed
size_t element_size() const
secure_vector< uint8_t > m_root
XMSS_WOTS_Parameters::ots_algorithm_t ots_oid() const
XMSS_Parameters::xmss_algorithm_t xmss_oid() const
XMSS_WOTS_Parameters m_wots_params
XMSS_Parameters m_xmss_params
Botan::XMSS_PublicKey::XMSS_PublicKey ( const std::vector< uint8_t > &  raw_key)

Creates an XMSS public key from a byte sequence produced by raw_private_key().

Definition at line 23 of file xmss_publickey.cpp.

References Botan::XMSS_Parameters::element_size(), m_public_seed, m_root, m_xmss_params, and size().

24  : m_xmss_params(XMSS_PublicKey::deserialize_xmss_oid(raw_key)),
26  {
27  if(raw_key.size() < size())
28  {
29  throw Integrity_Failure("Invalid XMSS public key size detected.");
30  }
31 
32  // extract & copy root from raw key.
33  m_root.clear();
35  auto begin = raw_key.begin() + sizeof(uint32_t);
36  auto end = begin + m_xmss_params.element_size();
37  std::copy(begin, end, std::back_inserter(m_root));
38 
39  // extract & copy public seed from raw key.
40  begin = end;
41  end = begin + m_xmss_params.element_size();
42  m_public_seed.clear();
44  std::copy(begin, end, std::back_inserter(m_public_seed));
45  }
secure_vector< uint8_t > m_public_seed
size_t element_size() const
secure_vector< uint8_t > m_root
XMSS_WOTS_Parameters::ots_algorithm_t ots_oid() const
virtual size_t size() const
XMSS_WOTS_Parameters m_wots_params
XMSS_Parameters m_xmss_params
Botan::XMSS_PublicKey::XMSS_PublicKey ( XMSS_Parameters::xmss_algorithm_t  xmss_oid,
const secure_vector< uint8_t > &  root,
const secure_vector< uint8_t > &  public_seed 
)
inline

Creates a new XMSS public key for a chosen XMSS signature method as well as pre-computed root node and public_seed values.

Parameters
xmss_oidIdentifier for the selected XMSS signature method.
rootRoot node value.
public_seedPublic seed value.

Definition at line 75 of file xmss_publickey.h.

secure_vector< uint8_t > m_public_seed
secure_vector< uint8_t > m_root
XMSS_WOTS_Parameters::ots_algorithm_t ots_oid() const
secure_vector< uint8_t > & root()
XMSS_Parameters::xmss_algorithm_t xmss_oid() const
XMSS_WOTS_Parameters m_wots_params
virtual secure_vector< uint8_t > & public_seed()
XMSS_Parameters m_xmss_params
Botan::XMSS_PublicKey::XMSS_PublicKey ( XMSS_Parameters::xmss_algorithm_t  xmss_oid,
secure_vector< uint8_t > &&  root,
secure_vector< uint8_t > &&  public_seed 
)
inline

Creates a new XMSS public key for a chosen XMSS signature method as well as pre-computed root node and public_seed values.

Parameters
xmss_oidIdentifier for the selected XMSS signature method.
rootRoot node value.
public_seedPublic seed value.

Definition at line 89 of file xmss_publickey.h.

93  m_root(std::move(root)), m_public_seed(std::move(public_seed)) {}
secure_vector< uint8_t > m_public_seed
secure_vector< uint8_t > m_root
XMSS_WOTS_Parameters::ots_algorithm_t ots_oid() const
secure_vector< uint8_t > & root()
XMSS_Parameters::xmss_algorithm_t xmss_oid() const
XMSS_WOTS_Parameters m_wots_params
virtual secure_vector< uint8_t > & public_seed()
XMSS_Parameters m_xmss_params

Member Function Documentation

std::string Botan::XMSS_PublicKey::algo_name ( ) const
inlineoverridevirtual

Get the name of the underlying public key scheme.

Returns
name of the public key scheme

Implements Botan::Public_Key.

Definition at line 189 of file xmss_publickey.h.

Referenced by Botan::XMSS_PrivateKey::create_signature_op(), and create_verification_op().

190  {
191  return "XMSS";
192  }
virtual AlgorithmIdentifier Botan::XMSS_PublicKey::algorithm_identifier ( ) const
inlineoverridevirtual
Returns
X.509 AlgorithmIdentifier for this key

Implements Botan::Public_Key.

Definition at line 194 of file xmss_publickey.h.

References Botan::AlgorithmIdentifier::USE_NULL_PARAM.

195  {
196  return AlgorithmIdentifier(get_oid(), AlgorithmIdentifier::USE_NULL_PARAM);
197  }
virtual OID get_oid() const
Definition: pk_keys.cpp:30
virtual bool Botan::XMSS_PublicKey::check_key ( RandomNumberGenerator rng,
bool  strong 
) const
inlineoverridevirtual

Test the key values for consistency.

Parameters
rngrng to use
strongwhether to perform strong and lengthy version of the test
Returns
true if the test is passed

Implements Botan::Public_Key.

Definition at line 199 of file xmss_publickey.h.

200  {
201  return true;
202  }
std::unique_ptr< PK_Ops::Encryption > Botan::Public_Key::create_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::RSA_PublicKey, and Botan::ElGamal_PublicKey.

Definition at line 79 of file pk_keys.cpp.

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Encryptor_EME::PK_Encryptor_EME().

82  {
83  throw Lookup_Error(algo_name() + " does not support encryption");
84  }
virtual std::string algo_name() const =0
std::unique_ptr< PK_Ops::KEM_Encryption > Botan::Public_Key::create_kem_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::RSA_PublicKey, and Botan::McEliece_PublicKey.

Definition at line 87 of file pk_keys.cpp.

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_KEM_Encryptor::PK_KEM_Encryptor().

90  {
91  throw Lookup_Error(algo_name() + " does not support KEM encryption");
92  }
virtual std::string algo_name() const =0
std::unique_ptr< PK_Ops::Verification > Botan::XMSS_PublicKey::create_verification_op ( const std::string &  params,
const std::string &  provider 
) const
overridevirtual

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 64 of file xmss_publickey.cpp.

References algo_name().

66  {
67  if(provider == "base" || provider.empty())
68  {
69  return std::unique_ptr<PK_Ops::Verification>(
70  new XMSS_Verification_Operation(*this));
71  }
72  throw Provider_Not_Found(algo_name(), provider);
73  }
std::string algo_name() const override
virtual size_t Botan::XMSS_PublicKey::estimated_strength ( ) const
inlineoverridevirtual

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns
estimated strength in bits

Implements Botan::Public_Key.

Definition at line 208 of file xmss_publickey.h.

209  {
211  }
size_t estimated_strength() const
XMSS_Parameters m_xmss_params
OID Botan::Public_Key::get_oid ( ) const
virtualinherited

Get the OID of the underlying public key scheme.

Returns
OID of the public key scheme

Reimplemented in Botan::XMSS_WOTS_Addressed_PublicKey.

Definition at line 30 of file pk_keys.cpp.

References Botan::Public_Key::algo_name(), and Botan::OIDS::lookup().

Referenced by Botan::DL_Scheme_PublicKey::algorithm_identifier(), Botan::Curve25519_PublicKey::algorithm_identifier(), Botan::McEliece_PublicKey::algorithm_identifier(), Botan::RSA_PublicKey::algorithm_identifier(), Botan::GOST_3410_PublicKey::algorithm_identifier(), Botan::EC_PublicKey::algorithm_identifier(), Botan::TPM_PrivateKey::algorithm_identifier(), and Botan::XMSS_WOTS_Addressed_PublicKey::get_oid().

31  {
32  try {
33  return OIDS::lookup(algo_name());
34  }
35  catch(Lookup_Error&)
36  {
37  throw Lookup_Error("PK algo " + algo_name() + " has no defined OIDs");
38  }
39  }
virtual std::string algo_name() const =0
std::string lookup(const OID &oid)
Definition: oids.cpp:18
virtual size_t Botan::XMSS_PublicKey::key_length ( ) const
inlineoverridevirtual

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implements Botan::Public_Key.

Definition at line 213 of file xmss_publickey.h.

214  {
216  }
size_t estimated_strength() const
XMSS_Parameters m_xmss_params
virtual size_t Botan::Public_Key::message_part_size ( ) const
inlinevirtualinherited

Returns how large each of the message parts refered to by message_parts() is

This function is public but applications should have few reasons to ever call this.

Returns
size of the message parts in bits

Reimplemented in Botan::GOST_3410_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, and Botan::DSA_PublicKey.

Definition at line 114 of file pk_keys.h.

Referenced by Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

114 { return 0; }
virtual size_t Botan::Public_Key::message_parts ( ) const
inlinevirtualinherited

Returns more than 1 if the output of this algorithm (ciphertext, signature) should be treated as more than one value. This is used for algorithms like DSA and ECDSA, where the (r,s) output pair can be encoded as either a plain binary list or a TLV tagged DER encoding depending on the protocol.

This function is public but applications should have few reasons to ever call this.

Returns
number of message parts

Reimplemented in Botan::GOST_3410_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, and Botan::DSA_PublicKey.

Definition at line 103 of file pk_keys.h.

Referenced by Botan::X509_Object::check_signature(), Botan::choose_sig_format(), Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

103 { return 1; }
virtual std::vector<uint8_t> Botan::XMSS_PublicKey::public_key_bits ( ) const
inlineoverridevirtual

Returns a raw byte sequence as defined in [1]. This method acts as an alias for raw_public_key().

Returns
raw public key bits.

Implements Botan::Public_Key.

Definition at line 224 of file xmss_publickey.h.

225  {
226  return raw_public_key();
227  }
virtual std::vector< uint8_t > raw_public_key() const
virtual secure_vector<uint8_t>& Botan::XMSS_PublicKey::public_seed ( )
inlinevirtual

Definition at line 169 of file xmss_publickey.h.

170  {
171  return m_public_seed;
172  }
secure_vector< uint8_t > m_public_seed
virtual const secure_vector<uint8_t>& Botan::XMSS_PublicKey::public_seed ( ) const
inlinevirtual

Reimplemented in Botan::XMSS_PrivateKey.

Definition at line 184 of file xmss_publickey.h.

185  {
186  return m_public_seed;
187  }
secure_vector< uint8_t > m_public_seed
std::vector< uint8_t > Botan::XMSS_PublicKey::raw_public_key ( ) const
virtual

Generates a non standardized byte sequence representing the XMSS public key, as defined in 1

Returns
4-byte OID, followed by n-byte root node, followed by public seed.

Definition at line 75 of file xmss_publickey.cpp.

References m_public_seed, m_root, m_xmss_params, and Botan::XMSS_Parameters::oid().

Referenced by Botan::XMSS_PrivateKey::raw_private_key().

76  {
77  std::vector<uint8_t> result
78  {
79  static_cast<uint8_t>(m_xmss_params.oid() >> 24),
80  static_cast<uint8_t>(m_xmss_params.oid() >> 16),
81  static_cast<uint8_t>(m_xmss_params.oid() >> 8),
82  static_cast<uint8_t>(m_xmss_params.oid())
83  };
84 
85  std::copy(m_root.begin(), m_root.end(), std::back_inserter(result));
86  std::copy(m_public_seed.begin(),
87  m_public_seed.end(),
88  std::back_inserter(result));
89 
90  return result;
91  }
secure_vector< uint8_t > m_public_seed
secure_vector< uint8_t > m_root
xmss_algorithm_t oid() const
XMSS_Parameters m_xmss_params
secure_vector<uint8_t>& Botan::XMSS_PublicKey::root ( )
inline

Definition at line 149 of file xmss_publickey.h.

150  {
151  return m_root;
152  }
secure_vector< uint8_t > m_root
const secure_vector<uint8_t>& Botan::XMSS_PublicKey::root ( ) const
inline

Definition at line 164 of file xmss_publickey.h.

165  {
166  return m_root;
167  }
secure_vector< uint8_t > m_root
virtual void Botan::XMSS_PublicKey::set_public_seed ( const secure_vector< uint8_t > &  public_seed)
inlinevirtual

Reimplemented in Botan::XMSS_PrivateKey.

Definition at line 174 of file xmss_publickey.h.

175  {
177  }
secure_vector< uint8_t > m_public_seed
virtual secure_vector< uint8_t > & public_seed()
virtual void Botan::XMSS_PublicKey::set_public_seed ( secure_vector< uint8_t > &&  public_seed)
inlinevirtual

Reimplemented in Botan::XMSS_PrivateKey.

Definition at line 179 of file xmss_publickey.h.

180  {
181  m_public_seed = std::move(public_seed);
182  }
secure_vector< uint8_t > m_public_seed
virtual secure_vector< uint8_t > & public_seed()
void Botan::XMSS_PublicKey::set_root ( const secure_vector< uint8_t > &  root)
inline

Definition at line 154 of file xmss_publickey.h.

Referenced by Botan::XMSS_PrivateKey::XMSS_PrivateKey().

155  {
156  m_root = root;
157  }
secure_vector< uint8_t > m_root
secure_vector< uint8_t > & root()
void Botan::XMSS_PublicKey::set_root ( secure_vector< uint8_t > &&  root)
inline

Definition at line 159 of file xmss_publickey.h.

160  {
161  m_root = std::move(root);
162  }
secure_vector< uint8_t > m_root
secure_vector< uint8_t > & root()
void Botan::XMSS_PublicKey::set_xmss_oid ( XMSS_Parameters::xmss_algorithm_t  xmss_oid)
inline

Sets the chosen XMSS signature method

Returns
XMSS signature method identifier.

Definition at line 110 of file xmss_publickey.h.

111  {
112  m_xmss_params = XMSS_Parameters(xmss_oid);
113  m_wots_params = XMSS_WOTS_Parameters(m_xmss_params.ots_oid());
114  }
XMSS_WOTS_Parameters::ots_algorithm_t ots_oid() const
XMSS_Parameters::xmss_algorithm_t xmss_oid() const
XMSS_WOTS_Parameters m_wots_params
XMSS_Parameters m_xmss_params
virtual size_t Botan::XMSS_PublicKey::size ( ) const
inlinevirtual

Size in bytes of the serialized XMSS public key produced by raw_public_key().

Returns
size in bytes of serialized Public Key.

Reimplemented in Botan::XMSS_PrivateKey.

Definition at line 235 of file xmss_publickey.h.

Referenced by Botan::XMSS_PrivateKey::size(), Botan::XMSS_PrivateKey::XMSS_PrivateKey(), and XMSS_PublicKey().

236  {
237  return sizeof(uint32_t) + 2 * m_xmss_params.element_size();
238  }
size_t element_size() const
XMSS_Parameters m_xmss_params
std::vector< uint8_t > Botan::Public_Key::subject_public_key ( ) const
inherited
Returns
X.509 subject key encoding for this key object

Definition at line 17 of file pk_keys.cpp.

References Botan::Public_Key::algorithm_identifier(), Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents_unlocked(), Botan::Public_Key::public_key_bits(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

Referenced by Botan::X509::BER_encode(), and Botan::X509::PEM_encode().

18  {
19  return DER_Encoder()
20  .start_cons(SEQUENCE)
21  .encode(algorithm_identifier())
22  .encode(public_key_bits(), BIT_STRING)
23  .end_cons()
24  .get_contents_unlocked();
25  }
virtual std::vector< uint8_t > public_key_bits() const =0
virtual AlgorithmIdentifier algorithm_identifier() const =0
XMSS_WOTS_Parameters::ots_algorithm_t Botan::XMSS_PublicKey::wots_oid ( ) const
inline

Retrieves the Winternitz One Time Signature (WOTS) method, corrseponding to the chosen XMSS signature method.

Returns
XMSS WOTS signature method identifier.

Definition at line 133 of file xmss_publickey.h.

134  {
135  return m_wots_params.oid();
136  }
XMSS_WOTS_Parameters m_wots_params
ots_algorithm_t oid() const
const XMSS_WOTS_Parameters& Botan::XMSS_PublicKey::wots_parameters ( ) const
inline

Retrieves the Winternitz One Time Signature (WOTS) parameters corresponding to the chosen XMSS signature method.

Returns
XMSS WOTS signature method parameters.

Definition at line 144 of file xmss_publickey.h.

145  {
146  return m_wots_params;
147  }
XMSS_WOTS_Parameters m_wots_params
XMSS_Parameters::xmss_algorithm_t Botan::XMSS_PublicKey::xmss_oid ( ) const
inline

Retrieves the chosen XMSS signature method.

Returns
XMSS signature method identifier.

Definition at line 100 of file xmss_publickey.h.

101  {
102  return m_xmss_params.oid();
103  }
xmss_algorithm_t oid() const
XMSS_Parameters m_xmss_params
const XMSS_Parameters& Botan::XMSS_PublicKey::xmss_parameters ( ) const
inline

Retrieves the XMSS parameters determined by the chosen XMSS Signature method.

Returns
XMSS parameters.

Definition at line 122 of file xmss_publickey.h.

Referenced by Botan::XMSS_Verification_Operation::is_valid_signature().

123  {
124  return m_xmss_params;
125  }
XMSS_Parameters m_xmss_params

Member Data Documentation

secure_vector<uint8_t> Botan::XMSS_PublicKey::m_public_seed
protected

Definition at line 253 of file xmss_publickey.h.

Referenced by raw_public_key(), and XMSS_PublicKey().

secure_vector<uint8_t> Botan::XMSS_PublicKey::m_root
protected

Definition at line 252 of file xmss_publickey.h.

Referenced by raw_public_key(), and XMSS_PublicKey().

XMSS_WOTS_Parameters Botan::XMSS_PublicKey::m_wots_params
protected

Definition at line 251 of file xmss_publickey.h.

Referenced by Botan::XMSS_PrivateKey::XMSS_PrivateKey().

XMSS_Parameters Botan::XMSS_PublicKey::m_xmss_params
protected

The documentation for this class was generated from the following files: