Botan  2.1.0
Crypto and TLS for C++11
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Botan::XMSS_WOTS_PrivateKey Class Reference

#include <xmss_wots_privatekey.h>

Inheritance diagram for Botan::XMSS_WOTS_PrivateKey:
Botan::XMSS_WOTS_PublicKey Botan::Private_Key Botan::Public_Key Botan::Public_Key

Public Member Functions

virtual std::string algo_name () const override
 
virtual AlgorithmIdentifier algorithm_identifier () const override
 
virtual bool check_key (RandomNumberGenerator &, bool) const override
 
virtual std::unique_ptr< PK_Ops::Decryptioncreate_decryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::Encryptioncreate_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::KEM_Decryptioncreate_kem_decryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::KEM_Encryptioncreate_kem_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::Key_Agreementcreate_key_agreement_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::Signaturecreate_signature_op (RandomNumberGenerator &, const std::string &, const std::string &provider) const override
 
virtual std::unique_ptr< PK_Ops::Verificationcreate_verification_op (const std::string &, const std::string &provider) const override
 
virtual size_t estimated_strength () const override
 
std::string fingerprint (const std::string &alg="SHA") const
 
wots_keysig_t generate_private_key (const secure_vector< uint8_t > &priv_seed)
 
XMSS_WOTS_PublicKey generate_public_key (XMSS_Address &adrs)
 
void generate_public_key (XMSS_WOTS_PublicKey &pub_key, wots_keysig_t &&in_key_data, XMSS_Address &adrs)
 
virtual OID get_oid () const
 
const wots_keysig_tkey_data () const
 
wots_keysig_tkey_data ()
 
virtual size_t key_length () const override
 
virtual size_t message_part_size () const
 
virtual size_t message_parts () const
 
 operator const wots_keysig_t & () const
 
 operator wots_keysig_t & ()
 
bool operator!= (const XMSS_WOTS_PublicKey &key)
 
bool operator== (const XMSS_WOTS_PublicKey &key)
 
wots_keysig_t operator[] (size_t i)
 
wots_keysig_t operator[] (const XMSS_Address &adrs)
 
const secure_vector< uint8_t > & operator[] (size_t i) const
 
virtual AlgorithmIdentifier pkcs8_algorithm_identifier () const override
 
virtual secure_vector< uint8_t > private_key_bits () const override
 
secure_vector< uint8_t > private_key_info () const
 
const secure_vector< uint8_t > & private_seed () const
 
virtual std::vector< uint8_t > public_key_bits () const override
 
const secure_vector< uint8_t > & public_seed () const
 
secure_vector< uint8_t > & public_seed ()
 
void set_key_data (const wots_keysig_t &key_data)
 
void set_key_data (wots_keysig_t &&key_data)
 
void set_private_seed (const secure_vector< uint8_t > &private_seed)
 
void set_private_seed (secure_vector< uint8_t > &&private_seed)
 
void set_public_seed (const secure_vector< uint8_t > &public_seed)
 
void set_public_seed (secure_vector< uint8_t > &&public_seed)
 
wots_keysig_t sign (const secure_vector< uint8_t > &msg, XMSS_Address &adrs)
 
std::vector< uint8_t > subject_public_key () const
 
const XMSS_WOTS_Parameterswots_parameters () const
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid, RandomNumberGenerator &rng)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed, RandomNumberGenerator &rng)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed, const secure_vector< uint8_t > &private_seed)
 

Protected Member Functions

void chain (secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed)
 

Protected Attributes

XMSS_Hash m_hash
 
wots_keysig_t m_key
 
secure_vector< uint8_t > m_public_seed
 
XMSS_WOTS_Parameters m_wots_params
 

Detailed Description

A Winternitz One Time Signature private key for use with Extended Hash-Based Signatures.

Definition at line 27 of file xmss_wots_privatekey.h.

Constructor & Destructor Documentation

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid)
inline

Creates a WOTS private key for the chosen XMSS WOTS signature method. Members need to be initialized manually.

Parameters
oidIdentifier for the selected signature method.

Definition at line 37 of file xmss_wots_privatekey.h.

38  : XMSS_WOTS_PublicKey(oid)
39  {}
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid,
RandomNumberGenerator rng 
)
inline

Creates a WOTS private key for the chosen XMSS WOTS signature method.

Parameters
oidIdentifier for the selected signature method.
rngA random number generator to use for key generation.

Definition at line 47 of file xmss_wots_privatekey.h.

49  : XMSS_WOTS_PublicKey(oid, rng),
50  m_private_seed(rng.random_vec(m_wots_params.element_size()))
51  {
52  set_key_data(generate(m_private_seed));
53  }
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
void set_key_data(const wots_keysig_t &key_data)
XMSS_WOTS_Parameters m_wots_params
Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid,
const secure_vector< uint8_t > &  public_seed,
RandomNumberGenerator rng 
)
inline

Constructs a WOTS private key. Chains will be generated on demand applying a hash function to a unique value generated from a secret seed and a counter. The secret seed of length n, will be automatically generated using AutoSeeded_RNG(). "n" equals the element size of the chosen WOTS security parameter set.

Parameters
oidIdentifier for the selected signature method.
public_seedA public seed used for the pseudo random generation of public keys derived from this private key.
rngA random number generator to use for key generation.

Definition at line 67 of file xmss_wots_privatekey.h.

71  m_private_seed(rng.random_vec(m_wots_params.element_size()))
72  {
73  set_key_data(generate(m_private_seed));
74  }
const secure_vector< uint8_t > & public_seed() const
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
void set_key_data(const wots_keysig_t &key_data)
XMSS_WOTS_Parameters m_wots_params
Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid,
const secure_vector< uint8_t > &  public_seed 
)
inline

Constructs a WOTS private key. Chains will be generated on demand applying a hash function to a unique value generated from a secret seed and a counter. The secret seed of length n, will be automatically generated using AutoSeeded_RNG(). "n" equals the element size of the chosen WOTS security parameter set.

Parameters
oidIdentifier for the selected signature method.
public_seedA public seed used for the pseudo random generation of public keys derived from this private key.

Definition at line 87 of file xmss_wots_privatekey.h.

90  {}
const secure_vector< uint8_t > & public_seed() const
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid,
const secure_vector< uint8_t > &  public_seed,
const secure_vector< uint8_t > &  private_seed 
)
inline

Constructs a WOTS private key. Chains will be generated on demand applying a hash function to a unique value generated from the secret seed and a counter.

Parameters
oidIdentifier for the selected signature method.
public_seedA public seed used for the pseudo random generation of public keys derived from this private key.
private_seedA secret uniformly random n-byte value.

Definition at line 102 of file xmss_wots_privatekey.h.

106  m_private_seed(private_seed)
107  {
108  set_key_data(generate(private_seed));
109  }
const secure_vector< uint8_t > & private_seed() const
const secure_vector< uint8_t > & public_seed() const
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
void set_key_data(const wots_keysig_t &key_data)

Member Function Documentation

virtual std::string Botan::XMSS_WOTS_PublicKey::algo_name ( ) const
inlineoverridevirtualinherited

Get the name of the underlying public key scheme.

Returns
name of the public key scheme

Implements Botan::Public_Key.

Definition at line 234 of file xmss_wots_publickey.h.

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::algo_name(), create_signature_op(), and Botan::XMSS_WOTS_PublicKey::create_verification_op().

235  {
236  return m_wots_params.name();
237  }
const std::string & name() const
XMSS_WOTS_Parameters m_wots_params
virtual AlgorithmIdentifier Botan::XMSS_WOTS_PublicKey::algorithm_identifier ( ) const
inlineoverridevirtualinherited
Returns
X.509 AlgorithmIdentifier for this key

Implements Botan::Public_Key.

Definition at line 239 of file xmss_wots_publickey.h.

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::algorithm_identifier().

240  {
241  throw Not_Implemented("No AlgorithmIdentifier available for XMSS-WOTS.");
242  }
void Botan::XMSS_WOTS_PublicKey::chain ( secure_vector< uint8_t > &  x,
size_t  start_idx,
size_t  steps,
XMSS_Address adrs,
const secure_vector< uint8_t > &  public_seed 
)
protectedinherited

Algorithm 2: Chaining Function.

Takes an n-byte input string and transforms it into a the function result iterating the cryptographic hash function "F" steps times on the input x using the outputs of the PRNG "G".

Parameters
[out]xAn n-byte input string, that will be transformed into the chaining function result.
start_idxThe start index.
stepsA number of steps.
adrsAn OTS Hash Address.
public_seedA public seed.

Definition at line 17 of file xmss_wots_publickey.cpp.

References Botan::XMSS_Address::bytes(), Botan::XMSS_Hash::f(), Botan::XMSS_Address::Key_Mode, Botan::XMSS_WOTS_PublicKey::m_hash, Botan::XMSS_WOTS_PublicKey::m_wots_params, Botan::XMSS_Address::Mask_Mode, Botan::XMSS_Hash::prf(), Botan::XMSS_Address::set_hash_address(), Botan::XMSS_Address::set_key_mask_mode(), Botan::XMSS_WOTS_Parameters::wots_parameter(), and Botan::xor_buf().

Referenced by generate_public_key(), and sign().

22  {
23  for(size_t i = start_idx;
24  i < (start_idx + steps) && i < m_wots_params.wots_parameter();
25  i++)
26  {
27  adrs.set_hash_address(i);
28 
29  //Calculate tmp XOR bitmask
30  adrs.set_key_mask_mode(XMSS_Address::Key_Mask::Mask_Mode);
31  xor_buf(result, m_hash.prf(seed, adrs.bytes()), result.size());
32 
33  // Calculate key
34  adrs.set_key_mask_mode(XMSS_Address::Key_Mask::Key_Mode);
35 
36  //Calculate f(key, tmp XOR bitmask)
37  m_hash.f(result, m_hash.prf(seed, adrs.bytes()), result);
38  }
39  }
void xor_buf(T out[], const T in[], size_t length)
Definition: mem_ops.h:115
void f(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:74
void prf(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:38
XMSS_WOTS_Parameters m_wots_params
virtual bool Botan::XMSS_WOTS_PublicKey::check_key ( RandomNumberGenerator rng,
bool  strong 
) const
inlineoverridevirtualinherited

Test the key values for consistency.

Parameters
rngrng to use
strongwhether to perform strong and lengthy version of the test
Returns
true if the test is passed

Implements Botan::Public_Key.

Definition at line 244 of file xmss_wots_publickey.h.

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::check_key().

245  {
246  return true;
247  }
std::unique_ptr< PK_Ops::Decryption > Botan::Private_Key::create_decryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an decryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::RSA_PrivateKey, and Botan::ElGamal_PrivateKey.

Definition at line 102 of file pk_keys.cpp.

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Decryptor_EME::PK_Decryptor_EME().

105  {
106  throw Lookup_Error(algo_name() + " does not support decryption");
107  }
virtual std::string algo_name() const =0
std::unique_ptr< PK_Ops::Encryption > Botan::Public_Key::create_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::RSA_PublicKey, and Botan::ElGamal_PublicKey.

Definition at line 79 of file pk_keys.cpp.

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Encryptor_EME::PK_Encryptor_EME().

82  {
83  throw Lookup_Error(algo_name() + " does not support encryption");
84  }
virtual std::string algo_name() const =0
std::unique_ptr< PK_Ops::KEM_Decryption > Botan::Private_Key::create_kem_decryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM decryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::RSA_PrivateKey, and Botan::McEliece_PrivateKey.

Definition at line 110 of file pk_keys.cpp.

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_KEM_Decryptor::PK_KEM_Decryptor().

113  {
114  throw Lookup_Error(algo_name() + " does not support KEM decryption");
115  }
virtual std::string algo_name() const =0
std::unique_ptr< PK_Ops::KEM_Encryption > Botan::Public_Key::create_kem_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::RSA_PublicKey, and Botan::McEliece_PublicKey.

Definition at line 87 of file pk_keys.cpp.

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_KEM_Encryptor::PK_KEM_Encryptor().

90  {
91  throw Lookup_Error(algo_name() + " does not support KEM encryption");
92  }
virtual std::string algo_name() const =0
std::unique_ptr< PK_Ops::Key_Agreement > Botan::Private_Key::create_key_agreement_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a key agreement operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::ECDH_PrivateKey, Botan::Curve25519_PrivateKey, and Botan::DH_PrivateKey.

Definition at line 126 of file pk_keys.cpp.

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Key_Agreement::PK_Key_Agreement().

129  {
130  throw Lookup_Error(algo_name() + " does not support key agreement");
131  }
virtual std::string algo_name() const =0
std::unique_ptr< PK_Ops::Signature > Botan::XMSS_WOTS_PrivateKey::create_signature_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
overridevirtual

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a signature operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Private_Key.

Definition at line 82 of file xmss_wots_privatekey.cpp.

References Botan::XMSS_WOTS_PublicKey::algo_name().

85  {
86  if(provider == "base" || provider.empty())
87  return std::unique_ptr<PK_Ops::Signature>(
88  new XMSS_WOTS_Signature_Operation(*this));
89 
90  throw Provider_Not_Found(algo_name(), provider);
91  }
virtual std::string algo_name() const override
std::unique_ptr< PK_Ops::Verification > Botan::XMSS_WOTS_PublicKey::create_verification_op ( const std::string &  params,
const std::string &  provider 
) const
overridevirtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 68 of file xmss_wots_publickey.cpp.

References Botan::XMSS_WOTS_PublicKey::algo_name().

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::create_verification_op().

70  {
71  if(provider == "base" || provider.empty())
72  {
73  return std::unique_ptr<PK_Ops::Verification>(
74  new XMSS_WOTS_Verification_Operation(*this));
75  }
76  throw Provider_Not_Found(algo_name(), provider);
77  }
virtual std::string algo_name() const override
virtual size_t Botan::XMSS_WOTS_PublicKey::estimated_strength ( ) const
inlineoverridevirtualinherited

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns
estimated strength in bits

Implements Botan::Public_Key.

Definition at line 253 of file xmss_wots_publickey.h.

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::estimated_strength(), and Botan::XMSS_WOTS_Addressed_PublicKey::key_length().

254  {
256  }
XMSS_WOTS_Parameters m_wots_params
std::string Botan::Private_Key::fingerprint ( const std::string &  alg = "SHA") const
inherited
Returns
Hash of the PKCS #8 encoding for this key object

Definition at line 57 of file pk_keys.cpp.

References Botan::HashFunction::create(), hash, Botan::hex_encode(), and Botan::Private_Key::private_key_bits().

Referenced by Botan::Certificate_Store_In_SQL::find_certs_for_key(), Botan::Certificate_Store_In_SQL::insert_key(), and Botan::Certificate_Store_In_SQL::remove_key().

58  {
59  secure_vector<uint8_t> buf = private_key_bits();
60  std::unique_ptr<HashFunction> hash(HashFunction::create(alg));
61  hash->update(buf);
62  const auto hex_print = hex_encode(hash->final());
63 
64  std::string formatted_print;
65 
66  for(size_t i = 0; i != hex_print.size(); i += 2)
67  {
68  formatted_print.push_back(hex_print[i]);
69  formatted_print.push_back(hex_print[i+1]);
70 
71  if(i != hex_print.size() - 2)
72  formatted_print.push_back(':');
73  }
74 
75  return formatted_print;
76  }
virtual secure_vector< uint8_t > private_key_bits() const =0
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
Definition: hash.cpp:93
void hex_encode(char output[], const uint8_t input[], size_t input_length, bool uppercase)
Definition: hex.cpp:14
MechanismType hash
wots_keysig_t Botan::XMSS_WOTS_PrivateKey::generate_private_key ( const secure_vector< uint8_t > &  priv_seed)
XMSS_WOTS_PublicKey Botan::XMSS_WOTS_PrivateKey::generate_public_key ( XMSS_Address adrs)

Algorithm 4: "WOTS_genPK" Generates a Winternitz One Time Signature+ (WOTS+) Public Key from a given private key.

Parameters
adrsHash function address encoding the address of the WOTS+ key pair within a greater structure.
Returns
A XMSS_WOTS_PublicKey.

Definition at line 32 of file xmss_wots_privatekey.cpp.

References Botan::XMSS_WOTS_PublicKey::m_wots_params, Botan::XMSS_WOTS_Parameters::oid(), and Botan::XMSS_WOTS_PublicKey::public_seed().

Referenced by Botan::XMSS_PrivateKey::tree_hash().

33  {
35  public_seed());
36  generate_public_key(pub_key, wots_keysig_t((*this)[adrs]), adrs);
37  return pub_key;
38  }
const secure_vector< uint8_t > & public_seed() const
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
XMSS_WOTS_PublicKey generate_public_key(XMSS_Address &adrs)
std::vector< secure_vector< uint8_t > > wots_keysig_t
ots_algorithm_t oid() const
XMSS_WOTS_Parameters m_wots_params
void Botan::XMSS_WOTS_PrivateKey::generate_public_key ( XMSS_WOTS_PublicKey pub_key,
wots_keysig_t &&  in_key_data,
XMSS_Address adrs 
)

Algorithm 4: "WOTS_genPK" Initializes a Winternitz One Time Signature+ (WOTS+) Public Key's key_data() member, with data derived from in_key_data using the WOTS chaining function.

Parameters
[out]pub_keyPublic key to initialize key_data() member on.
in_key_dataInput key material from private key used for public key generation.
adrsHash function address encoding the address of the WOTS+ key pair within a greater structure.

Definition at line 41 of file xmss_wots_privatekey.cpp.

References BOTAN_ASSERT, Botan::XMSS_WOTS_PublicKey::chain(), Botan::XMSS_WOTS_Parameters::len(), Botan::XMSS_WOTS_PublicKey::m_wots_params, Botan::XMSS_WOTS_PublicKey::public_seed(), Botan::XMSS_Address::set_chain_address(), Botan::XMSS_WOTS_PublicKey::set_key_data(), Botan::XMSS_WOTS_Parameters::wots_parameter(), and Botan::XMSS_WOTS_PublicKey::wots_parameters().

44  {
45  BOTAN_ASSERT(wots_parameters() == pub_key.wots_parameters() &&
46  public_seed() == pub_key.public_seed(),
47  "Conflicting public key data.");
48 
49  pub_key.set_key_data(std::move(in_key_data));
50  for(size_t i = 0; i < m_wots_params.len(); i++)
51  {
52  adrs.set_chain_address(i);
53  chain(pub_key[i], 0, m_wots_params.wots_parameter() - 1, adrs,
54  public_seed());
55  }
56  }
const secure_vector< uint8_t > & public_seed() const
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
const XMSS_WOTS_Parameters & wots_parameters() const
void chain(secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed)
XMSS_WOTS_Parameters m_wots_params
OID Botan::Public_Key::get_oid ( ) const
virtualinherited

Get the OID of the underlying public key scheme.

Returns
OID of the public key scheme

Reimplemented in Botan::XMSS_WOTS_Addressed_PublicKey.

Definition at line 30 of file pk_keys.cpp.

References Botan::Public_Key::algo_name(), and Botan::OIDS::lookup().

Referenced by Botan::DL_Scheme_PublicKey::algorithm_identifier(), Botan::Curve25519_PublicKey::algorithm_identifier(), Botan::McEliece_PublicKey::algorithm_identifier(), Botan::RSA_PublicKey::algorithm_identifier(), Botan::GOST_3410_PublicKey::algorithm_identifier(), Botan::EC_PublicKey::algorithm_identifier(), Botan::TPM_PrivateKey::algorithm_identifier(), and Botan::XMSS_WOTS_Addressed_PublicKey::get_oid().

31  {
32  try {
33  return OIDS::lookup(algo_name());
34  }
35  catch(Lookup_Error&)
36  {
37  throw Lookup_Error("PK algo " + algo_name() + " has no defined OIDs");
38  }
39  }
virtual std::string algo_name() const =0
std::string lookup(const OID &oid)
Definition: oids.cpp:18
const wots_keysig_t& Botan::XMSS_WOTS_PublicKey::key_data ( ) const
inlineinherited

Definition at line 215 of file xmss_wots_publickey.h.

References m_key.

Referenced by Botan::XMSS_WOTS_Verification_Operation::is_valid_signature().

215 { return m_key; }
wots_keysig_t& Botan::XMSS_WOTS_PublicKey::key_data ( )
inlineinherited

Definition at line 217 of file xmss_wots_publickey.h.

References m_key.

217 { return m_key; }
virtual size_t Botan::XMSS_WOTS_PublicKey::key_length ( ) const
inlineoverridevirtualinherited

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implements Botan::Public_Key.

Definition at line 258 of file xmss_wots_publickey.h.

259  {
261  }
XMSS_WOTS_Parameters m_wots_params
virtual size_t Botan::Public_Key::message_part_size ( ) const
inlinevirtualinherited

Returns how large each of the message parts refered to by message_parts() is

This function is public but applications should have few reasons to ever call this.

Returns
size of the message parts in bits

Reimplemented in Botan::GOST_3410_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, and Botan::DSA_PublicKey.

Definition at line 114 of file pk_keys.h.

Referenced by Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

114 { return 0; }
virtual size_t Botan::Public_Key::message_parts ( ) const
inlinevirtualinherited

Returns more than 1 if the output of this algorithm (ciphertext, signature) should be treated as more than one value. This is used for algorithms like DSA and ECDSA, where the (r,s) output pair can be encoded as either a plain binary list or a TLV tagged DER encoding depending on the protocol.

This function is public but applications should have few reasons to ever call this.

Returns
number of message parts

Reimplemented in Botan::GOST_3410_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, and Botan::DSA_PublicKey.

Definition at line 103 of file pk_keys.h.

Referenced by Botan::X509_Object::check_signature(), Botan::choose_sig_format(), Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

103 { return 1; }
Botan::XMSS_WOTS_PublicKey::operator const wots_keysig_t & ( ) const
inlineinherited

Convert the key into the raw key data. The key becomes a length len vector of n-byte elements.

Definition at line 193 of file xmss_wots_publickey.h.

References m_key.

193 { return m_key; }
Botan::XMSS_WOTS_PublicKey::operator wots_keysig_t & ( )
inlineinherited

Convert the key into the raw key data. The key becomes a length len vector of n-byte elements.

Definition at line 199 of file xmss_wots_publickey.h.

References m_key.

199 { return m_key; }
bool Botan::XMSS_WOTS_PublicKey::operator!= ( const XMSS_WOTS_PublicKey key)
inlineinherited

Definition at line 273 of file xmss_wots_publickey.h.

274  {
275  return !(*this == key);
276  }
bool Botan::XMSS_WOTS_PublicKey::operator== ( const XMSS_WOTS_PublicKey key)
inlineinherited

Definition at line 268 of file xmss_wots_publickey.h.

References Botan::XMSS_WOTS_PublicKey::m_key, and m_key.

269  {
270  return m_key == key.m_key;
271  }
wots_keysig_t Botan::XMSS_WOTS_PrivateKey::operator[] ( size_t  i)
inline

Retrieves the i-th WOTS private key using pseudo random key (re-)generation.

Parameters
iIndex of the key to retrieve.
Returns
WOTS secret key.

Definition at line 119 of file xmss_wots_privatekey.h.

References Botan::XMSS_Tools::concat(), and m_hash.

120  {
121  secure_vector<uint8_t> idx_bytes;
123  m_hash.h(idx_bytes, m_private_seed, idx_bytes);
124  return generate(idx_bytes);
125  }
void h(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.cpp:36
static void concat(secure_vector< uint8_t > &target, const T &src)
Definition: xmss_tools.h:63
XMSS_WOTS_Parameters m_wots_params
wots_keysig_t Botan::XMSS_WOTS_PrivateKey::operator[] ( const XMSS_Address adrs)
inline

Retrieves the i-th WOTS private key using pseudo random key (re-)generation.

Parameters
adrsThe address of the key to retrieve.
Returns
WOTS secret key.

Definition at line 135 of file xmss_wots_privatekey.h.

References Botan::XMSS_Address::bytes(), and m_hash.

136  {
137  secure_vector<uint8_t> result;
138  m_hash.prf(result, m_private_seed, adrs.bytes());
139  return generate(result);
140  }
void prf(secure_vector< uint8_t > &result, const secure_vector< uint8_t > &key, const secure_vector< uint8_t > &data)
Definition: xmss_hash.h:38
const secure_vector<uint8_t>& Botan::XMSS_WOTS_PublicKey::operator[] ( size_t  i) const
inlineinherited

Retrieves the i-th element out of the length len chain of n-byte elements contained in the public key.

Parameters
iindex of the element.
Returns
n-byte element addressed by i.

Definition at line 186 of file xmss_wots_publickey.h.

References m_key.

186 { return m_key[i]; }
virtual AlgorithmIdentifier Botan::XMSS_WOTS_PrivateKey::pkcs8_algorithm_identifier ( ) const
inlineoverridevirtual
Returns
PKCS #8 AlgorithmIdentifier for this key Might be different from the X.509 identifier, but normally is not

Reimplemented from Botan::Private_Key.

Definition at line 219 of file xmss_wots_privatekey.h.

Referenced by Botan::XMSS_WOTS_Addressed_PrivateKey::pkcs8_algorithm_identifier().

220  {
221  throw Not_Implemented("No AlgorithmIdentifier available for XMSS-WOTS.");
222  }
virtual secure_vector<uint8_t> Botan::XMSS_WOTS_PrivateKey::private_key_bits ( ) const
inlineoverridevirtual
Returns
BER encoded private key bits

Implements Botan::Private_Key.

Definition at line 229 of file xmss_wots_privatekey.h.

Referenced by Botan::XMSS_WOTS_Addressed_PrivateKey::private_key_bits().

230  {
231  throw Not_Implemented("No PKCS8 key format defined for XMSS-WOTS.");
232  }
secure_vector< uint8_t > Botan::Private_Key::private_key_info ( ) const
inherited
Returns
PKCS #8 private key encoding for this key object

Definition at line 41 of file pk_keys.cpp.

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::OCTET_STRING, Botan::Private_Key::pkcs8_algorithm_identifier(), Botan::Private_Key::private_key_bits(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

Referenced by Botan::PKCS8::BER_encode(), Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(), and Botan::PKCS8::BER_encode_encrypted_pbkdf_msec().

42  {
43  const size_t PKCS8_VERSION = 0;
44 
45  return DER_Encoder()
46  .start_cons(SEQUENCE)
47  .encode(PKCS8_VERSION)
49  .encode(private_key_bits(), OCTET_STRING)
50  .end_cons()
51  .get_contents();
52  }
virtual secure_vector< uint8_t > private_key_bits() const =0
virtual AlgorithmIdentifier pkcs8_algorithm_identifier() const
Definition: pk_keys.h:188
const secure_vector<uint8_t>& Botan::XMSS_WOTS_PrivateKey::private_seed ( ) const
inline

Retrieves the secret seed used to generate WOTS+ chains. The seed should be a uniformly random n-byte value.

Returns
secret seed.

Definition at line 191 of file xmss_wots_privatekey.h.

Referenced by Botan::XMSS_PrivateKey::raw_private_key().

192  {
193  return m_private_seed;
194  }
virtual std::vector<uint8_t> Botan::XMSS_WOTS_PublicKey::public_key_bits ( ) const
inlineoverridevirtualinherited
Returns
BER encoded public key bits

Implements Botan::Public_Key.

Definition at line 263 of file xmss_wots_publickey.h.

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::public_key_bits().

264  {
265  throw Not_Implemented("No key format defined for XMSS-WOTS");
266  }
const secure_vector<uint8_t>& Botan::XMSS_WOTS_PublicKey::public_seed ( ) const
inlineinherited
secure_vector<uint8_t>& Botan::XMSS_WOTS_PublicKey::public_seed ( )
inlineinherited

Definition at line 203 of file xmss_wots_publickey.h.

203 { return m_public_seed; }
secure_vector< uint8_t > m_public_seed
void Botan::XMSS_WOTS_PublicKey::set_key_data ( const wots_keysig_t key_data)
inlineinherited

Definition at line 219 of file xmss_wots_publickey.h.

References m_key.

Referenced by generate_public_key().

220  {
221  m_key = key_data;
222  }
const wots_keysig_t & key_data() const
void Botan::XMSS_WOTS_PublicKey::set_key_data ( wots_keysig_t &&  key_data)
inlineinherited

Definition at line 224 of file xmss_wots_publickey.h.

References m_key.

225  {
226  m_key = std::move(key_data);
227  }
const wots_keysig_t & key_data() const
void Botan::XMSS_WOTS_PrivateKey::set_private_seed ( const secure_vector< uint8_t > &  private_seed)
inline

Sets the secret seed used to generate WOTS+ chains. The seed should be a uniformly random n-byte value.

Parameters
private_seedUniformly random n-byte value.

Definition at line 202 of file xmss_wots_privatekey.h.

Referenced by Botan::XMSS_PrivateKey::XMSS_PrivateKey().

203  {
204  m_private_seed = private_seed;
205  }
const secure_vector< uint8_t > & private_seed() const
void Botan::XMSS_WOTS_PrivateKey::set_private_seed ( secure_vector< uint8_t > &&  private_seed)
inline

Sets the secret seed used to generate WOTS+ chains. The seed should be a uniformly random n-byte value.

Parameters
private_seedUniformly random n-byte value.

Definition at line 213 of file xmss_wots_privatekey.h.

214  {
215  m_private_seed = std::move(private_seed);
216  }
const secure_vector< uint8_t > & private_seed() const
void Botan::XMSS_WOTS_PublicKey::set_public_seed ( const secure_vector< uint8_t > &  public_seed)
inlineinherited

Definition at line 205 of file xmss_wots_publickey.h.

206  {
208  }
secure_vector< uint8_t > m_public_seed
const secure_vector< uint8_t > & public_seed() const
void Botan::XMSS_WOTS_PublicKey::set_public_seed ( secure_vector< uint8_t > &&  public_seed)
inlineinherited

Definition at line 210 of file xmss_wots_publickey.h.

211  {
212  m_public_seed = std::move(public_seed);
213  }
secure_vector< uint8_t > m_public_seed
const secure_vector< uint8_t > & public_seed() const
wots_keysig_t Botan::XMSS_WOTS_PrivateKey::sign ( const secure_vector< uint8_t > &  msg,
XMSS_Address adrs 
)

Algorithm 5: "WOTS_sign" Generates a signature from a private key and a message.

Parameters
msgA message to sign.
adrsAn OTS hash address identifying the WOTS+ key pair used for signing.
Returns
signature for msg.

Definition at line 59 of file xmss_wots_privatekey.cpp.

References Botan::XMSS_WOTS_Parameters::append_checksum(), Botan::XMSS_WOTS_Parameters::base_w(), Botan::XMSS_WOTS_PublicKey::chain(), Botan::XMSS_WOTS_Parameters::len(), Botan::XMSS_WOTS_Parameters::len_1(), Botan::XMSS_WOTS_PublicKey::m_public_seed, Botan::XMSS_WOTS_PublicKey::m_wots_params, and Botan::XMSS_Address::set_chain_address().

Referenced by Botan::XMSS_WOTS_Signature_Operation::sign().

63  {
64  secure_vector<uint8_t> msg_digest
65  {
67  };
68 
69  m_wots_params.append_checksum(msg_digest);
70  wots_keysig_t sig((*this)[adrs]);
71 
72  for(size_t i = 0; i < m_wots_params.len(); i++)
73  {
74  adrs.set_chain_address(i);
75  chain(sig[i], 0 , msg_digest[i], adrs, m_public_seed);
76  }
77 
78  return sig;
79  }
secure_vector< uint8_t > m_public_seed
secure_vector< uint8_t > base_w(const secure_vector< uint8_t > &msg, size_t out_size) const
std::vector< secure_vector< uint8_t > > wots_keysig_t
void append_checksum(secure_vector< uint8_t > &data)
void chain(secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed)
XMSS_WOTS_Parameters m_wots_params
std::vector< uint8_t > Botan::Public_Key::subject_public_key ( ) const
inherited
Returns
X.509 subject key encoding for this key object

Definition at line 17 of file pk_keys.cpp.

References Botan::Public_Key::algorithm_identifier(), Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents_unlocked(), Botan::Public_Key::public_key_bits(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

Referenced by Botan::X509::BER_encode(), and Botan::X509::PEM_encode().

18  {
19  return DER_Encoder()
20  .start_cons(SEQUENCE)
21  .encode(algorithm_identifier())
22  .encode(public_key_bits(), BIT_STRING)
23  .end_cons()
24  .get_contents_unlocked();
25  }
virtual std::vector< uint8_t > public_key_bits() const =0
virtual AlgorithmIdentifier algorithm_identifier() const =0
const XMSS_WOTS_Parameters& Botan::XMSS_WOTS_PublicKey::wots_parameters ( ) const
inlineinherited

Member Data Documentation

XMSS_Hash Botan::XMSS_WOTS_PublicKey::m_hash
protectedinherited

Definition at line 302 of file xmss_wots_publickey.h.

Referenced by Botan::XMSS_WOTS_PublicKey::chain().

wots_keysig_t Botan::XMSS_WOTS_PublicKey::m_key
protectedinherited

Definition at line 304 of file xmss_wots_publickey.h.

Referenced by Botan::XMSS_WOTS_PublicKey::operator==().

secure_vector<uint8_t> Botan::XMSS_WOTS_PublicKey::m_public_seed
protectedinherited

Definition at line 305 of file xmss_wots_publickey.h.

Referenced by sign().

XMSS_WOTS_Parameters Botan::XMSS_WOTS_PublicKey::m_wots_params
protectedinherited

The documentation for this class was generated from the following files: