Botan  2.1.0
Crypto and TLS for C++11
xmss_publickey.h
Go to the documentation of this file.
1 /*
2  * XMSS Public Key
3  * (C) 2016 Matthias Gierlings
4  *
5  * Botan is released under the Simplified BSD License (see license.txt)
6  **/
7 
8 #ifndef BOTAN_XMSS_PUBLICKEY_H__
9 #define BOTAN_XMSS_PUBLICKEY_H__
10 
11 #include <cstddef>
12 #include <iterator>
13 #include <limits>
14 #include <memory>
15 #include <string>
16 #include <botan/alg_id.h>
17 #include <botan/asn1_oid.h>
18 #include <botan/der_enc.h>
19 #include <botan/assert.h>
20 #include <botan/exceptn.h>
21 #include <botan/rng.h>
22 #include <botan/types.h>
23 #include <botan/pk_keys.h>
24 #include <botan/xmss_parameters.h>
25 #include <botan/xmss_wots_parameters.h>
26 #include <botan/pk_ops.h>
27 
28 namespace Botan {
29 
30 class XMSS_Verification_Operation;
31 
32 /**
33  * An XMSS: Extended Hash-Based Signature public key.
34  * The XMSS public key does not support the X509 standard. Instead the
35  * raw format described in [1] is used.
36  *
37  * [1] XMSS: Extended Hash-Based Signatures,
38  * draft-itrf-cfrg-xmss-hash-based-signatures-06
39  * Release: July 2016.
40  * https://datatracker.ietf.org/doc/
41  * draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1
42  **/
43 class BOTAN_DLL XMSS_PublicKey : public virtual Public_Key
44  {
45  public:
46  /**
47  * Creates a new XMSS public key for the chosen XMSS signature method.
48  * New public and prf seeds are generated using rng. The appropriate WOTS
49  * signature method will be automatically set based on the chosen XMSS
50  * signature method.
51  *
52  * @param xmss_oid Identifier for the selected XMSS signature method.
53  * @param rng A random number generator to use for key generation.
54  **/
57  : m_xmss_params(xmss_oid), m_wots_params(m_xmss_params.ots_oid()),
58  m_root(m_xmss_params.element_size()),
59  m_public_seed(rng.random_vec(m_xmss_params.element_size())) {}
60 
61  /**
62  * Creates an XMSS public key from a byte sequence produced by
63  * raw_private_key().
64  **/
65  XMSS_PublicKey(const std::vector<uint8_t>& raw_key);
66 
67  /**
68  * Creates a new XMSS public key for a chosen XMSS signature method as
69  * well as pre-computed root node and public_seed values.
70  *
71  * @param xmss_oid Identifier for the selected XMSS signature method.
72  * @param root Root node value.
73  * @param public_seed Public seed value.
74  **/
76  const secure_vector<uint8_t>& root,
77  const secure_vector<uint8_t>& public_seed)
78  : m_xmss_params(xmss_oid), m_wots_params(m_xmss_params.ots_oid()),
79  m_root(root), m_public_seed(public_seed) {}
80 
81  /**
82  * Creates a new XMSS public key for a chosen XMSS signature method as
83  * well as pre-computed root node and public_seed values.
84  *
85  * @param xmss_oid Identifier for the selected XMSS signature method.
86  * @param root Root node value.
87  * @param public_seed Public seed value.
88  **/
91  secure_vector<uint8_t>&& public_seed)
92  : m_xmss_params(xmss_oid), m_wots_params(m_xmss_params.ots_oid()),
93  m_root(std::move(root)), m_public_seed(std::move(public_seed)) {}
94 
95  /**
96  * Retrieves the chosen XMSS signature method.
97  *
98  * @return XMSS signature method identifier.
99  **/
101  {
102  return m_xmss_params.oid();
103  }
104 
105  /**
106  * Sets the chosen XMSS signature method
107  *
108  * @return XMSS signature method identifier.
109  **/
111  {
112  m_xmss_params = XMSS_Parameters(xmss_oid);
113  m_wots_params = XMSS_WOTS_Parameters(m_xmss_params.ots_oid());
114  }
115 
116  /**
117  * Retrieves the XMSS parameters determined by the chosen XMSS Signature
118  * method.
119  *
120  * @return XMSS parameters.
121  **/
123  {
124  return m_xmss_params;
125  }
126 
127  /**
128  * Retrieves the Winternitz One Time Signature (WOTS) method,
129  * corrseponding to the chosen XMSS signature method.
130  *
131  * @return XMSS WOTS signature method identifier.
132  **/
134  {
135  return m_wots_params.oid();
136  }
137 
138  /**
139  * Retrieves the Winternitz One Time Signature (WOTS) parameters
140  * corresponding to the chosen XMSS signature method.
141  *
142  * @return XMSS WOTS signature method parameters.
143  **/
145  {
146  return m_wots_params;
147  }
148 
150  {
151  return m_root;
152  }
153 
155  {
156  m_root = root;
157  }
158 
160  {
161  m_root = std::move(root);
162  }
163 
165  {
166  return m_root;
167  }
168 
170  {
171  return m_public_seed;
172  }
173 
174  virtual void set_public_seed(const secure_vector<uint8_t>& public_seed)
175  {
176  m_public_seed = public_seed;
177  }
178 
179  virtual void set_public_seed(secure_vector<uint8_t>&& public_seed)
180  {
181  m_public_seed = std::move(public_seed);
182  }
183 
184  virtual const secure_vector<uint8_t>& public_seed() const
185  {
186  return m_public_seed;
187  }
188 
189  std::string algo_name() const override
190  {
191  return "XMSS";
192  }
193 
194  virtual AlgorithmIdentifier algorithm_identifier() const override
195  {
197  }
198 
199  virtual bool check_key(RandomNumberGenerator&, bool) const override
200  {
201  return true;
202  }
203 
204  virtual std::unique_ptr<PK_Ops::Verification>
205  create_verification_op(const std::string&,
206  const std::string& provider) const override;
207 
208  virtual size_t estimated_strength() const override
209  {
210  return m_xmss_params.estimated_strength();
211  }
212 
213  virtual size_t key_length() const override
214  {
215  return m_xmss_params.estimated_strength();
216  }
217 
218  /**
219  * Returns a raw byte sequence as defined in [1].
220  * This method acts as an alias for raw_public_key().
221  *
222  * @return raw public key bits.
223  **/
224  virtual std::vector<uint8_t> public_key_bits() const override
225  {
226  return raw_public_key();
227  }
228 
229  /**
230  * Size in bytes of the serialized XMSS public key produced by
231  * raw_public_key().
232  *
233  * @return size in bytes of serialized Public Key.
234  **/
235  virtual size_t size() const
236  {
237  return sizeof(uint32_t) + 2 * m_xmss_params.element_size();
238  }
239 
240  /**
241  * Generates a non standardized byte sequence representing the XMSS
242  * public key, as defined in [1] (p. 23, "XMSS Public Key")
243  *
244  * @return 4-byte OID, followed by n-byte root node, followed by
245  * public seed.
246  **/
247  virtual std::vector<uint8_t> raw_public_key() const;
248 
249  protected:
254 
255  private:
256  XMSS_Parameters::xmss_algorithm_t deserialize_xmss_oid(
257  const std::vector<uint8_t>& raw_key);
258  };
259 
260 }
261 
262 #endif
virtual size_t estimated_strength() const override
secure_vector< uint8_t > m_public_seed
XMSS_PublicKey(XMSS_Parameters::xmss_algorithm_t xmss_oid, const secure_vector< uint8_t > &root, const secure_vector< uint8_t > &public_seed)
virtual void set_public_seed(const secure_vector< uint8_t > &public_seed)
secure_vector< uint8_t > m_root
void set_root(const secure_vector< uint8_t > &root)
Definition: bigint.h:619
void set_root(secure_vector< uint8_t > &&root)
virtual AlgorithmIdentifier algorithm_identifier() const override
virtual void set_public_seed(secure_vector< uint8_t > &&public_seed)
const XMSS_Parameters & xmss_parameters() const
const secure_vector< uint8_t > & root() const
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
void set_xmss_oid(XMSS_Parameters::xmss_algorithm_t xmss_oid)
secure_vector< uint8_t > & root()
virtual size_t size() const
virtual const secure_vector< uint8_t > & public_seed() const
virtual size_t key_length() const override
Definition: alg_id.cpp:13
XMSS_PublicKey(XMSS_Parameters::xmss_algorithm_t xmss_oid, secure_vector< uint8_t > &&root, secure_vector< uint8_t > &&public_seed)
const XMSS_WOTS_Parameters & wots_parameters() const
virtual bool check_key(RandomNumberGenerator &, bool) const override
std::string algo_name() const override
XMSS_PublicKey(XMSS_Parameters::xmss_algorithm_t xmss_oid, RandomNumberGenerator &rng)
XMSS_Parameters::xmss_algorithm_t xmss_oid() const
XMSS_WOTS_Parameters m_wots_params
virtual secure_vector< uint8_t > & public_seed()
XMSS_Parameters m_xmss_params
XMSS_WOTS_Parameters::ots_algorithm_t wots_oid() const
virtual std::vector< uint8_t > public_key_bits() const override