Botan  2.1.0
Crypto and TLS for C++11
xmss_wots_parameters.cpp
Go to the documentation of this file.
1 /*
2  * XMSS WOTS Parameters
3  * Descibes a signature method for XMSS Winternitz One Time Signatures,
4  * as defined in:
5  * [1] XMSS: Extended Hash-Based Signatures,
6  * draft-itrf-cfrg-xmss-hash-based-signatures-06
7  * Release: July 2016.
8  * https://datatracker.ietf.org/doc/
9  * draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1
10  *
11  * (C) 2016 Matthias Gierlings
12  *
13  * Botan is released under the Simplified BSD License (see license.txt)
14  **/
15 
16 #include <botan/xmss_wots_parameters.h>
17 
18 namespace Botan {
19 
20 //static
23  {
24  if(param_set == "WOTSP_SHA2-256_W16")
25  return WOTSP_SHA2_256_W16;
26  if(param_set == "WOTSP_SHA2-512_W16")
27  return WOTSP_SHA2_512_W16;
28  if(param_set == "WOTSP_SHAKE128_W16")
29  return WOTSP_SHAKE128_W16;
30  if(param_set == "WOTSP_SHAKE256_W16")
31  return WOTSP_SHAKE256_W16;
32  throw Invalid_Argument("Unknown XMSS-WOTS algorithm param '" + param_set + "'");
33  }
34 
35 XMSS_WOTS_Parameters::XMSS_WOTS_Parameters(const std::string& param_set)
36  : XMSS_WOTS_Parameters(xmss_wots_id_from_string(param_set))
37  {}
38 
40  : m_oid(oid)
41  {
42  switch(oid)
43  {
44  case WOTSP_SHA2_256_W16:
45  m_element_size = 32;
46  m_w = 16;
47  m_len = 67;
48  m_name = "WOTSP_SHA2-256_W16";
49  m_hash_name = "SHA-256";
50  m_strength = 256;
51  break;
52  case WOTSP_SHA2_512_W16:
53  m_element_size = 64;
54  m_w = 16;
55  m_len = 131;
56  m_name = "WOTSP_SHA2-512_W16";
57  m_hash_name = "SHA-512";
58  m_strength = 512;
59  break;
60  case WOTSP_SHAKE128_W16:
61  m_element_size = 32;
62  m_w = 16;
63  m_len = 67;
64  m_name = "WOTSP_SHAKE128_W16";
65  m_hash_name = "SHAKE-128(256)";
66  m_strength = 256;
67  break;
68  case WOTSP_SHAKE256_W16:
69  m_element_size = 64;
70  m_w = 16;
71  m_len = 131;
72  m_name = "WOTSP_SHAKE256_W16";
73  m_hash_name = "SHAKE-256(512)";
74  m_strength = 512;
75  break;
76  default:
78  "Algorithm id does not match any XMSS WOTS algorithm id.");
79  break;
80  }
81 
82  m_w == 16 ? m_lg_w = 4 : m_lg_w = 2;
83  m_len_1 = static_cast<size_t>(ceil((8 * element_size()) / m_lg_w));
84  m_len_2 = static_cast<size_t>(
85  floor(log2(m_len_1 * (wots_parameter() - 1)) / m_lg_w) + 1);
86  BOTAN_ASSERT(m_len == m_len_1 + m_len_2, "Invalid XMSS WOTS parameter "
87  "\"len\" detedted.");
88  }
89 
91 XMSS_WOTS_Parameters::base_w(const secure_vector<uint8_t>& msg, size_t out_size) const
92  {
94  size_t in = 0;
95  size_t total = 0;
96  size_t bits = 0;
97 
98  for(size_t i = 0; i < out_size; i++)
99  {
100  if(bits == 0)
101  {
102  total = msg[in];
103  in++;
104  bits += 8;
105  }
106  bits -= m_lg_w;
107  result.push_back(static_cast<uint8_t>((total >> bits) & (m_w - 1)));
108  }
109  return result;
110  }
111 
113 XMSS_WOTS_Parameters::base_w(size_t value) const
114  {
115  value <<= (8 - ((m_len_2 * m_lg_w) % 8));
116  size_t len_2_bytes = static_cast<size_t>(
117  ceil(static_cast<float>(m_len_2 * m_lg_w) / 8.f));
118  secure_vector<uint8_t> result;
119  XMSS_Tools::concat(result, value, len_2_bytes);
120  return base_w(result, m_len_2);
121  }
122 
123 void
125  {
126  size_t csum = 0;
127 
128  for(size_t i = 0; i < data.size(); i++)
129  {
130  csum += wots_parameter() - 1 - data[i];
131  }
132 
133  secure_vector<uint8_t> csum_bytes = base_w(csum);
134  std::move(csum_bytes.begin(), csum_bytes.end(), std::back_inserter(data));
135  }
136 
137 }
static ots_algorithm_t xmss_wots_id_from_string(const std::string &param_set)
OID m_oid
Definition: x509_ext.cpp:682
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
secure_vector< uint8_t > base_w(const secure_vector< uint8_t > &msg, size_t out_size) const
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
Definition: alg_id.cpp:13
static void concat(secure_vector< uint8_t > &target, const T &src)
Definition: xmss_tools.h:63
void append_checksum(secure_vector< uint8_t > &data)
XMSS_WOTS_Parameters(const std::string &algo_name)