Botan 2.19.3
Crypto and TLS for C&
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Botan::XMSS_WOTS_PrivateKey Class Referencefinal

#include <xmss_wots.h>

Inheritance diagram for Botan::XMSS_WOTS_PrivateKey:
Botan::XMSS_WOTS_PublicKey Botan::Private_Key Botan::Public_Key Botan::Public_Key

Public Member Functions

std::string algo_name () const override
 
AlgorithmIdentifier algorithm_identifier () const override
 
wots_keysig_t at (const XMSS_Address &adrs, XMSS_Hash &hash)
 
wots_keysig_t at (size_t i, XMSS_Hash &hash)
 
bool check_key (RandomNumberGenerator &, bool) const override
 
virtual std::unique_ptr< PK_Ops::Decryptioncreate_decryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::Encryptioncreate_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::KEM_Decryptioncreate_kem_decryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::KEM_Encryptioncreate_kem_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::Key_Agreementcreate_key_agreement_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::Signaturecreate_signature_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
virtual std::unique_ptr< PK_Ops::Verificationcreate_verification_op (const std::string &params, const std::string &provider) const
 
virtual Signature_Format default_x509_signature_format () const
 
size_t estimated_strength () const override
 
std::string fingerprint (const std::string &alg) const
 
std::string fingerprint_private (const std::string &alg) const
 
std::string fingerprint_public (const std::string &alg="SHA-256") const
 
wots_keysig_t generate_private_key (const secure_vector< uint8_t > &priv_seed)
 
XMSS_WOTS_PublicKey generate_public_key (XMSS_Address &adrs)
 
void generate_public_key (XMSS_WOTS_PublicKey &pub_key, wots_keysig_t &&in_key_data, XMSS_Address &adrs)
 
void generate_public_key (XMSS_WOTS_PublicKey &pub_key, wots_keysig_t &&in_key_data, XMSS_Address &adrs, XMSS_Hash &hash)
 
virtual OID get_oid () const
 
wots_keysig_tkey_data ()
 
const wots_keysig_tkey_data () const
 
size_t key_length () const override
 
virtual size_t message_part_size () const
 
virtual size_t message_parts () const
 
 operator const wots_keysig_t & () const
 
 operator wots_keysig_t & ()
 
bool operator!= (const XMSS_WOTS_PublicKey &key)
 
bool operator== (const XMSS_WOTS_PublicKey &key)
 
wots_keysig_t operator[] (const XMSS_Address &adrs)
 
wots_keysig_t operator[] (size_t i)
 
const secure_vector< uint8_t > & operator[] (size_t i) const
 
AlgorithmIdentifier pkcs8_algorithm_identifier () const override
 
secure_vector< uint8_t > private_key_bits () const override
 
secure_vector< uint8_t > private_key_info () const
 
const secure_vector< uint8_t > & private_seed () const
 
std::vector< uint8_t > public_key_bits () const override
 
secure_vector< uint8_t > & public_seed ()
 
const secure_vector< uint8_t > & public_seed () const
 
void set_key_data (const wots_keysig_t &key_data)
 
void set_key_data (wots_keysig_t &&key_data)
 
void set_private_seed (const secure_vector< uint8_t > &private_seed)
 
void set_private_seed (secure_vector< uint8_t > &&private_seed)
 
void set_public_seed (const secure_vector< uint8_t > &public_seed)
 
void set_public_seed (secure_vector< uint8_t > &&public_seed)
 
wots_keysig_t sign (const secure_vector< uint8_t > &msg, XMSS_Address &adrs)
 
wots_keysig_t sign (const secure_vector< uint8_t > &msg, XMSS_Address &adrs, XMSS_Hash &hash)
 
virtual bool stateful_operation () const
 
std::vector< uint8_t > subject_public_key () const
 
const XMSS_WOTS_Parameterswots_parameters () const
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed, const secure_vector< uint8_t > &private_seed)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid, const secure_vector< uint8_t > &public_seed, RandomNumberGenerator &rng)
 
 XMSS_WOTS_PrivateKey (XMSS_WOTS_Parameters::ots_algorithm_t oid, RandomNumberGenerator &rng)
 

Protected Member Functions

void chain (secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed)
 
void chain (secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed, XMSS_Hash &hash)
 

Protected Attributes

XMSS_Hash m_hash
 
wots_keysig_t m_key
 
secure_vector< uint8_t > m_public_seed
 
XMSS_WOTS_Parameters m_wots_params
 

Detailed Description

A Winternitz One Time Signature private key for use with Extended Hash-Based Signatures.

Definition at line 455 of file xmss_wots.h.

Constructor & Destructor Documentation

◆ XMSS_WOTS_PrivateKey() [1/5]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid)
inline

Creates a WOTS private key for the chosen XMSS WOTS signature method. Members need to be initialized manually.

Parameters
oidIdentifier for the selected signature method.

Definition at line 465 of file xmss_wots.h.

467 {}
XMSS_WOTS_PublicKey(XMSS_WOTS_Parameters::ots_algorithm_t oid)
Definition xmss_wots.h:186

◆ XMSS_WOTS_PrivateKey() [2/5]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid,
RandomNumberGenerator rng 
)
inline

Creates a WOTS private key for the chosen XMSS WOTS signature method.

Parameters
oidIdentifier for the selected signature method.
rngA random number generator to use for key generation.

Definition at line 475 of file xmss_wots.h.

477 : XMSS_WOTS_PublicKey(oid, rng),
478 m_private_seed(rng.random_vec(m_wots_params.element_size()))
479 {
480 set_key_data(generate(m_private_seed));
481 }
size_t element_size() const
Definition xmss_wots.h:85
XMSS_WOTS_Parameters m_wots_params
Definition xmss_wots.h:427
void set_key_data(const wots_keysig_t &key_data)
Definition xmss_wots.h:321

References Botan::XMSS_WOTS_PublicKey::set_key_data().

◆ XMSS_WOTS_PrivateKey() [3/5]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid,
const secure_vector< uint8_t > &  public_seed,
RandomNumberGenerator rng 
)
inline

Constructs a WOTS private key. Chains will be generated on demand applying a hash function to a unique value generated from a secret seed and a counter. The secret seed of length n, will be automatically generated using AutoSeeded_RNG(). "n" equals the element size of the chosen WOTS security parameter set.

Parameters
oidIdentifier for the selected signature method.
public_seedA public seed used for the pseudo random generation of public keys derived from this private key.
rngA random number generator to use for key generation.

Definition at line 495 of file xmss_wots.h.

499 m_private_seed(rng.random_vec(m_wots_params.element_size()))
500 {
501 set_key_data(generate(m_private_seed));
502 }
const secure_vector< uint8_t > & public_seed() const
Definition xmss_wots.h:303

References Botan::XMSS_WOTS_PublicKey::set_key_data().

◆ XMSS_WOTS_PrivateKey() [4/5]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid,
const secure_vector< uint8_t > &  public_seed 
)
inline

Constructs a WOTS private key. Chains will be generated on demand applying a hash function to a unique value generated from a secret seed and a counter. The secret seed of length n, will be automatically generated using AutoSeeded_RNG(). "n" equals the element size of the chosen WOTS security parameter set.

Parameters
oidIdentifier for the selected signature method.
public_seedA public seed used for the pseudo random generation of public keys derived from this private key.

Definition at line 515 of file xmss_wots.h.

518 {}

◆ XMSS_WOTS_PrivateKey() [5/5]

Botan::XMSS_WOTS_PrivateKey::XMSS_WOTS_PrivateKey ( XMSS_WOTS_Parameters::ots_algorithm_t  oid,
const secure_vector< uint8_t > &  public_seed,
const secure_vector< uint8_t > &  private_seed 
)
inline

Constructs a WOTS private key. Chains will be generated on demand applying a hash function to a unique value generated from the secret seed and a counter.

Parameters
oidIdentifier for the selected signature method.
public_seedA public seed used for the pseudo random generation of public keys derived from this private key.
private_seedA secret uniformly random n-byte value.

Definition at line 530 of file xmss_wots.h.

534 m_private_seed(private_seed)
535 {
536 set_key_data(generate(private_seed));
537 }
const secure_vector< uint8_t > & private_seed() const
Definition xmss_wots.h:686

References private_seed(), and Botan::XMSS_WOTS_PublicKey::set_key_data().

Member Function Documentation

◆ algo_name()

std::string Botan::XMSS_WOTS_PublicKey::algo_name ( ) const
inlineoverridevirtualinherited

Get the name of the underlying public key scheme.

Returns
name of the public key scheme

Implements Botan::Public_Key.

Definition at line 336 of file xmss_wots.h.

337 {
338 return m_wots_params.name();
339 }
const std::string & name() const
Definition xmss_wots.h:65

References Botan::XMSS_WOTS_PublicKey::m_wots_params, and Botan::XMSS_WOTS_Parameters::name().

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::algo_name().

◆ algorithm_identifier()

AlgorithmIdentifier Botan::XMSS_WOTS_PublicKey::algorithm_identifier ( ) const
inlineoverridevirtualinherited
Returns
X.509 AlgorithmIdentifier for this key

Implements Botan::Public_Key.

Definition at line 341 of file xmss_wots.h.

342 {
343 throw Not_Implemented("No AlgorithmIdentifier available for XMSS-WOTS.");
344 }

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::algorithm_identifier().

◆ at() [1/2]

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::at ( const XMSS_Address adrs,
XMSS_Hash hash 
)

Retrieves the i-th WOTS private key using pseudo random key (re-)generation.

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
adrsThe address of the key to retrieve.
hashInstance of XMSS_Hash, that may only be used by the thead executing at.
Returns
WOTS secret key.

Definition at line 84 of file xmss_wots_privatekey.cpp.

85 {
86 secure_vector<uint8_t> result;
87 hash.prf(result, m_private_seed, adrs.bytes());
88 return generate(result, hash);
89 }
MechanismType hash

References Botan::XMSS_Address::bytes(), and hash.

◆ at() [2/2]

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::at ( size_t  i,
XMSS_Hash hash 
)

Retrieves the i-th WOTS private key using pseudo random key (re-)generation.

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
iIndex of the key to retrieve.
hashInstance of XMSS_Hash, that may only be used by the thead executing at.
Returns
WOTS secret key.

Definition at line 91 of file xmss_wots_privatekey.cpp.

92 {
93 secure_vector<uint8_t> idx_bytes;
95 hash.h(idx_bytes, m_private_seed, idx_bytes);
96 return generate(idx_bytes, hash);
97 }
static void concat(secure_vector< uint8_t > &target, const T &src)
Definition xmss_tools.h:63

References Botan::XMSS_Tools::concat(), Botan::XMSS_WOTS_Parameters::element_size(), hash, and Botan::XMSS_WOTS_PublicKey::m_wots_params.

Referenced by operator[](), operator[](), and sign().

◆ chain() [1/2]

void Botan::XMSS_WOTS_PublicKey::chain ( secure_vector< uint8_t > &  x,
size_t  start_idx,
size_t  steps,
XMSS_Address adrs,
const secure_vector< uint8_t > &  public_seed 
)
inlineprotectedinherited

Algorithm 2: Chaining Function.

Takes an n-byte input string and transforms it into a the function result iterating the cryptographic hash function "F" steps times on the input x using the outputs of the PRNG "G".

Parameters
[out]xAn n-byte input string, that will be transformed into the chaining function result.
start_idxThe start index.
stepsA number of steps.
adrsAn OTS Hash Address.
public_seedA public seed.

Definition at line 418 of file xmss_wots.h.

423 {
424 chain(x, start_idx, steps, adrs, public_seed, m_hash);
425 }
void chain(secure_vector< uint8_t > &x, size_t start_idx, size_t steps, XMSS_Address &adrs, const secure_vector< uint8_t > &public_seed, XMSS_Hash &hash)

References Botan::XMSS_WOTS_PublicKey::chain(), Botan::XMSS_WOTS_PublicKey::m_hash, and Botan::XMSS_WOTS_PublicKey::public_seed().

◆ chain() [2/2]

void Botan::XMSS_WOTS_PublicKey::chain ( secure_vector< uint8_t > &  x,
size_t  start_idx,
size_t  steps,
XMSS_Address adrs,
const secure_vector< uint8_t > &  public_seed,
XMSS_Hash hash 
)
protectedinherited

Algorithm 2: Chaining Function.

Takes an n-byte input string and transforms it into a the function result iterating the cryptographic hash function "F" steps times on the input x using the outputs of the PRNG "G".

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
[out]xAn n-byte input string, that will be transformed into the chaining function result.
start_idxThe start index.
stepsA number of steps.
adrsAn OTS Hash Address.
public_seedA public seed.
hashInstance of XMSS_Hash, that may only by the thead executing chain.

Definition at line 17 of file xmss_wots_publickey.cpp.

23 {
24 secure_vector<uint8_t> prf_output(hash.output_length());
25
26 for(size_t i = start_idx;
27 i < (start_idx + steps) && i < m_wots_params.wots_parameter();
28 i++)
29 {
30 adrs.set_hash_address(static_cast<uint32_t>(i));
31
32 //Calculate tmp XOR bitmask
33 adrs.set_key_mask_mode(XMSS_Address::Key_Mask::Mask_Mode);
34 hash.prf(prf_output, seed, adrs.bytes());
35 xor_buf(result, prf_output, result.size());
36
37 // Calculate key
38 adrs.set_key_mask_mode(XMSS_Address::Key_Mask::Key_Mode);
39
40 //Calculate f(key, tmp XOR bitmask)
41 hash.prf(prf_output, seed, adrs.bytes());
42 hash.f(result, prf_output, result);
43 }
44 }
size_t wots_parameter() const
Definition xmss_wots.h:93
void xor_buf(uint8_t out[], const uint8_t in[], size_t length)
Definition mem_ops.h:262

References Botan::XMSS_Address::bytes(), hash, Botan::XMSS_Address::Key_Mode, Botan::XMSS_WOTS_PublicKey::m_wots_params, Botan::XMSS_Address::Mask_Mode, Botan::XMSS_Address::set_hash_address(), Botan::XMSS_Address::set_key_mask_mode(), Botan::XMSS_WOTS_Parameters::wots_parameter(), and Botan::xor_buf().

Referenced by Botan::XMSS_WOTS_PublicKey::chain(), generate_public_key(), and sign().

◆ check_key()

bool Botan::XMSS_WOTS_PublicKey::check_key ( RandomNumberGenerator rng,
bool  strong 
) const
inlineoverridevirtualinherited

Test the key values for consistency.

Parameters
rngrng to use
strongwhether to perform strong and lengthy version of the test
Returns
true if the test is passed

Implements Botan::Public_Key.

Definition at line 346 of file xmss_wots.h.

347 {
348 return true;
349 }

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::check_key().

◆ create_decryption_op()

std::unique_ptr< PK_Ops::Decryption > Botan::Private_Key::create_decryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an decryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::ElGamal_PrivateKey, Botan::RSA_PrivateKey, and Botan::SM2_PrivateKey.

Definition at line 114 of file pk_keys.cpp.

117 {
118 throw Lookup_Error(algo_name() + " does not support decryption");
119 }
virtual std::string algo_name() const =0

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Decryptor_EME::PK_Decryptor_EME().

◆ create_encryption_op()

std::unique_ptr< PK_Ops::Encryption > Botan::Public_Key::create_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::ElGamal_PublicKey, Botan::RSA_PublicKey, and Botan::SM2_PublicKey.

Definition at line 91 of file pk_keys.cpp.

94 {
95 throw Lookup_Error(algo_name() + " does not support encryption");
96 }

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Encryptor_EME::PK_Encryptor_EME().

◆ create_kem_decryption_op()

std::unique_ptr< PK_Ops::KEM_Decryption > Botan::Private_Key::create_kem_decryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM decryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::McEliece_PrivateKey, and Botan::RSA_PrivateKey.

Definition at line 122 of file pk_keys.cpp.

125 {
126 throw Lookup_Error(algo_name() + " does not support KEM decryption");
127 }

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_KEM_Decryptor::PK_KEM_Decryptor().

◆ create_kem_encryption_op()

std::unique_ptr< PK_Ops::KEM_Encryption > Botan::Public_Key::create_kem_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::McEliece_PublicKey, and Botan::RSA_PublicKey.

Definition at line 99 of file pk_keys.cpp.

102 {
103 throw Lookup_Error(algo_name() + " does not support KEM encryption");
104 }

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_KEM_Encryptor::PK_KEM_Encryptor().

◆ create_key_agreement_op()

std::unique_ptr< PK_Ops::Key_Agreement > Botan::Private_Key::create_key_agreement_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a key agreement operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::Curve25519_PrivateKey, Botan::DH_PrivateKey, and Botan::ECDH_PrivateKey.

Definition at line 138 of file pk_keys.cpp.

141 {
142 throw Lookup_Error(algo_name() + " does not support key agreement");
143 }

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Key_Agreement::PK_Key_Agreement().

◆ create_signature_op()

std::unique_ptr< PK_Ops::Signature > Botan::Private_Key::create_signature_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a signature operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::XMSS_PrivateKey, Botan::TPM_PrivateKey, Botan::DSA_PrivateKey, Botan::ECDSA_PrivateKey, Botan::ECGDSA_PrivateKey, Botan::ECKCDSA_PrivateKey, Botan::Ed25519_PrivateKey, Botan::GOST_3410_PrivateKey, Botan::RSA_PrivateKey, and Botan::SM2_PrivateKey.

Definition at line 130 of file pk_keys.cpp.

133 {
134 throw Lookup_Error(algo_name() + " does not support signatures");
135 }

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Signer::PK_Signer().

◆ create_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::Public_Key::create_verification_op ( const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::XMSS_PublicKey, Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::Ed25519_PublicKey, Botan::GOST_3410_PublicKey, Botan::RSA_PublicKey, Botan::SM2_PublicKey, and Botan::XMSS_WOTS_Addressed_PublicKey.

Definition at line 107 of file pk_keys.cpp.

109 {
110 throw Lookup_Error(algo_name() + " does not support verification");
111 }

References Botan::Public_Key::algo_name().

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::create_verification_op(), and Botan::PK_Verifier::PK_Verifier().

◆ default_x509_signature_format()

virtual Signature_Format Botan::Public_Key::default_x509_signature_format ( ) const
inlinevirtualinherited

Reimplemented in Botan::GOST_3410_PublicKey.

Definition at line 125 of file pk_keys.h.

126 {
127 return (this->message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
128 }
virtual size_t message_parts() const
Definition pk_keys.h:112
@ DER_SEQUENCE
Definition pk_keys.h:23
@ IEEE_1363
Definition pk_keys.h:23

References Botan::DER_SEQUENCE, and Botan::IEEE_1363.

Referenced by Botan::X509_Object::choose_sig_format(), and Botan::X509_Object::verify_signature().

◆ estimated_strength()

size_t Botan::XMSS_WOTS_PublicKey::estimated_strength ( ) const
inlineoverridevirtualinherited

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns
estimated strength in bits

Implements Botan::Public_Key.

Definition at line 351 of file xmss_wots.h.

352 {
354 }
size_t estimated_strength() const
Definition xmss_wots.h:105

References Botan::XMSS_WOTS_Parameters::estimated_strength(), and Botan::XMSS_WOTS_PublicKey::m_wots_params.

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::estimated_strength(), and Botan::XMSS_WOTS_Addressed_PublicKey::key_length().

◆ fingerprint()

std::string Botan::Private_Key::fingerprint ( const std::string &  alg) const
inlineinherited

Definition at line 215 of file pk_keys.h.

216 {
217 return fingerprint_private(alg); // match behavior in previous versions
218 }
std::string fingerprint_private(const std::string &alg) const
Definition pk_keys.cpp:85

◆ fingerprint_private()

std::string Botan::Private_Key::fingerprint_private ( const std::string &  alg) const
inherited
Returns
Hash of the PKCS #8 encoding for this key object

Definition at line 85 of file pk_keys.cpp.

86 {
88 }
virtual secure_vector< uint8_t > private_key_bits() const =0
std::string create_hex_fingerprint(const uint8_t bits[], size_t bits_len, const std::string &hash_name)
Definition pk_keys.cpp:17
AlgorithmIdentifier hash_algo
Definition x509_obj.cpp:22

References Botan::create_hex_fingerprint(), hash_algo, and Botan::Private_Key::private_key_bits().

Referenced by Botan::Certificate_Store_In_SQL::find_certs_for_key(), Botan::Certificate_Store_In_SQL::insert_key(), and Botan::Certificate_Store_In_SQL::remove_key().

◆ fingerprint_public()

std::string Botan::Public_Key::fingerprint_public ( const std::string &  alg = "SHA-256") const
inherited
Returns
Hash of the subject public key

Definition at line 77 of file pk_keys.cpp.

78 {
80 }
std::vector< uint8_t > subject_public_key() const
Definition pk_keys.cpp:38

References Botan::create_hex_fingerprint(), hash_algo, and Botan::Public_Key::subject_public_key().

◆ generate_private_key()

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::generate_private_key ( const secure_vector< uint8_t > &  priv_seed)

◆ generate_public_key() [1/3]

XMSS_WOTS_PublicKey Botan::XMSS_WOTS_PrivateKey::generate_public_key ( XMSS_Address adrs)

Algorithm 4: "WOTS_genPK" Generates a Winternitz One Time Signature+ (WOTS+) Public Key from a given private key.

Parameters
adrsHash function address encoding the address of the WOTS+ key pair within a greater structure.
Returns
A XMSS_WOTS_PublicKey.

Definition at line 34 of file xmss_wots_privatekey.cpp.

35 {
37 public_seed());
38 generate_public_key(pub_key, wots_keysig_t((*this)[adrs]), adrs);
39 return pub_key;
40 }
ots_algorithm_t oid() const
Definition xmss_wots.h:103
XMSS_WOTS_PublicKey generate_public_key(XMSS_Address &adrs)
std::vector< secure_vector< uint8_t > > wots_keysig_t

References generate_public_key(), Botan::XMSS_WOTS_PublicKey::m_wots_params, Botan::XMSS_WOTS_Parameters::oid(), and Botan::XMSS_WOTS_PublicKey::public_seed().

Referenced by generate_public_key(), and generate_public_key().

◆ generate_public_key() [2/3]

void Botan::XMSS_WOTS_PrivateKey::generate_public_key ( XMSS_WOTS_PublicKey pub_key,
wots_keysig_t &&  in_key_data,
XMSS_Address adrs 
)
inline

Algorithm 4: "WOTS_genPK" Initializes a Winternitz One Time Signature+ (WOTS+) Public Key's key_data() member, with data derived from in_key_data using the WOTS chaining function.

Parameters
[out]pub_keyPublic key to initialize key_data() member on.
in_key_dataInput key material from private key used for public key generation.
adrsHash function address encoding the address of the WOTS+ key pair within a greater structure.

Definition at line 637 of file xmss_wots.h.

640 {
641 generate_public_key(pub_key, std::forward<wots_keysig_t>(in_key_data), adrs, m_hash);
642 }

References generate_public_key(), and Botan::XMSS_WOTS_PublicKey::m_hash.

◆ generate_public_key() [3/3]

void Botan::XMSS_WOTS_PrivateKey::generate_public_key ( XMSS_WOTS_PublicKey pub_key,
wots_keysig_t &&  in_key_data,
XMSS_Address adrs,
XMSS_Hash hash 
)

Algorithm 4: "WOTS_genPK" Initializes a Winternitz One Time Signature+ (WOTS+) Public Key's key_data() member, with data derived from in_key_data using the WOTS chaining function.

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
[out]pub_keyPublic key to initialize key_data() member on.
in_key_dataInput key material from private key used for public key generation.
adrsHash function address encoding the address of the WOTS+ key pair within a greater structure.
hashInstance of XMSS_Hash, that may only by the thead executing generate_public_key.

Definition at line 43 of file xmss_wots_privatekey.cpp.

47 {
48 BOTAN_ASSERT(wots_parameters() == pub_key.wots_parameters() &&
49 public_seed() == pub_key.public_seed(),
50 "Conflicting public key data.");
51
52 pub_key.set_key_data(std::move(in_key_data));
53 for(size_t i = 0; i < m_wots_params.len(); i++)
54 {
55 adrs.set_chain_address(static_cast<uint32_t>(i));
56 chain(pub_key[i], 0, m_wots_params.wots_parameter() - 1, adrs,
57 public_seed(), hash);
58 }
59 }
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:55
const XMSS_WOTS_Parameters & wots_parameters() const
Definition xmss_wots.h:331

References BOTAN_ASSERT, Botan::XMSS_WOTS_PublicKey::chain(), hash, Botan::XMSS_WOTS_Parameters::len(), Botan::XMSS_WOTS_PublicKey::m_wots_params, Botan::XMSS_WOTS_PublicKey::public_seed(), Botan::XMSS_Address::set_chain_address(), Botan::XMSS_WOTS_PublicKey::set_key_data(), Botan::XMSS_WOTS_Parameters::wots_parameter(), and Botan::XMSS_WOTS_PublicKey::wots_parameters().

◆ get_oid()

OID Botan::Public_Key::get_oid ( ) const
virtualinherited

◆ key_data() [1/2]

wots_keysig_t & Botan::XMSS_WOTS_PublicKey::key_data ( )
inlineinherited

Definition at line 319 of file xmss_wots.h.

319{ return m_key; }

References Botan::XMSS_WOTS_PublicKey::m_key.

◆ key_data() [2/2]

const wots_keysig_t & Botan::XMSS_WOTS_PublicKey::key_data ( ) const
inlineinherited

◆ key_length()

size_t Botan::XMSS_WOTS_PublicKey::key_length ( ) const
inlineoverridevirtualinherited

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implements Botan::Public_Key.

Definition at line 356 of file xmss_wots.h.

357 {
359 }

References Botan::XMSS_WOTS_Parameters::estimated_strength(), and Botan::XMSS_WOTS_PublicKey::m_wots_params.

◆ message_part_size()

virtual size_t Botan::Public_Key::message_part_size ( ) const
inlinevirtualinherited

Returns how large each of the message parts refered to by message_parts() is

This function is public but applications should have few reasons to ever call this.

Returns
size of the message parts in bits

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 123 of file pk_keys.h.

123{ return 0; }

Referenced by Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

◆ message_parts()

virtual size_t Botan::Public_Key::message_parts ( ) const
inlinevirtualinherited

Returns more than 1 if the output of this algorithm (ciphertext, signature) should be treated as more than one value. This is used for algorithms like DSA and ECDSA, where the (r,s) output pair can be encoded as either a plain binary list or a TLV tagged DER encoding depending on the protocol.

This function is public but applications should have few reasons to ever call this.

Returns
number of message parts

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 112 of file pk_keys.h.

112{ return 1; }

Referenced by Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

◆ operator const wots_keysig_t &()

Botan::XMSS_WOTS_PublicKey::operator const wots_keysig_t & ( ) const
inlineinherited

Convert the key into the raw key data. The key becomes a length len vector of n-byte elements.

Definition at line 295 of file xmss_wots.h.

295{ return m_key; }

References Botan::XMSS_WOTS_PublicKey::m_key.

◆ operator wots_keysig_t &()

Botan::XMSS_WOTS_PublicKey::operator wots_keysig_t & ( )
inlineinherited

Convert the key into the raw key data. The key becomes a length len vector of n-byte elements.

Definition at line 301 of file xmss_wots.h.

301{ return m_key; }

References Botan::XMSS_WOTS_PublicKey::m_key.

◆ operator!=()

bool Botan::XMSS_WOTS_PublicKey::operator!= ( const XMSS_WOTS_PublicKey key)
inlineinherited

Definition at line 371 of file xmss_wots.h.

372 {
373 return !(*this == key);
374 }

◆ operator==()

bool Botan::XMSS_WOTS_PublicKey::operator== ( const XMSS_WOTS_PublicKey key)
inlineinherited

Definition at line 366 of file xmss_wots.h.

367 {
368 return m_key == key.m_key;
369 }

References Botan::XMSS_WOTS_PublicKey::m_key.

◆ operator[]() [1/3]

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::operator[] ( const XMSS_Address adrs)
inline

Definition at line 584 of file xmss_wots.h.

585 {
586 return this->at(adrs, m_hash);
587 }
wots_keysig_t at(size_t i, XMSS_Hash &hash)

References at(), and Botan::XMSS_WOTS_PublicKey::m_hash.

◆ operator[]() [2/3]

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::operator[] ( size_t  i)
inline

Retrieves the i-th WOTS private key using pseudo random key (re-)generation.

Parameters
iIndex of the key to retrieve.
Returns
WOTS secret key.

Definition at line 563 of file xmss_wots.h.

564 {
565 return this->at(i, m_hash);
566 }

References at(), and Botan::XMSS_WOTS_PublicKey::m_hash.

◆ operator[]() [3/3]

const secure_vector< uint8_t > & Botan::XMSS_WOTS_PublicKey::operator[] ( size_t  i) const
inlineinherited

Retrieves the i-th element out of the length len chain of n-byte elements contained in the public key.

Parameters
iindex of the element.
Returns
n-byte element addressed by i.

Definition at line 288 of file xmss_wots.h.

288{ return m_key[i]; }

References Botan::XMSS_WOTS_PublicKey::m_key.

◆ pkcs8_algorithm_identifier()

AlgorithmIdentifier Botan::XMSS_WOTS_PrivateKey::pkcs8_algorithm_identifier ( ) const
inlineoverridevirtual
Returns
PKCS #8 AlgorithmIdentifier for this key Might be different from the X.509 identifier, but normally is not

Reimplemented from Botan::Private_Key.

Definition at line 714 of file xmss_wots.h.

715 {
716 throw Not_Implemented("No AlgorithmIdentifier available for XMSS-WOTS.");
717 }

Referenced by Botan::XMSS_WOTS_Addressed_PrivateKey::pkcs8_algorithm_identifier().

◆ private_key_bits()

secure_vector< uint8_t > Botan::XMSS_WOTS_PrivateKey::private_key_bits ( ) const
inlineoverridevirtual
Returns
BER encoded private key bits

Implements Botan::Private_Key.

Definition at line 719 of file xmss_wots.h.

720 {
721 throw Not_Implemented("No PKCS8 key format defined for XMSS-WOTS.");
722 }

Referenced by Botan::XMSS_WOTS_Addressed_PrivateKey::private_key_bits().

◆ private_key_info()

secure_vector< uint8_t > Botan::Private_Key::private_key_info ( ) const
inherited
Returns
PKCS #8 private key encoding for this key object

Definition at line 61 of file pk_keys.cpp.

62 {
63 const size_t PKCS8_VERSION = 0;
64
65 return DER_Encoder()
66 .start_cons(SEQUENCE)
67 .encode(PKCS8_VERSION)
70 .end_cons()
71 .get_contents();
72 }
virtual AlgorithmIdentifier pkcs8_algorithm_identifier() const
Definition pk_keys.h:204
@ SEQUENCE
Definition asn1_obj.h:42
@ OCTET_STRING
Definition asn1_obj.h:38

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::OCTET_STRING, Botan::Private_Key::pkcs8_algorithm_identifier(), Botan::Private_Key::private_key_bits(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

Referenced by Botan::PKCS8::BER_encode(), Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(), and Botan::PKCS8::BER_encode_encrypted_pbkdf_msec().

◆ private_seed()

const secure_vector< uint8_t > & Botan::XMSS_WOTS_PrivateKey::private_seed ( ) const
inline

Retrieves the secret seed used to generate WOTS+ chains. The seed should be a uniformly random n-byte value.

Returns
secret seed.

Definition at line 686 of file xmss_wots.h.

687 {
688 return m_private_seed;
689 }

Referenced by Botan::XMSS_PrivateKey::raw_private_key(), set_private_seed(), set_private_seed(), and XMSS_WOTS_PrivateKey().

◆ public_key_bits()

std::vector< uint8_t > Botan::XMSS_WOTS_PublicKey::public_key_bits ( ) const
inlineoverridevirtualinherited
Returns
BER encoded public key bits

Implements Botan::Public_Key.

Definition at line 361 of file xmss_wots.h.

362 {
363 throw Not_Implemented("No key format defined for XMSS-WOTS");
364 }

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::public_key_bits().

◆ public_seed() [1/2]

secure_vector< uint8_t > & Botan::XMSS_WOTS_PublicKey::public_seed ( )
inlineinherited

Definition at line 305 of file xmss_wots.h.

305{ return m_public_seed; }
secure_vector< uint8_t > m_public_seed
Definition xmss_wots.h:430

References Botan::XMSS_WOTS_PublicKey::m_public_seed.

◆ public_seed() [2/2]

const secure_vector< uint8_t > & Botan::XMSS_WOTS_PublicKey::public_seed ( ) const
inlineinherited

◆ set_key_data() [1/2]

void Botan::XMSS_WOTS_PublicKey::set_key_data ( const wots_keysig_t key_data)
inlineinherited

◆ set_key_data() [2/2]

void Botan::XMSS_WOTS_PublicKey::set_key_data ( wots_keysig_t &&  key_data)
inlineinherited

Definition at line 326 of file xmss_wots.h.

327 {
328 m_key = std::move(key_data);
329 }

References Botan::XMSS_WOTS_PublicKey::key_data(), and Botan::XMSS_WOTS_PublicKey::m_key.

◆ set_private_seed() [1/2]

void Botan::XMSS_WOTS_PrivateKey::set_private_seed ( const secure_vector< uint8_t > &  private_seed)
inline

Sets the secret seed used to generate WOTS+ chains. The seed should be a uniformly random n-byte value.

Parameters
private_seedUniformly random n-byte value.

Definition at line 697 of file xmss_wots.h.

698 {
699 m_private_seed = private_seed;
700 }

References private_seed().

Referenced by Botan::XMSS_PrivateKey::XMSS_PrivateKey().

◆ set_private_seed() [2/2]

void Botan::XMSS_WOTS_PrivateKey::set_private_seed ( secure_vector< uint8_t > &&  private_seed)
inline

Sets the secret seed used to generate WOTS+ chains. The seed should be a uniformly random n-byte value.

Parameters
private_seedUniformly random n-byte value.

Definition at line 708 of file xmss_wots.h.

709 {
710 m_private_seed = std::move(private_seed);
711 }

References private_seed().

◆ set_public_seed() [1/2]

void Botan::XMSS_WOTS_PublicKey::set_public_seed ( const secure_vector< uint8_t > &  public_seed)
inlineinherited

◆ set_public_seed() [2/2]

void Botan::XMSS_WOTS_PublicKey::set_public_seed ( secure_vector< uint8_t > &&  public_seed)
inlineinherited

Definition at line 312 of file xmss_wots.h.

313 {
314 m_public_seed = std::move(public_seed);
315 }

References Botan::XMSS_WOTS_PublicKey::m_public_seed, and Botan::XMSS_WOTS_PublicKey::public_seed().

◆ sign() [1/2]

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::sign ( const secure_vector< uint8_t > &  msg,
XMSS_Address adrs 
)
inline

Algorithm 5: "WOTS_sign" Generates a signature from a private key and a message.

Parameters
msgA message to sign.
adrsAn OTS hash address identifying the WOTS+ key pair used for signing.
Returns
signature for msg.

Definition at line 654 of file xmss_wots.h.

656 {
657 return sign(msg, adrs, m_hash);
658 }
wots_keysig_t sign(const secure_vector< uint8_t > &msg, XMSS_Address &adrs)
Definition xmss_wots.h:654

References Botan::XMSS_WOTS_PublicKey::m_hash, and sign().

Referenced by sign().

◆ sign() [2/2]

wots_keysig_t Botan::XMSS_WOTS_PrivateKey::sign ( const secure_vector< uint8_t > &  msg,
XMSS_Address adrs,
XMSS_Hash hash 
)

Algorithm 5: "WOTS_sign" Generates a signature from a private key and a message.

This overload is used in multithreaded scenarios, where it is required to provide seperate instances of XMSS_Hash to each thread.

Parameters
msgA message to sign.
adrsAn OTS hash address identifying the WOTS+ key pair used for signing.
hashInstance of XMSS_Hash, that may only be used by the thead executing sign.
Returns
signature for msg.

Definition at line 62 of file xmss_wots_privatekey.cpp.

66 {
67 secure_vector<uint8_t> msg_digest
68 {
70 };
71
73 wots_keysig_t sig(this->at(adrs, hash));
74
75 for(size_t i = 0; i < m_wots_params.len(); i++)
76 {
77 adrs.set_chain_address(static_cast<uint32_t>(i));
78 chain(sig[i], 0 , msg_digest[i], adrs, m_public_seed, hash);
79 }
80
81 return sig;
82 }
void append_checksum(secure_vector< uint8_t > &data)
secure_vector< uint8_t > base_w(const secure_vector< uint8_t > &msg, size_t out_size) const

References Botan::XMSS_WOTS_Parameters::append_checksum(), at(), Botan::XMSS_WOTS_Parameters::base_w(), Botan::XMSS_WOTS_PublicKey::chain(), hash, Botan::XMSS_WOTS_Parameters::len(), Botan::XMSS_WOTS_Parameters::len_1(), Botan::XMSS_WOTS_PublicKey::m_public_seed, Botan::XMSS_WOTS_PublicKey::m_wots_params, and Botan::XMSS_Address::set_chain_address().

◆ stateful_operation()

virtual bool Botan::Private_Key::stateful_operation ( ) const
inlinevirtualinherited

Reimplemented in Botan::XMSS_PrivateKey.

Definition at line 188 of file pk_keys.h.

188{ return false; }

◆ subject_public_key()

std::vector< uint8_t > Botan::Public_Key::subject_public_key ( ) const
inherited
Returns
X.509 subject key encoding for this key object

Definition at line 38 of file pk_keys.cpp.

39 {
40 std::vector<uint8_t> output;
41
42 DER_Encoder(output).start_cons(SEQUENCE)
43 .encode(algorithm_identifier())
44 .encode(public_key_bits(), BIT_STRING)
45 .end_cons();
46
47 return output;
48 }
virtual AlgorithmIdentifier algorithm_identifier() const =0
virtual std::vector< uint8_t > public_key_bits() const =0
@ BIT_STRING
Definition asn1_obj.h:37

References Botan::Public_Key::algorithm_identifier(), Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::Public_Key::public_key_bits(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

Referenced by Botan::X509::BER_encode(), Botan::PKCS10_Request::create(), Botan::Public_Key::fingerprint_public(), and Botan::X509::PEM_encode().

◆ wots_parameters()

const XMSS_WOTS_Parameters & Botan::XMSS_WOTS_PublicKey::wots_parameters ( ) const
inlineinherited

Definition at line 331 of file xmss_wots.h.

332 {
333 return m_wots_params;
334 }

References Botan::XMSS_WOTS_PublicKey::m_wots_params.

Referenced by generate_public_key().

Member Data Documentation

◆ m_hash

XMSS_Hash Botan::XMSS_WOTS_PublicKey::m_hash
protectedinherited

◆ m_key

wots_keysig_t Botan::XMSS_WOTS_PublicKey::m_key
protectedinherited

◆ m_public_seed

secure_vector<uint8_t> Botan::XMSS_WOTS_PublicKey::m_public_seed
protectedinherited

◆ m_wots_params

XMSS_WOTS_Parameters Botan::XMSS_WOTS_PublicKey::m_wots_params
protectedinherited

The documentation for this class was generated from the following files: