diff options
| author | Jack Lloyd <[email protected]> | 2020-10-31 15:13:10 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2020-10-31 15:13:10 -0400 |
| commit | cc14490a8500f490d52c78e1b9aedbd6fb4726b1 (patch) | |
| tree | bf47ef01230728eea6ddf92edd33a81701ff29f8 | |
| parent | 4d069c02b98f70fb9eba7eaf19c5a6662cd95204 (diff) | |
| parent | 3da34ac5e31539bbd6daa03f507b8318213c52a1 (diff) | |
Merge GH #2443 Make several XMSS implementation headers internal only
20 files changed, 113 insertions, 88 deletions
diff --git a/src/lib/pubkey/xmss/info.txt b/src/lib/pubkey/xmss/info.txt index f46c2c550..3dd378391 100644 --- a/src/lib/pubkey/xmss/info.txt +++ b/src/lib/pubkey/xmss/info.txt @@ -3,30 +3,28 @@ XMSS_RFC8391 -> 20190623 </defines> <header:public> -atomic.h xmss.h xmss_hash.h -xmss_index_registry.h -xmss_address.h xmss_parameters.h xmss_key_pair.h xmss_privatekey.h xmss_publickey.h -xmss_tools.h xmss_wots_parameters.h xmss_wots_privatekey.h xmss_wots_publickey.h - -# future internal: -xmss_common_ops.h </header:public> <header:internal> -xmss_wots_addressed_privatekey.h -xmss_wots_addressed_publickey.h +atomic.h +xmss_address.h +xmss_common_ops.h +xmss_index_registry.h xmss_signature.h xmss_signature_operation.h +xmss_tools.h xmss_verification_operation.h +xmss_wots_addressed_privatekey.h +xmss_wots_addressed_publickey.h </header:internal> <requires> diff --git a/src/lib/pubkey/xmss/xmss_address.h b/src/lib/pubkey/xmss/xmss_address.h index f00343ca3..05a78f3b8 100644 --- a/src/lib/pubkey/xmss/xmss_address.h +++ b/src/lib/pubkey/xmss/xmss_address.h @@ -8,7 +8,7 @@ #ifndef BOTAN_XMSS_ADDRESS_H_ #define BOTAN_XMSS_ADDRESS_H_ -#include <botan/xmss_tools.h> +#include <botan/types.h> namespace Botan { diff --git a/src/lib/pubkey/xmss/xmss_common_ops.cpp b/src/lib/pubkey/xmss/xmss_common_ops.cpp index 98528156c..9a3fe085a 100644 --- a/src/lib/pubkey/xmss/xmss_common_ops.cpp +++ b/src/lib/pubkey/xmss/xmss_common_ops.cpp @@ -6,7 +6,7 @@ * Botan is released under the Simplified BSD License (see license.txt) **/ -#include <botan/xmss_common_ops.h> +#include <botan/internal/xmss_common_ops.h> namespace Botan { diff --git a/src/lib/pubkey/xmss/xmss_common_ops.h b/src/lib/pubkey/xmss/xmss_common_ops.h index 7ab32db6c..77fdc9dc1 100644 --- a/src/lib/pubkey/xmss/xmss_common_ops.h +++ b/src/lib/pubkey/xmss/xmss_common_ops.h @@ -11,7 +11,7 @@ #include <vector> #include <botan/secmem.h> #include <botan/xmss_parameters.h> -#include <botan/xmss_address.h> +#include <botan/internal/xmss_address.h> #include <botan/xmss_hash.h> BOTAN_FUTURE_INTERNAL_HEADER(xmss_common_ops.h) diff --git a/src/lib/pubkey/xmss/xmss_index_registry.cpp b/src/lib/pubkey/xmss/xmss_index_registry.cpp index 6a0995868..8709d8026 100644 --- a/src/lib/pubkey/xmss/xmss_index_registry.cpp +++ b/src/lib/pubkey/xmss/xmss_index_registry.cpp @@ -7,7 +7,7 @@ * Botan is released under the Simplified BSD License (see license.txt) **/ -#include <botan/xmss_index_registry.h> +#include <botan/internal/xmss_index_registry.h> #include <botan/hash.h> #include <limits> diff --git a/src/lib/pubkey/xmss/xmss_index_registry.h b/src/lib/pubkey/xmss/xmss_index_registry.h index eb5e5f543..91166db4b 100644 --- a/src/lib/pubkey/xmss/xmss_index_registry.h +++ b/src/lib/pubkey/xmss/xmss_index_registry.h @@ -11,7 +11,7 @@ #include <string> #include <botan/secmem.h> -#include <botan/atomic.h> +#include <botan/internal/atomic.h> #include <botan/mutex.h> //BOTAN_FUTURE_INTERNAL_HEADER(xmss_index_registry.h) diff --git a/src/lib/pubkey/xmss/xmss_privatekey.cpp b/src/lib/pubkey/xmss/xmss_privatekey.cpp index 63f061a8d..3a7a6c4a6 100644 --- a/src/lib/pubkey/xmss/xmss_privatekey.cpp +++ b/src/lib/pubkey/xmss/xmss_privatekey.cpp @@ -17,7 +17,8 @@ #include <botan/xmss_privatekey.h> #include <botan/internal/xmss_signature_operation.h> -#include <botan/xmss_common_ops.h> +#include <botan/internal/xmss_index_registry.h> +#include <botan/internal/xmss_common_ops.h> #include <botan/ber_dec.h> #if defined(BOTAN_HAS_THREAD_UTILS) @@ -112,6 +113,24 @@ XMSS_PrivateKey::XMSS_PrivateKey( adrs)); } + +XMSS_PrivateKey::XMSS_PrivateKey(XMSS_Parameters::xmss_algorithm_t xmss_algo_id, + size_t idx_leaf, + const secure_vector<uint8_t>& wots_priv_seed, + const secure_vector<uint8_t>& prf, + const secure_vector<uint8_t>& root, + const secure_vector<uint8_t>& public_seed) + : XMSS_PublicKey(xmss_algo_id, root, public_seed), + m_wots_priv_key(XMSS_PublicKey::m_xmss_params.ots_oid(), + public_seed, + wots_priv_seed), + m_hash(XMSS_PublicKey::m_xmss_params.hash_function_name()), + m_prf(prf), + m_index_reg(XMSS_Index_Registry::get_instance()) + { + set_unused_leaf_index(idx_leaf); + } + secure_vector<uint8_t> XMSS_PrivateKey::tree_hash(size_t start_idx, size_t target_node_height, @@ -301,10 +320,46 @@ XMSS_PrivateKey::recover_global_leaf_index() const BOTAN_ASSERT(m_wots_priv_key.private_seed().size() == XMSS_PublicKey::m_xmss_params.element_size() && m_prf.size() == XMSS_PublicKey::m_xmss_params.element_size(), - "Trying to retrieve index for partially initialized " - "key."); - return m_index_reg.get(m_wots_priv_key.private_seed(), - m_prf); + "Trying to retrieve index for partially initialized key"); + return m_index_reg.get(m_wots_priv_key.private_seed(), m_prf); + } + +void XMSS_PrivateKey::set_unused_leaf_index(size_t idx) + { + if(idx >= (1ull << XMSS_PublicKey::m_xmss_params.tree_height())) + { + throw Decoding_Error("XMSS private key leaf index out of bounds"); + } + else + { + std::atomic<size_t>& index = + static_cast<std::atomic<size_t>&>(*recover_global_leaf_index()); + size_t current = 0; + + do + { + current = index.load(); + if(current > idx) + { return; } + } + while(!index.compare_exchange_strong(current, idx)); + } + } + +size_t XMSS_PrivateKey::reserve_unused_leaf_index() + { + size_t idx = (static_cast<std::atomic<size_t>&>( + *recover_global_leaf_index())).fetch_add(1); + if(idx >= (1ull << XMSS_PublicKey::m_xmss_params.tree_height())) + { + throw Decoding_Error("XMSS private key, one time signatures exhaused"); + } + return idx; + } + +size_t XMSS_PrivateKey::unused_leaf_index() const + { + return *recover_global_leaf_index(); } secure_vector<uint8_t> XMSS_PrivateKey::raw_private_key() const diff --git a/src/lib/pubkey/xmss/xmss_privatekey.h b/src/lib/pubkey/xmss/xmss_privatekey.h index 97e431dd6..38e9768b1 100644 --- a/src/lib/pubkey/xmss/xmss_privatekey.h +++ b/src/lib/pubkey/xmss/xmss_privatekey.h @@ -17,12 +17,14 @@ #include <botan/types.h> #include <botan/xmss_parameters.h> #include <botan/xmss_publickey.h> -#include <botan/atomic.h> #include <botan/xmss_wots_privatekey.h> -#include <botan/xmss_index_registry.h> namespace Botan { +template<typename> class Atomic; + +class XMSS_Index_Registry; + /** * An XMSS: Extended Hash-Based Signature private key. * The XMSS private key does not support the X509 and PKCS7 standard. Instead @@ -77,17 +79,7 @@ class BOTAN_PUBLIC_API(2,0) XMSS_PrivateKey final : public virtual XMSS_PublicKe const secure_vector<uint8_t>& wots_priv_seed, const secure_vector<uint8_t>& prf, const secure_vector<uint8_t>& root, - const secure_vector<uint8_t>& public_seed) - : XMSS_PublicKey(xmss_algo_id, root, public_seed), - m_wots_priv_key(XMSS_PublicKey::m_xmss_params.ots_oid(), - public_seed, - wots_priv_seed), - m_hash(XMSS_PublicKey::m_xmss_params.hash_function_name()), - m_prf(prf), - m_index_reg(XMSS_Index_Registry::get_instance()) - { - set_unused_leaf_index(idx_leaf); - } + const secure_vector<uint8_t>& public_seed); bool stateful_operation() const override { return true; } @@ -98,10 +90,7 @@ class BOTAN_PUBLIC_API(2,0) XMSS_PrivateKey final : public virtual XMSS_PublicKe * * @return Index of the last unused leaf. **/ - size_t unused_leaf_index() const - { - return *recover_global_leaf_index(); - } + size_t unused_leaf_index() const; /** * Sets the last unused leaf index of the private key. The leaf index @@ -110,38 +99,9 @@ class BOTAN_PUBLIC_API(2,0) XMSS_PrivateKey final : public virtual XMSS_PublicKe * * @param idx Index of the last unused leaf. **/ - void set_unused_leaf_index(size_t idx) - { - if(idx >= (1ull << XMSS_PublicKey::m_xmss_params.tree_height())) - { - throw Decoding_Error("XMSS private key leaf index out of bounds"); - } - else - { - std::atomic<size_t>& index = - static_cast<std::atomic<size_t>&>(*recover_global_leaf_index()); - size_t current = 0; - - do - { - current = index.load(); - if(current > idx) - { return; } - } - while(!index.compare_exchange_strong(current, idx)); - } - } + void set_unused_leaf_index(size_t idx); - size_t reserve_unused_leaf_index() - { - size_t idx = (static_cast<std::atomic<size_t>&>( - *recover_global_leaf_index())).fetch_add(1); - if(idx >= (1ull << XMSS_PublicKey::m_xmss_params.tree_height())) - { - throw Decoding_Error("XMSS private key, one time signatures exhaused"); - } - return idx; - } + size_t reserve_unused_leaf_index(); /** * Winternitz One Time Signature Scheme key utilized for signing diff --git a/src/lib/pubkey/xmss/xmss_signature.cpp b/src/lib/pubkey/xmss/xmss_signature.cpp index fddf8581f..98fadff35 100644 --- a/src/lib/pubkey/xmss/xmss_signature.cpp +++ b/src/lib/pubkey/xmss/xmss_signature.cpp @@ -6,6 +6,7 @@ **/ #include <botan/internal/xmss_signature.h> +#include <iterator> namespace Botan { diff --git a/src/lib/pubkey/xmss/xmss_signature_operation.cpp b/src/lib/pubkey/xmss/xmss_signature_operation.cpp index b7daad7c0..49f1041d9 100644 --- a/src/lib/pubkey/xmss/xmss_signature_operation.cpp +++ b/src/lib/pubkey/xmss/xmss_signature_operation.cpp @@ -14,6 +14,7 @@ **/ #include <botan/internal/xmss_signature_operation.h> +#include <botan/internal/xmss_tools.h> namespace Botan { diff --git a/src/lib/pubkey/xmss/xmss_signature_operation.h b/src/lib/pubkey/xmss/xmss_signature_operation.h index e1b60faa3..229b4087b 100644 --- a/src/lib/pubkey/xmss/xmss_signature_operation.h +++ b/src/lib/pubkey/xmss/xmss_signature_operation.h @@ -14,11 +14,11 @@ #include <botan/types.h> #include <botan/xmss_parameters.h> #include <botan/xmss_privatekey.h> -#include <botan/xmss_address.h> +#include <botan/internal/xmss_address.h> #include <botan/pk_ops.h> #include <botan/internal/xmss_signature.h> #include <botan/xmss_wots_publickey.h> -#include <botan/xmss_common_ops.h> +#include <botan/internal/xmss_common_ops.h> namespace Botan { diff --git a/src/lib/pubkey/xmss/xmss_verification_operation.cpp b/src/lib/pubkey/xmss/xmss_verification_operation.cpp index 12abccd40..a619a46f5 100644 --- a/src/lib/pubkey/xmss/xmss_verification_operation.cpp +++ b/src/lib/pubkey/xmss/xmss_verification_operation.cpp @@ -9,7 +9,8 @@ **/ #include <botan/internal/xmss_verification_operation.h> -#include <botan/xmss_common_ops.h> +#include <botan/internal/xmss_common_ops.h> +#include <botan/internal/xmss_tools.h> namespace Botan { diff --git a/src/lib/pubkey/xmss/xmss_wots_addressed_privatekey.h b/src/lib/pubkey/xmss/xmss_wots_addressed_privatekey.h index 62beaaece..e094a51c8 100644 --- a/src/lib/pubkey/xmss/xmss_wots_addressed_privatekey.h +++ b/src/lib/pubkey/xmss/xmss_wots_addressed_privatekey.h @@ -8,7 +8,7 @@ #ifndef BOTAN_XMSS_WOTS_ADDRESSED_PRIVATEKEY_H_ #define BOTAN_XMSS_WOTS_ADDRESSED_PRIVATEKEY_H_ -#include <botan/xmss_address.h> +#include <botan/internal/xmss_address.h> #include <botan/internal/xmss_wots_addressed_publickey.h> #include <botan/xmss_wots_privatekey.h> diff --git a/src/lib/pubkey/xmss/xmss_wots_addressed_publickey.h b/src/lib/pubkey/xmss/xmss_wots_addressed_publickey.h index 090916e63..f4f077354 100644 --- a/src/lib/pubkey/xmss/xmss_wots_addressed_publickey.h +++ b/src/lib/pubkey/xmss/xmss_wots_addressed_publickey.h @@ -9,7 +9,7 @@ #ifndef BOTAN_XMSS_WOTS_ADDRESSED_PUBLICKEY_H_ #define BOTAN_XMSS_WOTS_ADDRESSED_PUBLICKEY_H_ -#include <botan/xmss_address.h> +#include <botan/internal/xmss_address.h> #include <botan/xmss_wots_publickey.h> namespace Botan { diff --git a/src/lib/pubkey/xmss/xmss_wots_parameters.cpp b/src/lib/pubkey/xmss/xmss_wots_parameters.cpp index 18f93b6a7..d5edfec76 100644 --- a/src/lib/pubkey/xmss/xmss_wots_parameters.cpp +++ b/src/lib/pubkey/xmss/xmss_wots_parameters.cpp @@ -13,6 +13,7 @@ **/ #include <botan/xmss_wots_parameters.h> +#include <botan/internal/xmss_tools.h> #include <botan/exceptn.h> #include <cmath> diff --git a/src/lib/pubkey/xmss/xmss_wots_parameters.h b/src/lib/pubkey/xmss/xmss_wots_parameters.h index af1d150e0..65a43afe2 100644 --- a/src/lib/pubkey/xmss/xmss_wots_parameters.h +++ b/src/lib/pubkey/xmss/xmss_wots_parameters.h @@ -8,7 +8,6 @@ #ifndef BOTAN_XMSS_WOTS_PARAMETERS_H_ #define BOTAN_XMSS_WOTS_PARAMETERS_H_ -#include <botan/xmss_tools.h> #include <botan/secmem.h> #include <map> #include <string> diff --git a/src/lib/pubkey/xmss/xmss_wots_privatekey.cpp b/src/lib/pubkey/xmss/xmss_wots_privatekey.cpp index d3c00f765..2c3e2c4a9 100644 --- a/src/lib/pubkey/xmss/xmss_wots_privatekey.cpp +++ b/src/lib/pubkey/xmss/xmss_wots_privatekey.cpp @@ -9,6 +9,8 @@ **/ #include <botan/xmss_wots_privatekey.h> +#include <botan/internal/xmss_tools.h> +#include <botan/internal/xmss_address.h> namespace Botan { @@ -79,4 +81,19 @@ XMSS_WOTS_PrivateKey::sign(const secure_vector<uint8_t>& msg, return sig; } +wots_keysig_t XMSS_WOTS_PrivateKey::at(const XMSS_Address& adrs, XMSS_Hash& hash) + { + secure_vector<uint8_t> result; + hash.prf(result, m_private_seed, adrs.bytes()); + return generate(result, hash); + } + +wots_keysig_t XMSS_WOTS_PrivateKey::at(size_t i, XMSS_Hash& hash) + { + secure_vector<uint8_t> idx_bytes; + XMSS_Tools::concat(idx_bytes, i, m_wots_params.element_size()); + hash.h(idx_bytes, m_private_seed, idx_bytes); + return generate(idx_bytes, hash); + } + } diff --git a/src/lib/pubkey/xmss/xmss_wots_privatekey.h b/src/lib/pubkey/xmss/xmss_wots_privatekey.h index e6dea133d..5c83c6064 100644 --- a/src/lib/pubkey/xmss/xmss_wots_privatekey.h +++ b/src/lib/pubkey/xmss/xmss_wots_privatekey.h @@ -15,11 +15,12 @@ #include <botan/pk_keys.h> #include <botan/rng.h> #include <botan/xmss_wots_parameters.h> -#include <botan/xmss_address.h> #include <botan/xmss_wots_publickey.h> namespace Botan { +class XMSS_Address; + /** A Winternitz One Time Signature private key for use with Extended Hash-Based * Signatures. **/ @@ -121,13 +122,7 @@ class XMSS_WOTS_PrivateKey final : public virtual XMSS_WOTS_PublicKey, * * @return WOTS secret key. **/ - wots_keysig_t at(size_t i, XMSS_Hash& hash) - { - secure_vector<uint8_t> idx_bytes; - XMSS_Tools::concat(idx_bytes, i, m_wots_params.element_size()); - hash.h(idx_bytes, m_private_seed, idx_bytes); - return generate(idx_bytes, hash); - } + wots_keysig_t at(size_t i, XMSS_Hash& hash); /** * Retrieves the i-th WOTS private key using pseudo random key @@ -156,12 +151,7 @@ class XMSS_WOTS_PrivateKey final : public virtual XMSS_WOTS_PublicKey, * * @return WOTS secret key. **/ - wots_keysig_t at(const XMSS_Address& adrs, XMSS_Hash& hash) - { - secure_vector<uint8_t> result; - hash.prf(result, m_private_seed, adrs.bytes()); - return generate(result, hash); - } + wots_keysig_t at(const XMSS_Address& adrs, XMSS_Hash& hash); inline wots_keysig_t operator[](const XMSS_Address& adrs) { diff --git a/src/lib/pubkey/xmss/xmss_wots_publickey.cpp b/src/lib/pubkey/xmss/xmss_wots_publickey.cpp index 667c8574a..57488877d 100644 --- a/src/lib/pubkey/xmss/xmss_wots_publickey.cpp +++ b/src/lib/pubkey/xmss/xmss_wots_publickey.cpp @@ -9,6 +9,7 @@ **/ #include <botan/xmss_wots_publickey.h> +#include <botan/internal/xmss_address.h> namespace Botan { diff --git a/src/lib/pubkey/xmss/xmss_wots_publickey.h b/src/lib/pubkey/xmss/xmss_wots_publickey.h index 324764be2..63925e2a7 100644 --- a/src/lib/pubkey/xmss/xmss_wots_publickey.h +++ b/src/lib/pubkey/xmss/xmss_wots_publickey.h @@ -16,11 +16,12 @@ #include <botan/exceptn.h> #include <botan/pk_keys.h> #include <botan/xmss_wots_parameters.h> -#include <botan/xmss_address.h> #include <botan/xmss_hash.h> namespace Botan { +class XMSS_Address; + typedef std::vector<secure_vector<uint8_t>> wots_keysig_t; /** |