| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
| |
- Fixes out of bounds read in `XMSS_Signature` constructor when the raw
signature data supplied as arguments is shorter than the signature size
defined by the XMSS parameter set encoded in the `XMSS_PublicKey`.
- Fixes valid signatures with arbitrary appended data to be verified as
correct signature.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Previously longer tests were hidden behind higher 'soak levels'
but these arbitrary cutoffs are confusing compared to a simple
short tests/long tests split.
|
| |
|
|
|
|
| |
Turns out astyle has some bugs wrt C++11 initialize lists. Rather
than having astyle mangle all of the tests, convert to using a string
which is split once at the start instead of a vector of keys.
|
| |
|
|
|
|
| |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
| |
|
|
|
|
|
| |
Changes all the Public_Key derived classes ctors to take a
std::vector instead of a secure_vector for the DER encoded
public key bits. There is no point in transporting a public
key in secure storage. (GH #768)
|
| |
|
|
|
|
| |
Previously just throw an exception from map.at
Add an XMSS keygen test, and add default params for create_private_key
|
| |
|
|
|
|
|
| |
This caused Doxygen to dump the copyright notices for those files into
the Botan namespace description, which is not helpful.
[ci skip]
|
| |
|
|
|
|
|
| |
This prevents the test suite from globbing all the XMSS tests
together under "XMSS/Raw"; since XMSS ignores the padding anyway,
pretend the param string is the padding which causes the normal
logic in the signature test code to do the right thing.
|
|
|
[1] XMSS: Extended Hash-Based Signatures,
draft-itrf-cfrg-xmss-hash-based-signatures-06
Release: July 2016.
https://datatracker.ietf.org/doc/
draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1
Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations
for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has
been integrated into the Botan test bench, signature generation and verification
can be tested independently by invoking "botan-test xmss_sign" and
"botan-test xmss_verify"
- Some headers that are not required to be exposed to users of the library have
to be declared as public in `info.txt`. Declaring those headers private will
cause the amalgamation build to fail. The following headers have been
declared public inside `info.txt`, even though they are only intended for
internal use:
* atomic.h
* xmss_hash.h
* xmss_index_registry.h
* xmss_address.h
* xmss_common_ops.h
* xmss_tools.h
* xmss_wots_parameters.h
* xmss_wots_privatekey.h
* xmss_wots_publickey.h
- XMSS_Verification_Operation Requires the "randomness" parameter out of the
XMSS signature. "Randomness" is part of the prefix that is hashed *before*
the message. Since the signature is unknown till sign() is called, all
message content has to be buffered. For large messages this can be
inconvenient or impossible.
**Possible solution**: Change PK_Ops::Verification interface to take
the signature as constructor argument, and provide a setter method to be able
to update reuse the instance on multiple signatures. Make sign a parameterless
member call. This solution requires interface changes in botan.
**Suggested workaround** for signing large messages is to not sign the message
itself, but to precompute the message hash manually using Botan::HashFunctio
and sign the message hash instead of the message itself.
- Some of the available test vectors for the XMSS signature verification have
been commented out in order to reduce testbench runtime.
|
