aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/xmss/xmss_signature.cpp
blob: f31dcd8bb9512963b65bbeba5442ef0afbf8e203 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
/**
 * XMSS Signature
 * (C) 2016 Matthias Gierlings
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 **/

#include <botan/internal/xmss_signature.h>

namespace Botan {

XMSS_Signature::XMSS_Signature(XMSS_Parameters::xmss_algorithm_t oid,
                               const secure_vector<byte>& raw_sig)
   : m_leaf_idx(0), m_randomness(0, 0x00), m_tree_sig()
   {
   BOTAN_ASSERT(sizeof(size_t) >= ceil(static_cast<float>(
                   (XMSS_Parameters(oid)).tree_height()) / 8.f),
                   "System type \"size_t\" not big enough to support"
                   " leaf index.");

   XMSS_Parameters xmss_params(oid);
   uint64_t leaf_idx = 0;
   for(size_t i = 0; i < 8; i++)
      leaf_idx = ((leaf_idx << 8) | raw_sig[i]);

   if(leaf_idx >= (1ull << (xmss_params.tree_height() - 1)))
      {
      throw Integrity_Failure("XMSS signature leaf index out of "
                              "bounds.");
      }
   m_leaf_idx = static_cast<size_t>(leaf_idx);

   auto begin = raw_sig.begin() + sizeof(uint64_t);
   auto end = begin + xmss_params.element_size();
   std::copy(begin, end, std::back_inserter(m_randomness));

   for(size_t i = 0; i < xmss_params.len(); i++)
      {
      begin = end;
      end = begin + xmss_params.element_size();
      m_tree_sig.ots_signature().push_back(secure_vector<byte>(0));
      m_tree_sig.ots_signature().back().reserve(
         xmss_params.element_size());
      std::copy(begin,
                end,
                std::back_inserter(m_tree_sig.ots_signature().back()));
      }

   for(size_t i = 0; i < xmss_params.tree_height(); i++)
      {
      begin = end;
      end = begin + xmss_params.element_size();
      m_tree_sig.authentication_path().push_back(secure_vector<byte>(0));
      m_tree_sig.authentication_path().back().reserve(
         xmss_params.element_size());
      std::copy(begin,
                end,
                std::back_inserter(m_tree_sig.authentication_path().back()));
      }
   }

secure_vector<byte> XMSS_Signature::bytes() const
   {
   secure_vector<byte> result
      {
      static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 56U),
      static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 48U),
      static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 40U),
      static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 32U),
      static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 24U),
      static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 16U),
      static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >>  8U),
      static_cast<byte>(static_cast<uint64_t>(m_leaf_idx)       )
      };

   std::copy(m_randomness.begin(),
             m_randomness.end(),
             std::back_inserter(result));

   for(const auto& sig : tree().ots_signature())
      {
      std::copy(sig.begin(),
                sig.end(),
                std::back_inserter(result));
      }

   for(const auto& auth : tree().authentication_path())
      {
      std::copy(auth.begin(),
                auth.end(),
                std::back_inserter(result));
      }
   return result;
   }

}