1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
/**
* XMSS Signature
* (C) 2016 Matthias Gierlings
*
* Botan is released under the Simplified BSD License (see license.txt)
**/
#include <botan/internal/xmss_signature.h>
namespace Botan {
XMSS_Signature::XMSS_Signature(XMSS_Parameters::xmss_algorithm_t oid,
const secure_vector<byte>& raw_sig)
: m_leaf_idx(0), m_randomness(0, 0x00), m_tree_sig()
{
BOTAN_ASSERT(sizeof(size_t) >= ceil(static_cast<float>(
(XMSS_Parameters(oid)).tree_height()) / 8.f),
"System type \"size_t\" not big enough to support"
" leaf index.");
XMSS_Parameters xmss_params(oid);
uint64_t leaf_idx = 0;
for(size_t i = 0; i < 8; i++)
leaf_idx = ((leaf_idx << 8) | raw_sig[i]);
if(leaf_idx >= (1ull << (xmss_params.tree_height() - 1)))
{
throw Integrity_Failure("XMSS signature leaf index out of "
"bounds.");
}
m_leaf_idx = static_cast<size_t>(leaf_idx);
auto begin = raw_sig.begin() + sizeof(uint64_t);
auto end = begin + xmss_params.element_size();
std::copy(begin, end, std::back_inserter(m_randomness));
for(size_t i = 0; i < xmss_params.len(); i++)
{
begin = end;
end = begin + xmss_params.element_size();
m_tree_sig.ots_signature().push_back(secure_vector<byte>(0));
m_tree_sig.ots_signature().back().reserve(
xmss_params.element_size());
std::copy(begin,
end,
std::back_inserter(m_tree_sig.ots_signature().back()));
}
for(size_t i = 0; i < xmss_params.tree_height(); i++)
{
begin = end;
end = begin + xmss_params.element_size();
m_tree_sig.authentication_path().push_back(secure_vector<byte>(0));
m_tree_sig.authentication_path().back().reserve(
xmss_params.element_size());
std::copy(begin,
end,
std::back_inserter(m_tree_sig.authentication_path().back()));
}
}
secure_vector<byte> XMSS_Signature::bytes() const
{
secure_vector<byte> result
{
static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 56U),
static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 48U),
static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 40U),
static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 32U),
static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 24U),
static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 16U),
static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) >> 8U),
static_cast<byte>(static_cast<uint64_t>(m_leaf_idx) )
};
std::copy(m_randomness.begin(),
m_randomness.end(),
std::back_inserter(result));
for(const auto& sig : tree().ots_signature())
{
std::copy(sig.begin(),
sig.end(),
std::back_inserter(result));
}
for(const auto& auth : tree().authentication_path())
{
std::copy(auth.begin(),
auth.end(),
std::back_inserter(result));
}
return result;
}
}
|