protected XMSSNode clone() { return new XMSSNode(getHeight(), getValue()); } }
public byte[] toByteArray() { /* signature || authentication path */ int n = params.getDigestSize(); int signatureSize = params.getWOTSPlus().getParams().getLen() * n; int authPathSize = params.getHeight() * n; int totalSize = signatureSize + authPathSize; byte[] out = new byte[totalSize]; int position = 0; /* copy signature */ byte[][] signature = this.wotsPlusSignature.toByteArray(); for (int i = 0; i < signature.length; i++) { XMSSUtil.copyBytesAtOffset(out, signature[i], position); position += n; } /* copy authentication path */ for (int i = 0; i < authPath.size(); i++) { byte[] value = authPath.get(i).getValue(); XMSSUtil.copyBytesAtOffset(out, value, position); position += n; } return out; }
/** * Generate a new XMSS private key / public key pair. */ public AsymmetricCipherKeyPair generateKeyPair() { /* generate private key */ XMSSPrivateKeyParameters privateKey = generatePrivateKey(params, prng); XMSSNode root = privateKey.getBDSState().getRoot(); privateKey = new XMSSPrivateKeyParameters.Builder(params) .withSecretKeySeed(privateKey.getSecretKeySeed()).withSecretKeyPRF(privateKey.getSecretKeyPRF()) .withPublicSeed(privateKey.getPublicSeed()).withRoot(root.getValue()) .withBDSState(privateKey.getBDSState()).build(); XMSSPublicKeyParameters publicKey = new XMSSPublicKeyParameters.Builder(params).withRoot(root.getValue()) .withPublicSeed(privateKey.getPublicSeed()).build(); return new AsymmetricCipherKeyPair(publicKey, privateKey); }
byte[] value = getAuthPath().get(i).getValue(); XMSSUtil.copyBytesAtOffset(out, value, position); position += n;
node = new XMSSNode(node.getHeight() + 1, node.getValue()); authenticationPath.set(tau, node); keep.remove(tau - 1);
/** * Generate a new XMSSMT private key / public key pair. */ public AsymmetricCipherKeyPair generateKeyPair() { XMSSMTPrivateKeyParameters privateKey; XMSSMTPublicKeyParameters publicKey; /* generate XMSSMT private key */ privateKey = generatePrivateKey(new XMSSMTPrivateKeyParameters.Builder(params).build().getBDSState()); /* import to xmss */ xmssParams.getWOTSPlus().importKeys(new byte[params.getDigestSize()], privateKey.getPublicSeed()); /* get root */ int rootLayerIndex = params.getLayers() - 1; OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withLayerAddress(rootLayerIndex) .build(); /* store BDS instance of root xmss instance */ BDS bdsRoot = new BDS(xmssParams, privateKey.getPublicSeed(), privateKey.getSecretKeySeed(), otsHashAddress); XMSSNode root = bdsRoot.getRoot(); privateKey.getBDSState().put(rootLayerIndex, bdsRoot); /* set XMSS^MT root / create public key */ privateKey = new XMSSMTPrivateKeyParameters.Builder(params).withSecretKeySeed(privateKey.getSecretKeySeed()) .withSecretKeyPRF(privateKey.getSecretKeyPRF()).withPublicSeed(privateKey.getPublicSeed()) .withRoot(root.getValue()).withBDSState(privateKey.getBDSState()).build(); publicKey = new XMSSMTPublicKeyParameters.Builder(params).withRoot(root.getValue()) .withPublicSeed(privateKey.getPublicSeed()).build(); return new AsymmetricCipherKeyPair(publicKey, privateKey); }
.withKeyAndMask(hashTreeAddress.getKeyAndMask()).build(); node[1] = XMSSNodeUtil.randomizeHash(wotsPlus, node[0], signature.getAuthPath().get(k), hashTreeAddress); node[1] = new XMSSNode(node[1].getHeight() + 1, node[1].getValue()); .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build(); node[1] = XMSSNodeUtil.randomizeHash(wotsPlus, signature.getAuthPath().get(k), node[0], hashTreeAddress); node[1] = new XMSSNode(node[1].getHeight() + 1, node[1].getValue());
.withKeyAndMask(hashTreeAddress.getKeyAndMask()).build(); node = XMSSNodeUtil.randomizeHash(wotsPlus, stack.pop(), node, hashTreeAddress); node = new XMSSNode(node.getHeight() + 1, node.getValue()); hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder() .withLayerAddress(hashTreeAddress.getLayerAddress())
public boolean verifySignature(byte[] message, byte[] signature) { /* parse signature and public key */ XMSSSignature sig = new XMSSSignature.Builder(params).withSignature(signature).build(); /* generate public key */ int index = sig.getIndex(); /* reinitialize WOTS+ object */ params.getWOTSPlus().importKeys(new byte[params.getDigestSize()], publicKey.getPublicSeed()); /* create message digest */ byte[] concatenated = Arrays.concatenate(sig.getRandom(), publicKey.getRoot(), XMSSUtil.toBytesBigEndian(index, params.getDigestSize())); byte[] messageDigest = khf.HMsg(concatenated, message); int xmssHeight = params.getHeight(); int indexLeaf = XMSSUtil.getLeafIndex(index, xmssHeight); /* get root from signature */ OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withOTSAddress(index).build(); XMSSNode rootNodeFromSignature = XMSSVerifierUtil.getRootNodeFromSignature(params.getWOTSPlus(), xmssHeight, messageDigest, sig, otsHashAddress, indexLeaf); return Arrays.constantTimeAreEqual(rootNodeFromSignature.getValue(), publicKey.getRoot()); }
wotsPlusSignature = wotsSign(root.getValue(), otsHashAddress);
.withKeyAndMask(hashTreeAddress.getKeyAndMask()).build(); node = XMSSNodeUtil.randomizeHash(wotsPlus, stack.pop(), node, hashTreeAddress); node = new XMSSNode(node.getHeight() + 1, node.getValue()); hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder() .withLayerAddress(hashTreeAddress.getLayerAddress()) .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build(); node = XMSSNodeUtil.randomizeHash(wotsPlus, tailNode, node, hashTreeAddress); node = new XMSSNode(tailNode.getHeight() + 1, node.getValue()); tailNode = node; hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()