protected WOTSPlus getWOTSPlus() { return xmssParams.getWOTSPlus(); }
/** * XMSS constructor... * * @param params XMSSParameters. */ public XMSS(XMSSParameters params, SecureRandom prng) { super(); if (params == null) { throw new NullPointerException("params == null"); } this.params = params; wotsPlus = params.getWOTSPlus(); this.prng = prng; }
/** * Place holder BDS for when state is exhausted. * * @param params tree parameters * @param index the index that has been reached. */ BDS(XMSSParameters params, int index) { this(params.getWOTSPlus(), params.getHeight(), params.getK()); this.index = index; this.used = true; }
private WOTSPlusSignature wotsSign(byte[] messageDigest, OTSHashAddress otsHashAddress) { if (messageDigest.length != params.getDigestSize()) { throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest"); } if (otsHashAddress == null) { throw new NullPointerException("otsHashAddress == null"); } /* (re)initialize WOTS+ instance */ params.getWOTSPlus().importKeys(params.getWOTSPlus().getWOTSPlusSecretKey(privateKey.getSecretKeySeed(), otsHashAddress), privateKey.getPublicSeed()); /* create WOTS+ signature */ return params.getWOTSPlus().sign(messageDigest, otsHashAddress); } }
protected int getLen() { return xmssParams.getWOTSPlus().getParams().getLen(); } }
public void init(boolean forSigning, CipherParameters param) { if (forSigning) { initSign = true; hasGenerated = false; privateKey = (XMSSPrivateKeyParameters)param; nextKeyGenerator = privateKey; params = privateKey.getParameters(); khf = params.getWOTSPlus().getKhf(); } else { initSign = false; publicKey = (XMSSPublicKeyParameters)param; params = publicKey.getParameters(); khf = params.getWOTSPlus().getKhf(); } }
private void importState(XMSSMTPrivateKeyParameters privateKey, XMSSMTPublicKeyParameters publicKey) { /* import to xmss */ xmssParams.getWOTSPlus().importKeys(new byte[params.getDigestSize()], this.privateKey.getPublicSeed()); this.privateKey = privateKey; this.publicKey = publicKey; }
/** * Set up constructor. * * @param params tree parameters * @param publicSeed public seed for tree * @param secretKeySeed secret seed for tree * @param otsHashAddress hash address */ BDS(XMSSParameters params, byte[] publicSeed, byte[] secretKeySeed, OTSHashAddress otsHashAddress) { this(params.getWOTSPlus(), params.getHeight(), params.getK()); this.initialize(publicSeed, secretKeySeed, otsHashAddress); }
int len = params.getWOTSPlus().getParams().getLen(); int height = params.getHeight(); byte[] reducedSignature = builder.reducedSignature; position += n; this.wotsPlusSignature = new WOTSPlusSignature(params.getWOTSPlus().getParams(), wotsPlusSignature); wotsPlusSignature = new WOTSPlusSignature(params.getWOTSPlus().getParams(), new byte[len][n]);
/** * Set up constructor for a tree where the original BDS state was lost. * * @param params tree parameters * @param publicSeed public seed for tree * @param secretKeySeed secret seed for tree * @param otsHashAddress hash address * @param index index counter for the state to be at. */ BDS(XMSSParameters params, byte[] publicSeed, byte[] secretKeySeed, OTSHashAddress otsHashAddress, int index) { this(params.getWOTSPlus(), params.getHeight(), params.getK()); this.initialize(publicSeed, secretKeySeed, otsHashAddress); while (this.index < index) { this.nextAuthenticationPath(publicSeed, secretKeySeed, otsHashAddress); this.used = false; } }
public byte[] toByteArray() { /* signature || authentication path */ int n = params.getDigestSize(); int signatureSize = params.getWOTSPlus().getParams().getLen() * n; int authPathSize = params.getHeight() * n; int totalSize = signatureSize + authPathSize; byte[] out = new byte[totalSize]; int position = 0; /* copy signature */ byte[][] signature = this.wotsPlusSignature.toByteArray(); for (int i = 0; i < signature.length; i++) { XMSSUtil.copyBytesAtOffset(out, signature[i], position); position += n; } /* copy authentication path */ for (int i = 0; i < authPath.size(); i++) { byte[] value = authPath.get(i).getValue(); XMSSUtil.copyBytesAtOffset(out, value, position); position += n; } return out; }
public Builder withSignature(byte[] val) { if (val == null) { throw new NullPointerException("signature == null"); } int n = params.getDigestSize(); int len = params.getWOTSPlus().getParams().getLen(); int height = params.getHeight(); int indexSize = 4; int randomSize = n; int signatureSize = len * n; int authPathSize = height * n; int position = 0; /* extract index */ index = Pack.bigEndianToInt(val, position); position += indexSize; /* extract random */ random = XMSSUtil.extractBytesAtOffset(val, position, randomSize); position += randomSize; withReducedSignature(XMSSUtil.extractBytesAtOffset(val, position, signatureSize + authPathSize)); return this; }
xmssParams.getWOTSPlus().importKeys(new byte[params.getDigestSize()], xmssMTPrivateKey.getPublicSeed());
int indexSize = 4; int randomSize = n; int signatureSize = getParams().getWOTSPlus().getParams().getLen() * n; int authPathSize = getParams().getHeight() * n; int totalSize = indexSize + randomSize + signatureSize + authPathSize;
public boolean verifySignature(byte[] message, byte[] signature) { /* parse signature and public key */ XMSSSignature sig = new XMSSSignature.Builder(params).withSignature(signature).build(); /* generate public key */ int index = sig.getIndex(); /* reinitialize WOTS+ object */ params.getWOTSPlus().importKeys(new byte[params.getDigestSize()], publicKey.getPublicSeed()); /* create message digest */ byte[] concatenated = Arrays.concatenate(sig.getRandom(), publicKey.getRoot(), XMSSUtil.toBytesBigEndian(index, params.getDigestSize())); byte[] messageDigest = khf.HMsg(concatenated, message); int xmssHeight = params.getHeight(); int indexLeaf = XMSSUtil.getLeafIndex(index, xmssHeight); /* get root from signature */ OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withOTSAddress(index).build(); XMSSNode rootNodeFromSignature = XMSSVerifierUtil.getRootNodeFromSignature(params.getWOTSPlus(), xmssHeight, messageDigest, sig, otsHashAddress, indexLeaf); return Arrays.constantTimeAreEqual(rootNodeFromSignature.getValue(), publicKey.getRoot()); }
/** * Generate a new XMSSMT private key / public key pair. */ public AsymmetricCipherKeyPair generateKeyPair() { XMSSMTPrivateKeyParameters privateKey; XMSSMTPublicKeyParameters publicKey; /* generate XMSSMT private key */ privateKey = generatePrivateKey(new XMSSMTPrivateKeyParameters.Builder(params).build().getBDSState()); /* import to xmss */ xmssParams.getWOTSPlus().importKeys(new byte[params.getDigestSize()], privateKey.getPublicSeed()); /* get root */ int rootLayerIndex = params.getLayers() - 1; OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withLayerAddress(rootLayerIndex) .build(); /* store BDS instance of root xmss instance */ BDS bdsRoot = new BDS(xmssParams, privateKey.getPublicSeed(), privateKey.getSecretKeySeed(), otsHashAddress); XMSSNode root = bdsRoot.getRoot(); privateKey.getBDSState().put(rootLayerIndex, bdsRoot); /* set XMSS^MT root / create public key */ privateKey = new XMSSMTPrivateKeyParameters.Builder(params).withSecretKeySeed(privateKey.getSecretKeySeed()) .withSecretKeyPRF(privateKey.getSecretKeyPRF()).withPublicSeed(privateKey.getPublicSeed()) .withRoot(root.getValue()).withBDSState(privateKey.getBDSState()).build(); publicKey = new XMSSMTPublicKeyParameters.Builder(params).withRoot(root.getValue()) .withPublicSeed(privateKey.getPublicSeed()).build(); return new AsymmetricCipherKeyPair(publicKey, privateKey); }