diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 17:32:43 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 17:32:43 +0000 |
commit | 6bf0a5cb5034a7e684dcc3500e841785237ce2dd (patch) | |
tree | a68f146d7fa01f0134297619fbe7e33db084e0aa /comm/third_party/botan/src/lib/pubkey/xmss/xmss_hash.h | |
parent | Initial commit. (diff) | |
download | thunderbird-6bf0a5cb5034a7e684dcc3500e841785237ce2dd.tar.xz thunderbird-6bf0a5cb5034a7e684dcc3500e841785237ce2dd.zip |
Adding upstream version 1:115.7.0.upstream/1%115.7.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'comm/third_party/botan/src/lib/pubkey/xmss/xmss_hash.h')
-rw-r--r-- | comm/third_party/botan/src/lib/pubkey/xmss/xmss_hash.h | 156 |
1 files changed, 156 insertions, 0 deletions
diff --git a/comm/third_party/botan/src/lib/pubkey/xmss/xmss_hash.h b/comm/third_party/botan/src/lib/pubkey/xmss/xmss_hash.h new file mode 100644 index 0000000000..5d8cbab538 --- /dev/null +++ b/comm/third_party/botan/src/lib/pubkey/xmss/xmss_hash.h @@ -0,0 +1,156 @@ +/* + * XMSS Hash + * (C) 2016,2017 Matthias Gierlings + * + * Botan is released under the Simplified BSD License (see license.txt) + **/ + +#ifndef BOTAN_XMSS_HASH_H_ +#define BOTAN_XMSS_HASH_H_ + +#include <botan/hash.h> + +//BOTAN_FUTURE_INTERNAL_HEADER(xmss_hash.h) + +namespace Botan { + +/** + * A collection of pseudorandom hash functions required for XMSS and WOTS + * computations. + **/ +class XMSS_Hash final + { + public: + XMSS_Hash(const std::string& h_func_name); + XMSS_Hash(const XMSS_Hash& hash); + + /** + * Pseudoranom function creating a hash out of a key and data using + * a cryptographic hash function. + * + * @param[out] result The hash calculated using key and data. + * @param[in] key An n-byte key value. + * @param[in] data A 32-byte XMSS_Address data value + **/ + inline void prf(secure_vector<uint8_t>& result, + const secure_vector<uint8_t>& key, + const secure_vector<uint8_t>& data) + { + m_hash->update(m_zero_padding); + m_hash->update(m_id_prf); + m_hash->update(key); + m_hash->update(data); + m_hash->final(result); + } + + /** + * Pseudoranom function creating a hash out of a key and data using + * a cryptographic hash function. + * + * @param[in] key An n-byte key value. + * @param[in] data A 32-byte XMSS_Address data value + * @return result The hash calculated using key and data. + **/ + inline secure_vector<uint8_t> prf(const secure_vector<uint8_t>& key, + const secure_vector<uint8_t>& data) + { + m_hash->update(m_zero_padding); + m_hash->update(m_id_prf); + m_hash->update(key); + m_hash->update(data); + return m_hash->final(); + } + + /** + * F is a keyed cryptographic hash function used by the WOTS+ algorithm. + * + * @param[out] result The hash calculated using key and data. + * @param[in] key key of length n bytes. + * @param[in] data string of arbitrary length. + **/ + void f(secure_vector<uint8_t>& result, + const secure_vector<uint8_t>& key, + const secure_vector<uint8_t>& data) + { + m_hash->update(m_zero_padding); + m_hash->update(m_id_f); + m_hash->update(key); + m_hash->update(data); + m_hash->final(result); + } + + /** + * Cryptographic hash function h accepting n byte keys and 2n byte + * strings of data. + * + * @param[out] result The hash calculated using key and data. + * @param[in] key key of length n bytes. + * @param[in] data string of 2n bytes length. + **/ + void h(secure_vector<uint8_t>& result, + const secure_vector<uint8_t>& key, + const secure_vector<uint8_t>& data); + + /** + * Cryptographic hash function h accepting 3n byte keys and data + * strings of arbitrary length. + * + * @param randomness n-byte value. + * @param root n-byte root node. + * @param index_bytes Index value padded with leading zeros. + * @param data string of arbitrary length. + * + * @return hash value of n-bytes length. + **/ + secure_vector<uint8_t> h_msg(const secure_vector<uint8_t>& randomness, + const secure_vector<uint8_t>& root, + const secure_vector<uint8_t>& index_bytes, + const secure_vector<uint8_t>& data); + + /** + * Initializes buffered h_msg computation with prefix data. + * + * @param randomness random n-byte value. + * @param root n-byte root node. + * @param index_bytes Index value padded with leading zeros. + **/ + void h_msg_init(const secure_vector<uint8_t>& randomness, + const secure_vector<uint8_t>& root, + const secure_vector<uint8_t>& index_bytes); + + /** + * Adds a message block to buffered h_msg computation. + * + * @param data A message block + * @param size Length of the message block in bytes. + **/ + void h_msg_update(const uint8_t data[], size_t size); + + /** + * Finalizes buffered h_msg computation and retrieves the result. + * + * @return Hash calculated using the prefix set by h_msg_init() and + * message blocks provided through calls to h_msg_update(). + **/ + secure_vector<uint8_t> h_msg_final(); + + size_t output_length() const { return m_output_length; } + + private: + static const uint8_t m_id_f = 0x00; + static const uint8_t m_id_h = 0x01; + static const uint8_t m_id_hmsg = 0x02; + static const uint8_t m_id_prf = 0x03; + + std::unique_ptr<HashFunction> m_hash; + std::unique_ptr<HashFunction> m_msg_hash; + //32 byte id prefixes prepended to the hash input. + std::vector<uint8_t> m_zero_padding; + size_t m_output_length; + const std::string m_hash_func_name; + + }; + +} + +#endif |