/src/botan/src/lib/pubkey/xmss/xmss_hash.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * XMSS Hash |
3 | | * A collection of pseudorandom hash functions required for XMSS and WOTS |
4 | | * computations. |
5 | | * (C) 2016,2017 Matthias Gierlings |
6 | | * |
7 | | * Botan is released under the Simplified BSD License (see license.txt) |
8 | | **/ |
9 | | |
10 | | #include <botan/xmss_hash.h> |
11 | | #include <botan/exceptn.h> |
12 | | |
13 | | namespace Botan { |
14 | | |
15 | | XMSS_Hash::XMSS_Hash(const XMSS_Hash& hash) |
16 | | : XMSS_Hash(hash.m_hash_func_name) |
17 | 0 | { |
18 | 0 | } |
19 | | |
20 | | XMSS_Hash::XMSS_Hash(const std::string& h_func_name) : |
21 | | m_hash(HashFunction::create(h_func_name)), |
22 | | m_hash_func_name(h_func_name) |
23 | 0 | { |
24 | 0 | if(!m_hash) |
25 | 0 | throw Lookup_Error("XMSS cannot use hash " + h_func_name + |
26 | 0 | " because it is unavailable"); |
27 | | |
28 | 0 | m_output_length = m_hash->output_length(); |
29 | 0 | BOTAN_ASSERT(m_output_length > 0, "Hash output length of zero is invalid."); |
30 | |
|
31 | 0 | m_zero_padding.resize(m_output_length - 1); |
32 | 0 | m_msg_hash.reset(m_hash->clone()); |
33 | 0 | } |
34 | | |
35 | | void |
36 | | XMSS_Hash::h(secure_vector<uint8_t>& result, |
37 | | const secure_vector<uint8_t>& key, |
38 | | const secure_vector<uint8_t>& data) |
39 | 0 | { |
40 | 0 | m_hash->update(m_zero_padding); |
41 | 0 | m_hash->update(m_id_h); |
42 | 0 | m_hash->update(key); |
43 | 0 | m_hash->update(data); |
44 | 0 | m_hash->final(result); |
45 | 0 | } |
46 | | |
47 | | void XMSS_Hash::h_msg_init(const secure_vector<uint8_t>& randomness, |
48 | | const secure_vector<uint8_t>& root, |
49 | | const secure_vector<uint8_t>& index_bytes) |
50 | 0 | { |
51 | 0 | m_msg_hash->clear(); |
52 | 0 | m_msg_hash->update(m_zero_padding); |
53 | 0 | m_msg_hash->update(m_id_hmsg); |
54 | 0 | m_msg_hash->update(randomness); |
55 | 0 | m_msg_hash->update(root); |
56 | 0 | m_msg_hash->update(index_bytes); |
57 | 0 | } |
58 | | |
59 | | void XMSS_Hash::h_msg_update(const uint8_t data[], size_t size) |
60 | 0 | { |
61 | 0 | m_msg_hash->update(data, size); |
62 | 0 | } |
63 | | |
64 | | secure_vector<uint8_t> XMSS_Hash::h_msg_final() |
65 | 0 | { |
66 | 0 | return m_msg_hash->final(); |
67 | 0 | } |
68 | | |
69 | | secure_vector<uint8_t> |
70 | | XMSS_Hash::h_msg(const secure_vector<uint8_t>& randomness, |
71 | | const secure_vector<uint8_t>& root, |
72 | | const secure_vector<uint8_t>& index_bytes, |
73 | | const secure_vector<uint8_t>& data) |
74 | 0 | { |
75 | 0 | h_msg_init(randomness, root, index_bytes); |
76 | 0 | m_msg_hash->update(data); |
77 | 0 | return m_msg_hash->final(); |
78 | 0 | } |
79 | | |
80 | | } |