/src/botan/build/include/internal/botan/internal/sp_hash.h

Source (jump to first uncovered line)
/*
 * SLH-DSA Hash Function Interface
 * (C) 2023 Jack Lloyd
 *     2023 Fabian Albert, René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 **/

#ifndef BOTAN_SP_HASH_H_
#define BOTAN_SP_HASH_H_

#include <botan/hash.h>
#include <botan/sp_parameters.h>
#include <botan/internal/sp_address.h>
#include <botan/internal/sp_types.h>

namespace Botan {

/**
 * A collection of pseudorandom hash functions required for SLH-DSA
 * computations. See FIPS 205, Section 11.2.1 and 11.2.2.
 **/
class BOTAN_TEST_API Sphincs_Hash_Functions {
   public:
      virtual ~Sphincs_Hash_Functions() = default;

      /**
       * Creates a Sphincs_Hash_Functions object instantiating the hash
       * functions used for the specified @p sphincs_params. The @p pub_seed is
       * used to seed the hash functions (possibly padded). This is pre-computed
       * and the respective state is copied on the further calls on H(seed) with
       * tweak_hash, i.e., T and PRF.
       */
      static std::unique_ptr<Sphincs_Hash_Functions> create(const Sphincs_Parameters& sphincs_params,
                                                            const SphincsPublicSeed& pub_seed);

      std::tuple<SphincsHashedMessage, XmssTreeIndexInLayer, TreeNodeIndex> H_msg(
         StrongSpan<const SphincsMessageRandomness> r,
         const SphincsTreeNode& root,
         const SphincsMessageInternal& message);

      /**
       * Using SK.PRF, the optional randomness, and a message, computes the message random R,
       * and the tree and leaf indices.
       *
       * @param out output location for the message hash
       * @param sk_prf SK.PRF
       * @param opt_rand optional randomness
       * @param msg message
       */
      virtual void PRF_msg(StrongSpan<SphincsMessageRandomness> out,
                           StrongSpan<const SphincsSecretPRF> sk_prf,
                           StrongSpan<const SphincsOptionalRandomness> opt_rand,
                           const SphincsMessageInternal& msg) = 0;

      template <typename... BufferTs>
      void T(std::span<uint8_t> out, const Sphincs_Address& address, BufferTs&&... in) {
         auto& hash = tweak_hash(address, (std::forward<BufferTs>(in).size() + ...));
         (hash.update(std::forward<BufferTs>(in)), ...);
         hash.final(out);
      }

      template <typename OutT = std::vector<uint8_t>, typename... BufferTs>
      OutT T(const Sphincs_Address& address, BufferTs&&... in) {
         OutT t(m_sphincs_params.n());
         T(t, address, std::forward<BufferTs>(in)...);
         return t;
      }

      void PRF(StrongSpan<ForsLeafSecret> out, const SphincsSecretSeed& sk_seed, const Sphincs_Address& address) {
         T(out, address, sk_seed);
      }

      void PRF(StrongSpan<WotsNode> out, const SphincsSecretSeed& sk_seed, const Sphincs_Address& address) {
         T(out, address, sk_seed);
      }

      virtual std::string msg_hash_function_name() const = 0;

   protected:
      Sphincs_Hash_Functions(const Sphincs_Parameters& sphincs_params, const SphincsPublicSeed& pub_seed);

      /**
       * Prepare the underlying hash function for hashing any given input
       * depending on the expected input length.
       *
       * @param address       the SLH-DSA address of the hash to be tweaked
       * @param input_length  the input buffer length that will be processed
       *                      with the tweaked hash (typically N or 2*N)
       * @returns a reference to a Botan::HashFunction that is preconditioned
       *          with the given tweaking parameters.
       *
       * @note Callers are expected to finalize (i.e. reset) the returned
       *       HashFunction after use.
       */
      virtual HashFunction& tweak_hash(const Sphincs_Address& address, size_t input_length) = 0;

      virtual std::vector<uint8_t> H_msg_digest(StrongSpan<const SphincsMessageRandomness> r,
                                                const SphincsTreeNode& root,
                                                const SphincsMessageInternal& message) = 0;

      const Sphincs_Parameters& m_sphincs_params;
      const SphincsPublicSeed& m_pub_seed;
};

}  // namespace Botan

#endif

Line	Count	Source (jump to first uncovered line)
1		/*
2		* SLH-DSA Hash Function Interface
3		* (C) 2023 Jack Lloyd
4		* 2023 Fabian Albert, René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity
5		*
6		* Botan is released under the Simplified BSD License (see license.txt)
7		**/
8
9		#ifndef BOTAN_SP_HASH_H_
10		#define BOTAN_SP_HASH_H_
11
12		#include <botan/hash.h>
13		#include <botan/sp_parameters.h>
14		#include <botan/internal/sp_address.h>
15		#include <botan/internal/sp_types.h>
16
17		namespace Botan {
18
19		/**
20		* A collection of pseudorandom hash functions required for SLH-DSA
21		* computations. See FIPS 205, Section 11.2.1 and 11.2.2.
22		**/
23		class BOTAN_TEST_API Sphincs_Hash_Functions {
24		public:
25	0	virtual ~Sphincs_Hash_Functions() = default;
26
27		/**
28		* Creates a Sphincs_Hash_Functions object instantiating the hash
29		* functions used for the specified @p sphincs_params. The @p pub_seed is
30		* used to seed the hash functions (possibly padded). This is pre-computed
31		* and the respective state is copied on the further calls on H(seed) with
32		* tweak_hash, i.e., T and PRF.
33		*/
34		static std::unique_ptr<Sphincs_Hash_Functions> create(const Sphincs_Parameters& sphincs_params,
35		const SphincsPublicSeed& pub_seed);
36
37		std::tuple<SphincsHashedMessage, XmssTreeIndexInLayer, TreeNodeIndex> H_msg(
38		StrongSpan<const SphincsMessageRandomness> r,
39		const SphincsTreeNode& root,
40		const SphincsMessageInternal& message);
41
42		/**
43		* Using SK.PRF, the optional randomness, and a message, computes the message random R,
44		* and the tree and leaf indices.
45		*
46		* @param out output location for the message hash
47		* @param sk_prf SK.PRF
48		* @param opt_rand optional randomness
49		* @param msg message
50		*/
51		virtual void PRF_msg(StrongSpan<SphincsMessageRandomness> out,
52		StrongSpan<const SphincsSecretPRF> sk_prf,
53		StrongSpan<const SphincsOptionalRandomness> opt_rand,
54		const SphincsMessageInternal& msg) = 0;
55
56		template <typename... BufferTs>
57	0	void T(std::span<uint8_t> out, const Sphincs_Address& address, BufferTs&&... in) {
58	0	auto& hash = tweak_hash(address, (std::forward<BufferTs>(in).size() + ...));
59	0	(hash.update(std::forward<BufferTs>(in)), ...);
60	0	hash.final(out);
61	0	} Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::SphincsSecretSeed_> const&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::SphincsSecretSeed_> const&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::ForsLeafSecret_>&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::ForsLeafSecret_>&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::ForsLeafSecret_> const>&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::ForsLeafSecret_> const>&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::WotsPublicKey_> const&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::WotsPublicKey_> const&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<std::__1::span<unsigned char, 18446744073709551615ul>&, Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_>&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, std::__1::span<unsigned char, 18446744073709551615ul>&, Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_>&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_> const>&, Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_> const>&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_> const>&, Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_> const>&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::WotsPublicKeyNode_> >&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::WotsPublicKeyNode_> >&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::WotsNode_> >&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::WotsNode_> >&) Unexecuted instantiation: void Botan::Sphincs_Hash_Functions::T<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::WotsPublicKey_>&>(std::__1::span<unsigned char, 18446744073709551615ul>, Botan::Sphincs_Address const&, Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::WotsPublicKey_>&)
62
63		template <typename OutT = std::vector<uint8_t>, typename... BufferTs>
64	0	OutT T(const Sphincs_Address& address, BufferTs&&... in) {
65	0	OutT t(m_sphincs_params.n());
66	0	T(t, address, std::forward<BufferTs>(in)...);
67	0	return t;
68	0	} Unexecuted instantiation: Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_> Botan::Sphincs_Hash_Functions::T<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_>, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >&>(Botan::Sphincs_Address const&, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >&) Unexecuted instantiation: Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_> Botan::Sphincs_Hash_Functions::T<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_>, Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::ForsLeafSecret_> const>&>(Botan::Sphincs_Address const&, Botan::StrongSpan<Botan::Strong<std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >, Botan::ForsLeafSecret_> const>&) Unexecuted instantiation: Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_> Botan::Sphincs_Hash_Functions::T<Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::SphincsTreeNode_>, Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::WotsPublicKey_> const&>(Botan::Sphincs_Address const&, Botan::Strong<std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, Botan::WotsPublicKey_> const&)
69
70	0	void PRF(StrongSpan<ForsLeafSecret> out, const SphincsSecretSeed& sk_seed, const Sphincs_Address& address) {
71	0	T(out, address, sk_seed);
72	0	}
73
74	0	void PRF(StrongSpan<WotsNode> out, const SphincsSecretSeed& sk_seed, const Sphincs_Address& address) {
75	0	T(out, address, sk_seed);
76	0	}
77
78		virtual std::string msg_hash_function_name() const = 0;
79
80		protected:
81		Sphincs_Hash_Functions(const Sphincs_Parameters& sphincs_params, const SphincsPublicSeed& pub_seed);
82
83		/**
84		* Prepare the underlying hash function for hashing any given input
85		* depending on the expected input length.
86		*
87		* @param address the SLH-DSA address of the hash to be tweaked
88		* @param input_length the input buffer length that will be processed
89		* with the tweaked hash (typically N or 2*N)
90		* @returns a reference to a Botan::HashFunction that is preconditioned
91		* with the given tweaking parameters.
92		*
93		* @note Callers are expected to finalize (i.e. reset) the returned
94		* HashFunction after use.
95		*/
96		virtual HashFunction& tweak_hash(const Sphincs_Address& address, size_t input_length) = 0;
97
98		virtual std::vector<uint8_t> H_msg_digest(StrongSpan<const SphincsMessageRandomness> r,
99		const SphincsTreeNode& root,
100		const SphincsMessageInternal& message) = 0;
101
102		const Sphincs_Parameters& m_sphincs_params;
103		const SphincsPublicSeed& m_pub_seed;
104		};
105
106		} // namespace Botan
107
108		#endif

Coverage Report

Created: 2025-04-11 06:34