/src/Botan-3.4.0/build/include/public/botan/sp_parameters.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * SPHINCS+ Parameters |
3 | | * (C) 2023 Jack Lloyd |
4 | | * 2023 Fabian Albert, René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity |
5 | | * |
6 | | * Botan is released under the Simplified BSD License (see license.txt) |
7 | | **/ |
8 | | |
9 | | #ifndef BOTAN_SP_PARAMS_H_ |
10 | | #define BOTAN_SP_PARAMS_H_ |
11 | | |
12 | | #include <botan/asn1_obj.h> |
13 | | |
14 | | #include <string_view> |
15 | | |
16 | | namespace Botan { |
17 | | |
18 | | enum class Sphincs_Hash_Type { |
19 | | Shake256, |
20 | | Sha256, |
21 | | Haraka, ///< Haraka is currently not supported |
22 | | }; |
23 | | |
24 | | enum class Sphincs_Parameter_Set { |
25 | | Sphincs128Small, |
26 | | Sphincs128Fast, |
27 | | Sphincs192Small, |
28 | | Sphincs192Fast, |
29 | | Sphincs256Small, |
30 | | Sphincs256Fast, |
31 | | }; |
32 | | |
33 | | /** |
34 | | * Container for all SPHINCS+ parameters defined by a specific instance (see |
35 | | * Table 3 of Sphincs+ round 3.1 spec). Also contains getters for various |
36 | | * parameters that are derived from the given parameters. |
37 | | */ |
38 | | class BOTAN_PUBLIC_API(3, 1) Sphincs_Parameters final { |
39 | | public: |
40 | | static Sphincs_Parameters create(Sphincs_Parameter_Set set, Sphincs_Hash_Type hash); |
41 | | static Sphincs_Parameters create(std::string_view name); |
42 | | static Sphincs_Parameters create(const OID& oid); |
43 | | |
44 | | /** |
45 | | * @returns the OID of the algorithm specified by those parameters |
46 | | */ |
47 | | OID object_identifier() const; |
48 | | |
49 | | /** |
50 | | * @returns the algorithm specifier for the selected parameter set |
51 | | */ |
52 | | AlgorithmIdentifier algorithm_identifier() const; |
53 | | |
54 | | /** |
55 | | * @returns the hash type used by those parameters |
56 | | */ |
57 | 0 | Sphincs_Hash_Type hash_type() const { return m_hash_type; } |
58 | | |
59 | | /** |
60 | | * @returns the generic algorithm parameterization set to be used by those parameters |
61 | | */ |
62 | 0 | Sphincs_Parameter_Set parameter_set() const { return m_set; } |
63 | | |
64 | | /** |
65 | | * @returns a string representation of this parameter set |
66 | | */ |
67 | | std::string to_string() const; |
68 | | |
69 | | /** |
70 | | * @returns the algorithm specifier of the hash function to be used |
71 | | */ |
72 | | std::string hash_name() const; |
73 | | |
74 | | /** |
75 | | * @returns SPHINCS+ security parameter in bytes |
76 | | */ |
77 | 0 | uint32_t n() const { return m_n; } |
78 | | |
79 | | /** |
80 | | * @returns Height of the SPHINCS+ hypertree |
81 | | */ |
82 | 0 | uint32_t h() const { return m_h; } |
83 | | |
84 | | /** |
85 | | * @returns Number of XMSS layers in the SPHINCS+ hypertree |
86 | | */ |
87 | 0 | uint32_t d() const { return m_d; } |
88 | | |
89 | | /** |
90 | | * This is the desired height of the FORS trees, aka `log(t)` with t being |
91 | | * the number of leaves in each FORS tree. |
92 | | * |
93 | | * @returns Height of the FORS trees |
94 | | */ |
95 | 0 | uint32_t a() const { return m_a; } |
96 | | |
97 | | /** |
98 | | * @returns Number of FORS trees to use |
99 | | */ |
100 | 0 | uint32_t k() const { return m_k; } |
101 | | |
102 | | /** |
103 | | * @returns the Winternitz parameter for WOTS+ signatures |
104 | | */ |
105 | 0 | uint32_t w() const { return m_w; } |
106 | | |
107 | | /** |
108 | | * @returns the bit security given by Table 3 (NIST R3.1 submission, page 39) for the |
109 | | * selected parameter set |
110 | | */ |
111 | 0 | uint32_t bitsec() const { return m_bitsec; } |
112 | | |
113 | | /** |
114 | | * @returns the tree height of an XMSS tree |
115 | | */ |
116 | 0 | uint32_t xmss_tree_height() const { return m_xmss_tree_height; } |
117 | | |
118 | | /** |
119 | | * @returns the byte length of a single xmss signature |
120 | | */ |
121 | 0 | uint32_t xmss_signature_bytes() const { return m_xmss_sig_bytes; } |
122 | | |
123 | | /** |
124 | | * @returns the byte length of a the xmss hypertree signature |
125 | | */ |
126 | 0 | uint32_t ht_signature_bytes() const { return m_ht_sig_bytes; } |
127 | | |
128 | | /** |
129 | | * @returns the base 2 logarithm of the Winternitz parameter for WOTS+ signatures |
130 | | */ |
131 | 0 | uint32_t log_w() const { return m_log_w; } |
132 | | |
133 | | /** |
134 | | * @returns the len1 parameter for WOTS+ signatures |
135 | | */ |
136 | 0 | uint32_t wots_len_1() const { return m_wots_len1; } |
137 | | |
138 | | /** |
139 | | * @returns the len2 parameter for WOTS+ signatures |
140 | | */ |
141 | 0 | uint32_t wots_len_2() const { return m_wots_len2; } |
142 | | |
143 | | /** |
144 | | * @returns the len parameter for WOTS+ signatures |
145 | | */ |
146 | 0 | uint32_t wots_len() const { return m_wots_len; } |
147 | | |
148 | | /** |
149 | | * @returns the byte length of a WOTS+ signature |
150 | | */ |
151 | 0 | uint32_t wots_bytes() const { return m_wots_bytes; } |
152 | | |
153 | | /** |
154 | | * @returns the number of bytes a WOTS+ signature consists of |
155 | | */ |
156 | 0 | uint32_t wots_checksum_bytes() const { return m_wots_checksum_bytes; } |
157 | | |
158 | | /** |
159 | | * @returns the byte length of a FORS signature |
160 | | */ |
161 | 0 | uint32_t fors_signature_bytes() const { return m_fors_sig_bytes; } |
162 | | |
163 | | /** |
164 | | * @returns the byte length of the FORS input message |
165 | | */ |
166 | 0 | uint32_t fors_message_bytes() const { return m_fors_message_bytes; } |
167 | | |
168 | | /** |
169 | | * @returns the byte length of a Sphincs+ signature |
170 | | */ |
171 | 0 | uint32_t sphincs_signature_bytes() const { return m_sp_sig_bytes; } |
172 | | |
173 | | /** |
174 | | * @returns the byte length of an encoded public key for this parameter set |
175 | | */ |
176 | 0 | uint32_t public_key_bytes() const { return m_n * 2; } |
177 | | |
178 | | /** |
179 | | * @returns the byte length of an encoded private key for this parameter set |
180 | | */ |
181 | 0 | uint32_t private_key_bytes() const { return m_n * 2 + public_key_bytes(); } |
182 | | |
183 | | /** |
184 | | * @returns the byte length of the tree index output of H_msg |
185 | | */ |
186 | 0 | uint32_t tree_digest_bytes() const { return m_tree_digest_bytes; } |
187 | | |
188 | | /** |
189 | | * @returns the byte length of the leaf index output of H_msg |
190 | | */ |
191 | 0 | uint32_t leaf_digest_bytes() const { return m_leaf_digest_bytes; } |
192 | | |
193 | | /** |
194 | | * @returns the byte length of the output of H_msg. Corresponds to |
195 | | * m in the specification of H_msg in Section 7.2 |
196 | | */ |
197 | 0 | uint32_t h_msg_digest_bytes() const { return m_h_msg_digest_bytes; } |
198 | | |
199 | | private: |
200 | | Sphincs_Parameters(Sphincs_Parameter_Set set, |
201 | | Sphincs_Hash_Type hash_type, |
202 | | uint32_t n, |
203 | | uint32_t h, |
204 | | uint32_t d, |
205 | | uint32_t a, |
206 | | uint32_t k, |
207 | | uint32_t w, |
208 | | uint32_t bitsec); |
209 | | |
210 | | private: |
211 | | Sphincs_Parameter_Set m_set; |
212 | | Sphincs_Hash_Type m_hash_type; |
213 | | uint32_t m_n; |
214 | | uint32_t m_h; |
215 | | uint32_t m_d; |
216 | | uint32_t m_a; |
217 | | uint32_t m_k; |
218 | | uint32_t m_w; |
219 | | uint32_t m_bitsec; |
220 | | uint32_t m_log_w; |
221 | | uint32_t m_wots_len1; |
222 | | uint32_t m_wots_len2; |
223 | | uint32_t m_wots_len; |
224 | | uint32_t m_wots_bytes; |
225 | | uint32_t m_wots_checksum_bytes; |
226 | | uint32_t m_fors_message_bytes; |
227 | | uint32_t m_fors_sig_bytes; |
228 | | uint32_t m_sp_sig_bytes; |
229 | | uint32_t m_xmss_tree_height; |
230 | | uint32_t m_xmss_sig_bytes; |
231 | | uint32_t m_ht_sig_bytes; |
232 | | |
233 | | uint32_t m_tree_digest_bytes; |
234 | | uint32_t m_leaf_digest_bytes; |
235 | | uint32_t m_h_msg_digest_bytes; |
236 | | }; |
237 | | |
238 | | } // namespace Botan |
239 | | |
240 | | #endif |