lms

package
v1.0.4016 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 29, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	WINDOW_W1 window = 1 << iota
	WINDOW_W2
	WINDOW_W4
	WINDOW_W8
)
View Source 
const HSS_MAX_LEVELS = 5
View Source 
const ID_LEN uint64 = 16

Variables

View Source 
var (
	LMOTS_SHA256_N32_W1 = LmotsParam{
		Name:   "LMOTS_SHA256_N32_W1",
		Type:   type_LMOTS_SHA256_N32_W1,
		Hash:   sha256.New,
		N:      sha256.Size,
		W:      WINDOW_W1,
		P:      265,
		LS:     7,
		SigLen: 8516,
	}
	LMOTS_SHA256_N32_W2 = LmotsParam{
		Name:   "LMOTS_SHA256_N32_W2",
		Type:   type_LMOTS_SHA256_N32_W2,
		Hash:   sha256.New,
		N:      sha256.Size,
		W:      WINDOW_W2,
		P:      133,
		LS:     6,
		SigLen: 4292,
	}
	LMOTS_SHA256_N32_W4 = LmotsParam{
		Name:   "LMOTS_SHA256_N32_W4",
		Type:   type_LMOTS_SHA256_N32_W4,
		Hash:   sha256.New,
		N:      sha256.Size,
		W:      WINDOW_W4,
		P:      67,
		LS:     4,
		SigLen: 2180,
	}
	LMOTS_SHA256_N32_W8 = LmotsParam{
		Name:   "LMOTS_SHA256_N32_W8",
		Type:   type_LMOTS_SHA256_N32_W8,
		Hash:   sha256.New,
		N:      sha256.Size,
		W:      WINDOW_W8,
		P:      34,
		LS:     0,
		SigLen: 1124,
	}

	// SM3 hash
	LMOTS_SM3_N32_W1 = LmotsParam{
		Name:   "LMOTS_SM3_N32_W1",
		Type:   type_LMOTS_SM3_N32_W1,
		Hash:   sm3.New,
		N:      sm3.Size,
		W:      WINDOW_W1,
		P:      265,
		LS:     7,
		SigLen: 8516,
	}
	LMOTS_SM3_N32_W2 = LmotsParam{
		Name:   "LMOTS_SM3_N32_W2",
		Type:   type_LMOTS_SM3_N32_W2,
		Hash:   sm3.New,
		N:      sm3.Size,
		W:      WINDOW_W2,
		P:      133,
		LS:     6,
		SigLen: 4292,
	}
	LMOTS_SM3_N32_W4 = LmotsParam{
		Name:   "LMOTS_SM3_N32_W4",
		Type:   type_LMOTS_SM3_N32_W4,
		Hash:   sm3.New,
		N:      sm3.Size,
		W:      WINDOW_W4,
		P:      67,
		LS:     4,
		SigLen: 2180,
	}
	LMOTS_SM3_N32_W8 = LmotsParam{
		Name:   "LMOTS_SM3_N32_W8",
		Type:   type_LMOTS_SM3_N32_W8,
		Hash:   sm3.New,
		N:      sm3.Size,
		W:      WINDOW_W8,
		P:      34,
		LS:     0,
		SigLen: 1124,
	}
)
View Source 
var (
	LMS_SHA256_M32_H5 = LmsParam{
		Name: "LMS_SHA256_M32_H5",
		Type: type_LMS_SHA256_M32_H5,
		Hash: sha256.New,
		M:    32,
		H:    5,
	}
	LMS_SHA256_M32_H10 = LmsParam{
		Name: "LMS_SHA256_M32_H10",
		Type: type_LMS_SHA256_M32_H10,
		Hash: sha256.New,
		M:    32,
		H:    10,
	}
	LMS_SHA256_M32_H15 = LmsParam{
		Name: "LMS_SHA256_M32_H15",
		Type: type_LMS_SHA256_M32_H15,
		Hash: sha256.New,
		M:    32,
		H:    15,
	}
	LMS_SHA256_M32_H20 = LmsParam{
		Name: "LMS_SHA256_M32_H20",
		Type: type_LMS_SHA256_M32_H20,
		Hash: sha256.New,
		M:    32,
		H:    20,
	}
	LMS_SHA256_M32_H25 = LmsParam{
		Name: "LMS_SHA256_M32_H25",
		Type: type_LMS_SHA256_M32_H25,
		Hash: sha256.New,
		M:    32,
		H:    25,
	}

	// SM3
	LMS_SM3_M32_H5 = LmsParam{
		Name: "LMS_SM3_M32_H5",
		Type: type_LMS_SM3_M32_H5,
		Hash: sm3.New,
		M:    32,
		H:    5,
	}
	LMS_SM3_M32_H10 = LmsParam{
		Name: "LMS_SM3_M32_H10",
		Type: type_LMS_SM3_M32_H10,
		Hash: sm3.New,
		M:    32,
		H:    10,
	}
	LMS_SM3_M32_H15 = LmsParam{
		Name: "LMS_SM3_M32_H15",
		Type: type_LMS_SM3_M32_H15,
		Hash: sm3.New,
		M:    32,
		H:    15,
	}
	LMS_SM3_M32_H20 = LmsParam{
		Name: "LMS_SM3_M32_H20",
		Type: type_LMS_SM3_M32_H20,
		Hash: sm3.New,
		M:    32,
		H:    20,
	}
	LMS_SM3_M32_H25 = LmsParam{
		Name: "LMS_SM3_M32_H25",
		Type: type_LMS_SM3_M32_H25,
		Hash: sm3.New,
		M:    32,
		H:    25,
	}
)
View Source 
var D_INTR = [2]uint8{0x83, 0x83}
View Source 
var D_LEAF = [2]uint8{0x82, 0x82}
View Source 
var D_MESG = [2]uint8{0x81, 0x81}
View Source 
var D_PBLC = [2]uint8{0x80, 0x80}
View Source 
var DefaultLmotsSignerOpts = LmotsSignerOpts{}

default Signer Opts

View Source 
var DefaultOpts = []HSSOpts{
	HSSOpts{
		Type:    LMS_SHA256_M32_H5,
		OtsType: LMOTS_SHA256_N32_W8,
	},
	HSSOpts{
		Type:    LMS_SHA256_M32_H5,
		OtsType: LMOTS_SHA256_N32_W8,
	},
}

Default Opts

View Source 
var DefaultSignerOpts = SignerOpts{}

default Signer Opts

Functions

func AddLmotsParam 

func AddLmotsParam(typ LmotsType, fn func() ILmotsParam)

AddLmotsParam

func AddLmsParam 

func AddLmsParam(typ LmsType, fn func() ILmsParam)

AddLmsParam

func AllLmotsParams 

func AllLmotsParams() map[LmotsType]func() ILmotsParam

AllLmotsParams

func AllLmsParams 

func AllLmsParams() map[LmsType]func() ILmsParam

AllLmsParams

func Cksm 

func Cksm(coefs []uint8, w ByteWindow, LS uint64) uint16

Returns a checksum calculated over a slice of Winternitz coefficients

func Coefs 

func Coefs(x []byte, w ByteWindow) []uint8

Returns a []byte representing the Winternitz coefficients of x for a given window, w

func Expand 

func Expand(msg []byte, mode ILmotsParam) ([]uint8, error)

expands a message into the winternitz coefficients of the message and its checksum returns a slice of length P

func GeneratePKTree 

func GeneratePKTree(typ ILmsParam, otsType ILmotsParam, id ID, seed []byte) ([][]byte, error)

GeneratePKTree generates the Merkle Tree needed to derive the public key and authentication path for any message.

func GetLmotsParam 

func GetLmotsParam(typ LmotsType) (func() ILmotsParam, error)

GetLmotsParam

func GetLmsParam 

func GetLmsParam(typ LmsType) (func() ILmsParam, error)

GetLmsParam

Types

type ByteWindow 

type ByteWindow interface {
	Window() window
	Mask() uint8
}

ByteWindow is the representation of bytes used in calculating LM-OTS signatures

type HSSOpts 

type HSSOpts struct {
	Type    ILmsParam
	OtsType ILmotsParam
}

HSS options

type HSSPrivateKey 

type HSSPrivateKey struct {
	HSSPublicKey
	LmsKey [5]PrivateKey
	LmsSig [4]Signature
}

A HSSPrivateKey is used to sign a finite number of messages

func GenerateHSSKey 

func GenerateHSSKey(rng io.Reader, opts []HSSOpts) (*HSSPrivateKey, error)

GenerateHSSKey returns a new HSSPrivateKey

func NewHSSPrivateKeyFromBytes 

func NewHSSPrivateKeyFromBytes(b []byte) (*HSSPrivateKey, error)

NewHSSPrivateKeyFromBytes returns an HSSPrivateKey that represents b.

func (*HSSPrivateKey) Equal 

func (priv *HSSPrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*HSSPrivateKey) Public 

func (priv *HSSPrivateKey) Public() crypto.PublicKey

Public returns a crypto.PublicKey that validates signatures for this private key

func (*HSSPrivateKey) PublicKey 

func (priv *HSSPrivateKey) PublicKey() HSSPublicKey

PublicKey returns a HSSPublicKey that validates signatures for this private key

func (*HSSPrivateKey) Sign 

func (priv *HSSPrivateKey) Sign(rng io.Reader, msg []byte, _ crypto.SignerOpts) ([]byte, error)

Sign calculates the LMS-HSS signature of a chosen message.

func (*HSSPrivateKey) ToBytes 

func (priv *HSSPrivateKey) ToBytes() ([]byte, error)

ToBytes() serializes the public key into a byte string for transmission or storage.

type HSSPublicKey 

type HSSPublicKey struct {
	Levels int
	LmsPub PublicKey
}

A HSSPublicKey is used to verify messages signed by a HSSPrivateKey

func NewHSSPublicKeyFromBytes 

func NewHSSPublicKeyFromBytes(b []byte) (*HSSPublicKey, error)

NewHSSPublicKeyFromBytes returns an HSSPublicKey that represents b.

func (*HSSPublicKey) Equal 

func (pub *HSSPublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*HSSPublicKey) ToBytes 

func (pub *HSSPublicKey) ToBytes() []byte

ToBytes() serializes the public key into a byte string for transmission or storage.

func (*HSSPublicKey) Verify 

func (pub *HSSPublicKey) Verify(msg []byte, sig []byte) bool

Verify returns true if sig is valid for msg and this public key. It returns false otherwise.

type Hasher 

type Hasher = func() hash.Hash

type ID 

type ID = [ID_LEN]byte

ID is a fixed-legnth []byte used in LM-OTS and LM-OTS

type ILmotsParam 

type ILmotsParam interface {
	GetType() LmotsType
	SigLength() uint64
	Params() LmotsParam
}

ILmotsParam represents a specific instance of LM-OTS

type ILmsParam 

type ILmsParam interface {
	GetType() LmsType
	SigLength(ILmotsParam) uint64
	Params() LmsParam
}

ILmsParam represents a specific instance of LMS

type LmotsParam 

type LmotsParam struct {
	Name   string
	Type   LmotsType
	Hash   Hasher
	N      uint64
	W      ByteWindow
	P      uint64
	LS     uint64
	SigLen uint64
}

func (LmotsParam) GetType 

func (this LmotsParam) GetType() LmotsType

Returns a uint32 of the same value as the LmotsType

func (LmotsParam) Params 

func (this LmotsParam) Params() LmotsParam

Returns a Params

func (LmotsParam) SigLength 

func (this LmotsParam) SigLength() uint64

Returns the expected byte length of a given LM-OTS signature algorithm

func (LmotsParam) String 

func (this LmotsParam) String() string

Returns a param name string

type LmotsPrivateKey 

type LmotsPrivateKey struct {
	LmotsPublicKey
	// contains filtered or unexported fields
}

A LmotsPrivateKey is used to sign exactly one message.

func NewLmotsPrivateKey 

func NewLmotsPrivateKey(typ ILmotsParam, q uint32, id ID) (*LmotsPrivateKey, error)

NewLmotsPrivateKey returns a LmotsPrivateKey, seeded by a cryptographically secure random number generator.

func NewLmotsPrivateKeyFromSeed 

func NewLmotsPrivateKeyFromSeed(typ ILmotsParam, q uint32, id ID, seed []byte) (*LmotsPrivateKey, error)

NewLmotsPrivateKeyFromSeed returns a new LmotsPrivateKey, using the algorithm from Appendix A of <https://datatracker.ietf.org/doc/html/rfc8554#appendix-A>

func (*LmotsPrivateKey) Equal 

func (priv *LmotsPrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*LmotsPrivateKey) Public 

func (priv *LmotsPrivateKey) Public() crypto.PublicKey

Public returns a crypto.PublicKey that validates signatures for this private key.

func (*LmotsPrivateKey) PublicKey 

func (priv *LmotsPrivateKey) PublicKey() LmotsPublicKey

PublicKey returns a LmotsPublicKey that validates signatures for this private key.

func (*LmotsPrivateKey) Sign 

func (priv *LmotsPrivateKey) Sign(rng io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

Sign calculates the LM-OTS signature of a chosen message.

func (*LmotsPrivateKey) SignToSignature 

func (priv *LmotsPrivateKey) SignToSignature(rng io.Reader, msg []byte, opts crypto.SignerOpts) (*LmotsSignature, error)

SignToSignature calculates the LM-OTS signature of a chosen message.

type LmotsPublicKey 

type LmotsPublicKey struct {
	// contains filtered or unexported fields
}

A LmotsPublicKey is used to verify exactly one message.

func NewLmotsPublicKeyFromBytes 

func NewLmotsPublicKeyFromBytes(b []byte) (*LmotsPublicKey, error)

NewLmotsPublicKeyFromBytes returns an LmotsPublicKey that represents b. This is the inverse of the ToBytes() method on the LmotsPublicKey object.

func (*LmotsPublicKey) Equal 

func (pub *LmotsPublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*LmotsPublicKey) Key 

func (pub *LmotsPublicKey) Key() []byte

Key returns a copy of the public key's k parameter. We need this to get the public key as bytes in order to hash

func (*LmotsPublicKey) ToBytes 

func (pub *LmotsPublicKey) ToBytes() []byte

ToBytes() serializes the public key into a byte string for transmission or storage.

func (*LmotsPublicKey) Verify 

func (pub *LmotsPublicKey) Verify(msg []byte, sig []byte) bool

Verify returns true if sig is valid for msg and this public key. It returns false otherwise.

func (*LmotsPublicKey) VerifyWithSignature 

func (pub *LmotsPublicKey) VerifyWithSignature(msg []byte, sig *LmotsSignature) bool

VerifyWithSignature returns true if sig is valid for msg and this public key. It returns false otherwise.

type LmotsSignature 

type LmotsSignature struct {
	// contains filtered or unexported fields
}

A LmotsSignature is a signature of one message.

func NewLmotsSignatureFromBytes 

func NewLmotsSignatureFromBytes(b []byte) (*LmotsSignature, error)

NewLmotsSignatureFromBytes returns an LmotsSignature represented by b.

func (*LmotsSignature) C 

func (sig *LmotsSignature) C() []byte

C returns a bytes for c

func (*LmotsSignature) RecoverPublicKey 

func (sig *LmotsSignature) RecoverPublicKey(msg []byte, typ ILmotsParam, id ID, q uint32) (*LmotsPublicKey, bool)

RecoverPublicKey calculates the public key for a given message. This is used in signature verification.

func (*LmotsSignature) ToBytes 

func (sig *LmotsSignature) ToBytes() ([]byte, error)

ToBytes() serializes the LM-OTS signature into a byte string for transmission or storage.

type LmotsSignerOpts 

type LmotsSignerOpts struct {
	C []byte
}

Signer Opts

func (LmotsSignerOpts) HashFunc 

func (this LmotsSignerOpts) HashFunc() crypto.Hash

type LmotsType 

type LmotsType uint32

type LmsParam 

type LmsParam struct {
	Name string
	Type LmsType
	Hash Hasher
	M    uint64
	H    uint64
}

func (LmsParam) GetType 

func (this LmsParam) GetType() LmsType

Returns a uint32 of the same value as the LmsType

func (LmsParam) Params 

func (this LmsParam) Params() LmsParam

Returns a Params

func (LmsParam) SigLength 

func (this LmsParam) SigLength(otstc ILmotsParam) uint64

Returns the expected byte length of a given LMS signature algorithm

func (LmsParam) String 

func (this LmsParam) String() string

Returns a param name string

type LmsType 

type LmsType uint32

type PrivateKey 

type PrivateKey struct {
	PublicKey
	// contains filtered or unexported fields
}

A PrivateKey is used to sign a finite number of messages

func GenerateKey 

func GenerateKey(rng io.Reader, typ ILmsParam, otsType ILmotsParam) (*PrivateKey, error)

GenerateKey returns a PrivateKey, seeded by a cryptographically secure random number generator.

func GenerateKeyFromSeed 

func GenerateKeyFromSeed(typ ILmsParam, otsType ILmotsParam, id ID, seed []byte) (*PrivateKey, error)

GenerateKeyFromSeed returns a new PrivateKey, using the algorithm from Appendix A of <https://datatracker.ietf.org/doc/html/rfc8554#appendix-A>

func NewPrivateKeyFromBytes 

func NewPrivateKeyFromBytes(b []byte) (*PrivateKey, error)

NewPrivateKeyFromBytes returns an PrivateKey that represents b. This is the inverse of the ToBytes() method on the PrivateKey object.

func (*PrivateKey) Equal 

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*PrivateKey) Precompute 

func (priv *PrivateKey) Precompute()

compute authtree

func (*PrivateKey) Public 

func (priv *PrivateKey) Public() crypto.PublicKey

Public returns an PublicKey that validates signatures for this private key

func (*PrivateKey) Q 

func (priv *PrivateKey) Q() uint32

Retrieve the current value of the internal counter, q. Used for unit tests

func (*PrivateKey) Sign 

func (priv *PrivateKey) Sign(rng io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

Sign calculates the LMS signature of a chosen message.

func (*PrivateKey) SignToSignature 

func (priv *PrivateKey) SignToSignature(rng io.Reader, msg []byte, opts crypto.SignerOpts) (*Signature, error)

SignToSignature calculates the LMS signature of a chosen message.

func (*PrivateKey) ToBytes 

func (priv *PrivateKey) ToBytes() []byte

ToBytes() serialized the private key into a byte string for storage. The current value of the internal counter, q, is included.

type PublicKey 

type PublicKey struct {
	// contains filtered or unexported fields
}

A PublicKey is used to verify messages signed by a PrivateKey

func NewPublicKey 

func NewPublicKey(typ ILmsParam, otsType ILmotsParam, id ID, k []byte) (*PublicKey, error)

NewPublicKey return a new PublicKey, given the LMS typecode, LM-OTS typecode, ID, and root of the authentication tree (called k).

func NewPublicKeyFromBytes 

func NewPublicKeyFromBytes(b []byte) (*PublicKey, error)

NewPublicKeyFromBytes returns an PublicKey that represents b. This is the inverse of the ToBytes() method on the PublicKey object.

func (*PublicKey) Equal 

func (pub *PublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*PublicKey) ID 

func (pub *PublicKey) ID() ID

Return the ID for this public key

func (*PublicKey) Key 

func (pub *PublicKey) Key() []byte

Return a []byte representing the actual public key, k, which is the root of the authentication path in the corresponding private key. We need this to get the public key as bytes in order to test

func (*PublicKey) ToBytes 

func (pub *PublicKey) ToBytes() []byte

ToBytes() serializes the public key into a byte string for transmission or storage.

func (*PublicKey) Verify 

func (pub *PublicKey) Verify(msg []byte, sig []byte) bool

Verify returns true if sig is valid for msg and this public key. It returns false otherwise.

func (*PublicKey) VerifyWithSignature 

func (pub *PublicKey) VerifyWithSignature(msg []byte, sig *Signature) bool

VerifyWithSignature returns true if sig is valid for msg and this public key. It returns false otherwise.

type Signature 

type Signature struct {
	// contains filtered or unexported fields
}

A Signature represents a signature produced by an PrivateKey which an PublicKey can validate for a given message

func NewSignature 

func NewSignature(typ ILmsParam, q uint32, otsig LmotsSignature, path [][]byte) (*Signature, error)

NewSignature returns a Signature, given an LMS algorithm type, internal counter, LM-OTS signature, and authentication path.

func NewSignatureFromBytes 

func NewSignatureFromBytes(b []byte) (*Signature, error)

NewSignatureFromBytes returns an Signature represented by b. This is the inverse of the ToBytes() on Signature.

func (*Signature) ToBytes 

func (sig *Signature) ToBytes() ([]byte, error)

ToBytes() serializes the signature into a byte string for transmission or storage.

type SignerOpts 

type SignerOpts struct {
	C []byte
}

Signer Opts

func (SignerOpts) HashFunc 

func (this SignerOpts) HashFunc() crypto.Hash

type TypeDataName 

type TypeDataName interface {
	~uint32 | ~int
}

TypeDataName interface

type TypeParams 

type TypeParams[N TypeDataName, M any] struct {
	// contains filtered or unexported fields
}

TypeParams

func NewTypeParams 

func NewTypeParams[N TypeDataName, M any]() *TypeParams[N, M]

func (*TypeParams[N, M]) AddParam 

func (this *TypeParams[N, M]) AddParam(typ N, fn func() M)

AddParam

func (*TypeParams[N, M]) AllParams 

func (this *TypeParams[N, M]) AllParams() map[N]func() M

AllParams

func (*TypeParams[N, M]) GetParam 

func (this *TypeParams[N, M]) GetParam(typ N) (func() M, error)

GetParam

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.