lms

package
v1.0.4025 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 1, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source
const (
	WINDOW_W1 window = 1 << iota
	WINDOW_W2
	WINDOW_W4
	WINDOW_W8
)
View Source
const HSS_MAX_LEVELS = 5
View Source
const ID_LEN uint64 = 16

Variables

View Source
var (
	LMOTS_SHA256_N32_W1 = LmotsParam{
		Name:   "LMOTS_SHA256_N32_W1",
		Type:   type_LMOTS_SHA256_N32_W1,
		Hash:   sha256.New,
		N:      sha256.Size,
		W:      WINDOW_W1,
		P:      265,
		LS:     7,
		SigLen: 8516,
	}
	LMOTS_SHA256_N32_W2 = LmotsParam{
		Name:   "LMOTS_SHA256_N32_W2",
		Type:   type_LMOTS_SHA256_N32_W2,
		Hash:   sha256.New,
		N:      sha256.Size,
		W:      WINDOW_W2,
		P:      133,
		LS:     6,
		SigLen: 4292,
	}
	LMOTS_SHA256_N32_W4 = LmotsParam{
		Name:   "LMOTS_SHA256_N32_W4",
		Type:   type_LMOTS_SHA256_N32_W4,
		Hash:   sha256.New,
		N:      sha256.Size,
		W:      WINDOW_W4,
		P:      67,
		LS:     4,
		SigLen: 2180,
	}
	LMOTS_SHA256_N32_W8 = LmotsParam{
		Name:   "LMOTS_SHA256_N32_W8",
		Type:   type_LMOTS_SHA256_N32_W8,
		Hash:   sha256.New,
		N:      sha256.Size,
		W:      WINDOW_W8,
		P:      34,
		LS:     0,
		SigLen: 1124,
	}

	// SM3 hash
	LMOTS_SM3_N32_W1 = LmotsParam{
		Name:   "LMOTS_SM3_N32_W1",
		Type:   type_LMOTS_SM3_N32_W1,
		Hash:   sm3.New,
		N:      sm3.Size,
		W:      WINDOW_W1,
		P:      265,
		LS:     7,
		SigLen: 8516,
	}
	LMOTS_SM3_N32_W2 = LmotsParam{
		Name:   "LMOTS_SM3_N32_W2",
		Type:   type_LMOTS_SM3_N32_W2,
		Hash:   sm3.New,
		N:      sm3.Size,
		W:      WINDOW_W2,
		P:      133,
		LS:     6,
		SigLen: 4292,
	}
	LMOTS_SM3_N32_W4 = LmotsParam{
		Name:   "LMOTS_SM3_N32_W4",
		Type:   type_LMOTS_SM3_N32_W4,
		Hash:   sm3.New,
		N:      sm3.Size,
		W:      WINDOW_W4,
		P:      67,
		LS:     4,
		SigLen: 2180,
	}
	LMOTS_SM3_N32_W8 = LmotsParam{
		Name:   "LMOTS_SM3_N32_W8",
		Type:   type_LMOTS_SM3_N32_W8,
		Hash:   sm3.New,
		N:      sm3.Size,
		W:      WINDOW_W8,
		P:      34,
		LS:     0,
		SigLen: 1124,
	}
)
View Source
var (
	LMS_SHA256_M32_H5 = LmsParam{
		Name: "LMS_SHA256_M32_H5",
		Type: type_LMS_SHA256_M32_H5,
		Hash: sha256.New,
		M:    32,
		H:    5,
	}
	LMS_SHA256_M32_H10 = LmsParam{
		Name: "LMS_SHA256_M32_H10",
		Type: type_LMS_SHA256_M32_H10,
		Hash: sha256.New,
		M:    32,
		H:    10,
	}
	LMS_SHA256_M32_H15 = LmsParam{
		Name: "LMS_SHA256_M32_H15",
		Type: type_LMS_SHA256_M32_H15,
		Hash: sha256.New,
		M:    32,
		H:    15,
	}
	LMS_SHA256_M32_H20 = LmsParam{
		Name: "LMS_SHA256_M32_H20",
		Type: type_LMS_SHA256_M32_H20,
		Hash: sha256.New,
		M:    32,
		H:    20,
	}
	LMS_SHA256_M32_H25 = LmsParam{
		Name: "LMS_SHA256_M32_H25",
		Type: type_LMS_SHA256_M32_H25,
		Hash: sha256.New,
		M:    32,
		H:    25,
	}

	// SM3
	LMS_SM3_M32_H5 = LmsParam{
		Name: "LMS_SM3_M32_H5",
		Type: type_LMS_SM3_M32_H5,
		Hash: sm3.New,
		M:    32,
		H:    5,
	}
	LMS_SM3_M32_H10 = LmsParam{
		Name: "LMS_SM3_M32_H10",
		Type: type_LMS_SM3_M32_H10,
		Hash: sm3.New,
		M:    32,
		H:    10,
	}
	LMS_SM3_M32_H15 = LmsParam{
		Name: "LMS_SM3_M32_H15",
		Type: type_LMS_SM3_M32_H15,
		Hash: sm3.New,
		M:    32,
		H:    15,
	}
	LMS_SM3_M32_H20 = LmsParam{
		Name: "LMS_SM3_M32_H20",
		Type: type_LMS_SM3_M32_H20,
		Hash: sm3.New,
		M:    32,
		H:    20,
	}
	LMS_SM3_M32_H25 = LmsParam{
		Name: "LMS_SM3_M32_H25",
		Type: type_LMS_SM3_M32_H25,
		Hash: sm3.New,
		M:    32,
		H:    25,
	}
)
View Source
var D_INTR = [2]uint8{0x83, 0x83}
View Source
var D_LEAF = [2]uint8{0x82, 0x82}
View Source
var D_MESG = [2]uint8{0x81, 0x81}
View Source
var D_PBLC = [2]uint8{0x80, 0x80}
View Source
var DefaultLmotsSignerOpts = LmotsSignerOpts{}

default Signer Opts

View Source
var DefaultOpts = []HSSOpts{
	HSSOpts{
		Type:    LMS_SHA256_M32_H5,
		OtsType: LMOTS_SHA256_N32_W8,
	},
	HSSOpts{
		Type:    LMS_SHA256_M32_H5,
		OtsType: LMOTS_SHA256_N32_W8,
	},
}

Default Opts

View Source
var DefaultSignerOpts = SignerOpts{}

default Signer Opts

Functions

func AddLmotsParam

func AddLmotsParam(typ LmotsType, fn func() ILmotsParam)

AddLmotsParam

func AddLmsParam

func AddLmsParam(typ LmsType, fn func() ILmsParam)

AddLmsParam

func AllLmotsParams

func AllLmotsParams() map[LmotsType]func() ILmotsParam

AllLmotsParams

func AllLmsParams

func AllLmsParams() map[LmsType]func() ILmsParam

AllLmsParams

func Cksm

func Cksm(coefs []uint8, w ByteWindow, LS uint64) uint16

Returns a checksum calculated over a slice of Winternitz coefficients

func Coefs

func Coefs(x []byte, w ByteWindow) []uint8

Returns a []byte representing the Winternitz coefficients of x for a given window, w

func Expand

func Expand(msg []byte, mode ILmotsParam) ([]uint8, error)

expands a message into the winternitz coefficients of the message and its checksum returns a slice of length P

func GeneratePKTree

func GeneratePKTree(typ ILmsParam, otsType ILmotsParam, id ID, seed []byte) ([][]byte, error)

GeneratePKTree generates the Merkle Tree needed to derive the public key and authentication path for any message.

func GetLmotsParam

func GetLmotsParam(typ LmotsType) (func() ILmotsParam, error)

GetLmotsParam

func GetLmsParam

func GetLmsParam(typ LmsType) (func() ILmsParam, error)

GetLmsParam

Types

type ByteWindow

type ByteWindow interface {
	Window() window
	Mask() uint8
}

ByteWindow is the representation of bytes used in calculating LM-OTS signatures

type HSSOpts

type HSSOpts struct {
	Type    ILmsParam
	OtsType ILmotsParam
}

HSS options

type HSSPrivateKey

type HSSPrivateKey struct {
	HSSPublicKey
	LmsKey [5]PrivateKey
	LmsSig [4]Signature
}

A HSSPrivateKey is used to sign a finite number of messages

func GenerateHSSKey

func GenerateHSSKey(rng io.Reader, opts []HSSOpts) (*HSSPrivateKey, error)

GenerateHSSKey returns a new HSSPrivateKey

func NewHSSPrivateKeyFromBytes

func NewHSSPrivateKeyFromBytes(b []byte) (*HSSPrivateKey, error)

NewHSSPrivateKeyFromBytes returns an HSSPrivateKey that represents b.

func (*HSSPrivateKey) Equal

func (priv *HSSPrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*HSSPrivateKey) Public

func (priv *HSSPrivateKey) Public() crypto.PublicKey

Public returns a crypto.PublicKey that validates signatures for this private key

func (*HSSPrivateKey) PublicKey

func (priv *HSSPrivateKey) PublicKey() HSSPublicKey

PublicKey returns a HSSPublicKey that validates signatures for this private key

func (*HSSPrivateKey) Sign

func (priv *HSSPrivateKey) Sign(rng io.Reader, msg []byte, _ crypto.SignerOpts) ([]byte, error)

Sign calculates the LMS-HSS signature of a chosen message.

func (*HSSPrivateKey) ToBytes

func (priv *HSSPrivateKey) ToBytes() ([]byte, error)

ToBytes() serializes the public key into a byte string for transmission or storage.

type HSSPublicKey

type HSSPublicKey struct {
	Levels int
	LmsPub PublicKey
}

A HSSPublicKey is used to verify messages signed by a HSSPrivateKey

func NewHSSPublicKeyFromBytes

func NewHSSPublicKeyFromBytes(b []byte) (*HSSPublicKey, error)

NewHSSPublicKeyFromBytes returns an HSSPublicKey that represents b.

func (*HSSPublicKey) Equal

func (pub *HSSPublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*HSSPublicKey) ToBytes

func (pub *HSSPublicKey) ToBytes() []byte

ToBytes() serializes the public key into a byte string for transmission or storage.

func (*HSSPublicKey) Verify

func (pub *HSSPublicKey) Verify(msg []byte, sig []byte) bool

Verify returns true if sig is valid for msg and this public key. It returns false otherwise.

type Hasher

type Hasher = func() hash.Hash

type ID

type ID = [ID_LEN]byte

ID is a fixed-legnth []byte used in LM-OTS and LM-OTS

type ILmotsParam

type ILmotsParam interface {
	GetType() LmotsType
	SigLength() uint64
	Params() LmotsParam
}

ILmotsParam represents a specific instance of LM-OTS

type ILmsParam

type ILmsParam interface {
	GetType() LmsType
	SigLength(ILmotsParam) uint64
	Params() LmsParam
}

ILmsParam represents a specific instance of LMS

type LmotsParam

type LmotsParam struct {
	Name   string
	Type   LmotsType
	Hash   Hasher
	N      uint64
	W      ByteWindow
	P      uint64
	LS     uint64
	SigLen uint64
}

func (LmotsParam) GetType

func (this LmotsParam) GetType() LmotsType

Returns a uint32 of the same value as the LmotsType

func (LmotsParam) Params

func (this LmotsParam) Params() LmotsParam

Returns a Params

func (LmotsParam) SigLength

func (this LmotsParam) SigLength() uint64

Returns the expected byte length of a given LM-OTS signature algorithm

func (LmotsParam) String

func (this LmotsParam) String() string

Returns a param name string

type LmotsPrivateKey

type LmotsPrivateKey struct {
	LmotsPublicKey
	// contains filtered or unexported fields
}

A LmotsPrivateKey is used to sign exactly one message.

func NewLmotsPrivateKey

func NewLmotsPrivateKey(typ ILmotsParam, q uint32, id ID) (*LmotsPrivateKey, error)

NewLmotsPrivateKey returns a LmotsPrivateKey, seeded by a cryptographically secure random number generator.

func NewLmotsPrivateKeyFromSeed

func NewLmotsPrivateKeyFromSeed(typ ILmotsParam, q uint32, id ID, seed []byte) (*LmotsPrivateKey, error)

NewLmotsPrivateKeyFromSeed returns a new LmotsPrivateKey, using the algorithm from Appendix A of <https://datatracker.ietf.org/doc/html/rfc8554#appendix-A>

func (*LmotsPrivateKey) Equal

func (priv *LmotsPrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*LmotsPrivateKey) Public

func (priv *LmotsPrivateKey) Public() crypto.PublicKey

Public returns a crypto.PublicKey that validates signatures for this private key.

func (*LmotsPrivateKey) PublicKey

func (priv *LmotsPrivateKey) PublicKey() LmotsPublicKey

PublicKey returns a LmotsPublicKey that validates signatures for this private key.

func (*LmotsPrivateKey) Sign

func (priv *LmotsPrivateKey) Sign(rng io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

Sign calculates the LM-OTS signature of a chosen message.

func (*LmotsPrivateKey) SignToSignature

func (priv *LmotsPrivateKey) SignToSignature(rng io.Reader, msg []byte, opts crypto.SignerOpts) (*LmotsSignature, error)

SignToSignature calculates the LM-OTS signature of a chosen message.

type LmotsPublicKey

type LmotsPublicKey struct {
	// contains filtered or unexported fields
}

A LmotsPublicKey is used to verify exactly one message.

func NewLmotsPublicKeyFromBytes

func NewLmotsPublicKeyFromBytes(b []byte) (*LmotsPublicKey, error)

NewLmotsPublicKeyFromBytes returns an LmotsPublicKey that represents b. This is the inverse of the ToBytes() method on the LmotsPublicKey object.

func (*LmotsPublicKey) Equal

func (pub *LmotsPublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*LmotsPublicKey) Key

func (pub *LmotsPublicKey) Key() []byte

Key returns a copy of the public key's k parameter. We need this to get the public key as bytes in order to hash

func (*LmotsPublicKey) ToBytes

func (pub *LmotsPublicKey) ToBytes() []byte

ToBytes() serializes the public key into a byte string for transmission or storage.

func (*LmotsPublicKey) Verify

func (pub *LmotsPublicKey) Verify(msg []byte, sig []byte) bool

Verify returns true if sig is valid for msg and this public key. It returns false otherwise.

func (*LmotsPublicKey) VerifyWithSignature

func (pub *LmotsPublicKey) VerifyWithSignature(msg []byte, sig *LmotsSignature) bool

VerifyWithSignature returns true if sig is valid for msg and this public key. It returns false otherwise.

type LmotsSignature

type LmotsSignature struct {
	// contains filtered or unexported fields
}

A LmotsSignature is a signature of one message.

func NewLmotsSignatureFromBytes

func NewLmotsSignatureFromBytes(b []byte) (*LmotsSignature, error)

NewLmotsSignatureFromBytes returns an LmotsSignature represented by b.

func (*LmotsSignature) C

func (sig *LmotsSignature) C() []byte

C returns a bytes for c

func (*LmotsSignature) RecoverPublicKey

func (sig *LmotsSignature) RecoverPublicKey(msg []byte, typ ILmotsParam, id ID, q uint32) (*LmotsPublicKey, bool)

RecoverPublicKey calculates the public key for a given message. This is used in signature verification.

func (*LmotsSignature) ToBytes

func (sig *LmotsSignature) ToBytes() ([]byte, error)

ToBytes() serializes the LM-OTS signature into a byte string for transmission or storage.

type LmotsSignerOpts

type LmotsSignerOpts struct {
	C []byte
}

Signer Opts

func (LmotsSignerOpts) HashFunc

func (this LmotsSignerOpts) HashFunc() crypto.Hash

type LmotsType

type LmotsType uint32

type LmsParam

type LmsParam struct {
	Name string
	Type LmsType
	Hash Hasher
	M    uint64
	H    uint64
}

func (LmsParam) GetType

func (this LmsParam) GetType() LmsType

Returns a uint32 of the same value as the LmsType

func (LmsParam) Params

func (this LmsParam) Params() LmsParam

Returns a Params

func (LmsParam) SigLength

func (this LmsParam) SigLength(otstc ILmotsParam) uint64

Returns the expected byte length of a given LMS signature algorithm

func (LmsParam) String

func (this LmsParam) String() string

Returns a param name string

type LmsType

type LmsType uint32

type PrivateKey

type PrivateKey struct {
	PublicKey
	// contains filtered or unexported fields
}

A PrivateKey is used to sign a finite number of messages

func GenerateKey

func GenerateKey(rng io.Reader, typ ILmsParam, otsType ILmotsParam) (*PrivateKey, error)

GenerateKey returns a PrivateKey, seeded by a cryptographically secure random number generator.

func GenerateKeyFromSeed

func GenerateKeyFromSeed(typ ILmsParam, otsType ILmotsParam, id ID, seed []byte) (*PrivateKey, error)

GenerateKeyFromSeed returns a new PrivateKey, using the algorithm from Appendix A of <https://datatracker.ietf.org/doc/html/rfc8554#appendix-A>

func NewPrivateKeyFromBytes

func NewPrivateKeyFromBytes(b []byte) (*PrivateKey, error)

NewPrivateKeyFromBytes returns an PrivateKey that represents b. This is the inverse of the ToBytes() method on the PrivateKey object.

func (*PrivateKey) Equal

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*PrivateKey) Precompute

func (priv *PrivateKey) Precompute()

compute authtree

func (*PrivateKey) Public

func (priv *PrivateKey) Public() crypto.PublicKey

Public returns an PublicKey that validates signatures for this private key

func (*PrivateKey) Q

func (priv *PrivateKey) Q() uint32

Retrieve the current value of the internal counter, q. Used for unit tests

func (*PrivateKey) Sign

func (priv *PrivateKey) Sign(rng io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

Sign calculates the LMS signature of a chosen message.

func (*PrivateKey) SignToSignature

func (priv *PrivateKey) SignToSignature(rng io.Reader, msg []byte, opts crypto.SignerOpts) (*Signature, error)

SignToSignature calculates the LMS signature of a chosen message.

func (*PrivateKey) ToBytes

func (priv *PrivateKey) ToBytes() []byte

ToBytes() serialized the private key into a byte string for storage. The current value of the internal counter, q, is included.

type PublicKey

type PublicKey struct {
	// contains filtered or unexported fields
}

A PublicKey is used to verify messages signed by a PrivateKey

func NewPublicKey

func NewPublicKey(typ ILmsParam, otsType ILmotsParam, id ID, k []byte) (*PublicKey, error)

NewPublicKey return a new PublicKey, given the LMS typecode, LM-OTS typecode, ID, and root of the authentication tree (called k).

func NewPublicKeyFromBytes

func NewPublicKeyFromBytes(b []byte) (*PublicKey, error)

NewPublicKeyFromBytes returns an PublicKey that represents b. This is the inverse of the ToBytes() method on the PublicKey object.

func (*PublicKey) Equal

func (pub *PublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*PublicKey) ID

func (pub *PublicKey) ID() ID

Return the ID for this public key

func (*PublicKey) Key

func (pub *PublicKey) Key() []byte

Return a []byte representing the actual public key, k, which is the root of the authentication path in the corresponding private key. We need this to get the public key as bytes in order to test

func (*PublicKey) ToBytes

func (pub *PublicKey) ToBytes() []byte

ToBytes() serializes the public key into a byte string for transmission or storage.

func (*PublicKey) Verify

func (pub *PublicKey) Verify(msg []byte, sig []byte) bool

Verify returns true if sig is valid for msg and this public key. It returns false otherwise.

func (*PublicKey) VerifyWithSignature

func (pub *PublicKey) VerifyWithSignature(msg []byte, sig *Signature) bool

VerifyWithSignature returns true if sig is valid for msg and this public key. It returns false otherwise.

type Signature

type Signature struct {
	// contains filtered or unexported fields
}

A Signature represents a signature produced by an PrivateKey which an PublicKey can validate for a given message

func NewSignature

func NewSignature(typ ILmsParam, q uint32, otsig LmotsSignature, path [][]byte) (*Signature, error)

NewSignature returns a Signature, given an LMS algorithm type, internal counter, LM-OTS signature, and authentication path.

func NewSignatureFromBytes

func NewSignatureFromBytes(b []byte) (*Signature, error)

NewSignatureFromBytes returns an Signature represented by b. This is the inverse of the ToBytes() on Signature.

func (*Signature) ToBytes

func (sig *Signature) ToBytes() ([]byte, error)

ToBytes() serializes the signature into a byte string for transmission or storage.

type SignerOpts

type SignerOpts struct {
	C []byte
}

Signer Opts

func (SignerOpts) HashFunc

func (this SignerOpts) HashFunc() crypto.Hash

type TypeDataName

type TypeDataName interface {
	~uint32 | ~int
}

TypeDataName interface

type TypeParams

type TypeParams[N TypeDataName, M any] struct {
	// contains filtered or unexported fields
}

TypeParams

func NewTypeParams

func NewTypeParams[N TypeDataName, M any]() *TypeParams[N, M]

func (*TypeParams[N, M]) AddParam

func (this *TypeParams[N, M]) AddParam(typ N, fn func() M)

AddParam

func (*TypeParams[N, M]) AllParams

func (this *TypeParams[N, M]) AllParams() map[N]func() M

AllParams

func (*TypeParams[N, M]) GetParam

func (this *TypeParams[N, M]) GetParam(typ N) (func() M, error)

GetParam

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL