From ffa2dacf805134a77b97b5201ed2d9e9d1ef8ba1 Mon Sep 17 00:00:00 2001 From: Alexander Wagner Date: Fri, 6 Sep 2024 20:43:05 +0200 Subject: [PATCH] WIP --- src/hss/definitions.rs | 8 +--- src/hss/reference_impl_private_key.rs | 6 +-- src/sst/gen_key.rs | 56 ++++++++++----------------- src/sst/parameters.rs | 2 +- 4 files changed, 26 insertions(+), 46 deletions(-) diff --git a/src/hss/definitions.rs b/src/hss/definitions.rs index 0334280..c3a5401 100644 --- a/src/hss/definitions.rs +++ b/src/hss/definitions.rs @@ -184,9 +184,7 @@ impl HssPublicKey { let top_lms_parameter = parameters[0].get_lms_parameter(); - let is_aux_data_used = aux_data - .as_ref() - .map_or(false, |data| hss_is_aux_data_used(data)); + let is_aux_data_used = aux_data.as_ref().map_or(false, |d| hss_is_aux_data_used(d)); let mut expanded_aux_data = HssPrivateKey::get_expanded_aux_data( aux_data, @@ -230,9 +228,7 @@ impl HssPublicKey { let top_lms_parameter = parameters[0].get_lms_parameter(); - let is_aux_data_used = aux_data - .as_ref() - .map_or(false, |data| hss_is_aux_data_used(data)); + let is_aux_data_used = aux_data.as_ref().map_or(false, |d| hss_is_aux_data_used(d)); let mut opt_expanded_aux_data = HssPrivateKey::get_expanded_aux_data( aux_data, diff --git a/src/hss/reference_impl_private_key.rs b/src/hss/reference_impl_private_key.rs index e42c75f..1908896 100644 --- a/src/hss/reference_impl_private_key.rs +++ b/src/hss/reference_impl_private_key.rs @@ -205,9 +205,7 @@ impl ReferenceImplPrivateKey { hash_preimage[TOPSEED_WHICH] = 0x02; hasher.update(&hash_preimage); - // The root LmsTreeIdentifier needs to be the same for all signing entities for signing and verification - // TODO/Rework: maybe provide the LmsTreeIdentifier as an Option-argument for this function - // instead of replacing it after calling the function + // Root LmsTreeIdentifier needs to be equal for all signing entities for sign & verify let lms_tree_identifier = hasher.finalize_reset()[..ILEN].try_into().unwrap(); SeedAndLmsTreeIdentifier::new(&seed, &lms_tree_identifier) @@ -416,7 +414,7 @@ mod tests { SIGNING_ENTITY_IDX as u8, ); let impl_private_key = ReferenceImplPrivateKey::generate( - ssts_parameter.get_hss_parameters(), + ssts_parameter.hss_parameters(), &seed, Some(ssts_parameter.sst_extension().clone()), ) diff --git a/src/sst/gen_key.rs b/src/sst/gen_key.rs index 4aaabe0..7162baf 100644 --- a/src/sst/gen_key.rs +++ b/src/sst/gen_key.rs @@ -1,6 +1,6 @@ use crate::signature::Error; use crate::{ - constants::{LmsTreeIdentifier, MAX_HASH_SIZE, MAX_SSTS_SIGNING_ENTITIES}, + constants::{LmsTreeIdentifier, Node, MAX_HASH_SIZE, MAX_SSTS_SIGNING_ENTITIES}, hasher::HashChain, hss::{ aux::{hss_finalize_aux_data, hss_is_aux_data_used}, @@ -11,7 +11,7 @@ use crate::{ }, lms::definitions::LmsPrivateKey, lms::helper::get_tree_element, - sst::{helper, helper::get_sst_root_node_idx, parameters::SstsParameter}, + sst::{helper::get_sst_root_node_idx, parameters::SstsParameter}, }; use tinyvec::ArrayVec; @@ -21,38 +21,23 @@ pub fn prepare_sst_keygen( seed: &Seed, aux_data: Option<&mut &mut [u8]>, tree_identifier: &mut LmsTreeIdentifier, -) -> Result<(SigningKey, ArrayVec<[u8; MAX_HASH_SIZE]>), Error> { - // create two representations of private keys because we need their data elements - // -> ReferenceImplPrivateKey and SigningKey - let rfc_private_key = ReferenceImplPrivateKey::generate( - sst_param.get_hss_parameters(), - seed, - Some(sst_param.sst_extension().clone()), - ) - .map_err(|_| Error::new())?; - - // get expanded AUX data - let is_aux_data_used = if let Some(ref aux_data) = aux_data { - hss_is_aux_data_used(aux_data) - } else { - false - }; +) -> Result<(SigningKey, Node), Error> { + let hss_parameters = sst_param.hss_parameters(); + let sst_extension = sst_param.sst_extension(); + + let rfc_private_key = + ReferenceImplPrivateKey::generate(hss_parameters, seed, Some(sst_extension.clone())) + .map_err(|_| Error::new())?; + + let is_aux_data_used = aux_data.as_ref().map_or(false, |d| hss_is_aux_data_used(d)); let mut expanded_aux_data = HssPrivateKey::get_expanded_aux_data( aux_data, &rfc_private_key, - sst_param.get_hss_parameters()[0].get_lms_parameter(), + hss_parameters[0].get_lms_parameter(), is_aux_data_used, ); - // calculate our intermediate node hash value; for this we have to generate a LmsPrivateKey - - // TODO/Review: better option? redundant (used leafs calculation) - let used_leafs_index = helper::get_sst_first_leaf_idx( - sst_param.get_hss_parameters()[0].get_lms_parameter(), - sst_param.sst_extension(), - ); - // Harmonising LMS tree identifier of root tree let mut seed_and_lms_tree_ident = rfc_private_key.generate_root_seed_and_lms_tree_identifier(); if tree_identifier.iter().all(|&byte| byte == 0) { @@ -63,19 +48,20 @@ pub fn prepare_sst_keygen( .clone_from_slice(tree_identifier); } - let our_node_index = get_sst_root_node_idx( - sst_param.get_hss_parameters()[0].get_lms_parameter(), - sst_param.sst_extension(), - ); + let our_node_index = + get_sst_root_node_idx(hss_parameters[0].get_lms_parameter(), sst_extension); let lms_private_key = LmsPrivateKey::::new( seed_and_lms_tree_ident.seed.clone(), seed_and_lms_tree_ident.lms_tree_identifier, - used_leafs_index, // actually not used in "get_tree_element", irrelevant - *sst_param.get_hss_parameters()[0].get_lmots_parameter(), - *sst_param.get_hss_parameters()[0].get_lms_parameter(), - Some(sst_param.sst_extension().clone()), + rfc_private_key + .compressed_used_leafs_indexes + .to(hss_parameters)[0], + *hss_parameters[0].get_lmots_parameter(), + *hss_parameters[0].get_lms_parameter(), + Some(sst_extension.clone()), ); + let our_intermed_node_value = get_tree_element( our_node_index as usize, &lms_private_key, diff --git a/src/sst/parameters.rs b/src/sst/parameters.rs index 02381bb..0f38bfa 100644 --- a/src/sst/parameters.rs +++ b/src/sst/parameters.rs @@ -21,7 +21,7 @@ impl SstsParameter { } } - pub fn get_hss_parameters( + pub fn hss_parameters( &self, ) -> &ArrayVec<[HssParameter; constants::REF_IMPL_MAX_ALLOWED_HSS_LEVELS]> { &self.hss_parameters