def wots_pk_from_sig(self, sig, m, public_seed, adrs: ADRS):
csum = 0
wots_pk_adrs = adrs.copy()
msg = base_w(m, self._w, self._len_1)
for i in range(0, self._len_1):
csum += self._w - 1 - msg[i]
padding = (self._len_2 * math.floor(math.log(self._w, 2))) % 8 if (
self._len_2 * math.floor(math.log(self._w, 2))) % 8 != 0 else 8
csum = csum << (8 - padding)
csumb = csum.to_bytes(math.ceil(
(self._len_2 * math.floor(math.log(self._w, 2))) / 8),
byteorder='big')
csumw = base_w(csumb, self._w, self._len_2)
msg += csumw
tmp = bytes()
for i in range(0, self._len_0):
adrs.set_chain_address(i)
tmp += self.chain(sig[i], msg[i], self._w - 1 - msg[i],
public_seed, adrs.copy())
wots_pk_adrs.set_type(ADRS.WOTS_PK)
wots_pk_adrs.set_key_pair_address(adrs.get_key_pair_address())
pk_sig = hash(public_seed, wots_pk_adrs, tmp, self._n)
return pk_sig
def fors_pk_gen(self, secret_seed, public_seed, adrs: ADRS):
fors_pk_adrs = adrs.copy()
root = bytes()
for i in range(0, self._k):
root += self.fors_treehash(secret_seed, i * self._t, self._a, public_seed, adrs)
fors_pk_adrs.set_type(ADRS.FORS_ROOTS)
fors_pk_adrs.set_key_pair_address(adrs.get_key_pair_address())
pk = hash(public_seed, fors_pk_adrs, root, self._n)
return pk
def wots_pk_gen(self, secret_seed, public_seed, adrs: ADRS):
wots_pk_adrs = adrs.copy()
tmp = bytes()
for i in range(0, self._len_0):
adrs.set_chain_address(i)
adrs.set_hash_address(0)
sk = prf(secret_seed, adrs.copy(), self._n)
tmp += bytes(self.chain(sk, 0, self._w - 1, public_seed, adrs.copy()))
wots_pk_adrs.set_type(ADRS.WOTS_PK)
wots_pk_adrs.set_key_pair_address(adrs.get_key_pair_address())
pk = hash(public_seed, wots_pk_adrs, tmp, self._n)
return pk
def fors_pk_from_sig(self, sig_fors, m, public_seed, adrs: ADRS):
m_int = int.from_bytes(m, 'big')
sigs = self.auths_from_sig_fors(sig_fors)
root = bytes()
for i in range(0, self._k):
idx = (m_int >> (self._k - 1 - i) * self._a) % self._t
sk = sigs[i][0]
adrs.set_tree_height(0)
adrs.set_tree_index(i * self._t + idx)
node_0 = hash(public_seed, adrs.copy(), sk, self._n)
node_1 = 0
auth = sigs[i][1]
adrs.set_tree_index(i * self._t + idx) # Really Useful?
for j in range(0, self._a):
adrs.set_tree_height(j + 1)
if math.floor(idx / 2**j) % 2 == 0:
adrs.set_tree_index(adrs.get_tree_index() // 2)
node_1 = hash(public_seed, adrs.copy(), node_0 + auth[j],
self._n)
else:
adrs.set_tree_index((adrs.get_tree_index() - 1) // 2)
node_1 = hash(public_seed, adrs.copy(), auth[j] + node_0,
self._n)
node_0 = node_1
root += node_0
fors_pk_adrs = adrs.copy()
fors_pk_adrs.set_type(ADRS.FORS_ROOTS)
fors_pk_adrs.set_key_pair_address(adrs.get_key_pair_address())
pk = hash(public_seed, fors_pk_adrs, root, self._n)
return pk
