winternitz package¶
Submodules¶
winternitz.signatures module¶
-
class
winternitz.signatures.
AbstractOTS
[source]¶ Bases:
object
OTS base class
Every class implementing OTS schemes in this package should implement the functions defined in this base class
-
sign
() → dict[source]¶ Sign a message
This function will create a valid signature for a message on success
Parameters: message – Encoded message to sign Returns: A dictionary containing the fingerprint of the message, which was created using the hash function that was specified during initialization of this object, the signature and a public key to verify the signature. Structure: { "w": winternitz parameter (Type: int), "fingerprint": message hash (Type: bytes), "hashalgo": hash algorithm (Type: str), "digestsize": hash byte count (Type: int), "pubkey": public key (Type: List[bytes]), "signature": signature (Type: List[bytes]) }
-
-
class
winternitz.signatures.
WOTS
(w: int = 16, hashfunction: Callable = <function openssl_sha512>, digestsize: int = 512, privkey: Optional[List[bytes]] = None, pubkey: Optional[List[bytes]] = None)[source]¶ Bases:
winternitz.signatures.AbstractOTS
Winternitz One-Time-Signature
Fully configurable class in regards to Winternitz paramter, hash function, private key and public key
-
__init__
(w: int = 16, hashfunction: Callable = <function openssl_sha512>, digestsize: int = 512, privkey: Optional[List[bytes]] = None, pubkey: Optional[List[bytes]] = None) → None[source]¶ Initialize WOTS object
Define the parameters required to sign and verify a message
Parameters: - w – The Winternitz parameter. A higher value reduces the space complexity, but increases the time complexity. It must be greater than 1 but less or equal than \(2^{digestsize}\). To get the best space to time complexity ratio, choose a value that is a power of two.
- hashfunction – The hashfunction which will be used to derive signatures and public keys. Specify a function which takes bytes as an argument and returns bytes that represent the hash.
- digestsize – The number of bits that will be emitted by the specified hash function.
- privkey – The private key to be used for signing operations. Leave None if it should be generated. In this case it will be generated when it is required.
- pubkey – The public key to be used for verifying signatures. Do not specify it if a private key was specified or if it should be derived. It will be derived when it is required.
-
digestsize
¶ Digest size getter
Get the digest size of the hash function
Returns: Digest size of the hash function
-
hashfunction
¶ Hash function getter
Get a reference to the current hash function
Returns: Reference to hash function
-
privkey
¶ Private key getter
Get a copy of the private key
Returns: Copy of the private key
-
pubkey
¶ Public key getter
Get a copy of the public key
Returns: Copy of the public key
-
sign
(message: bytes) → dict[source]¶ Sign a message
This function will create a valid signature for a message on success
Parameters: message – Encoded message to sign Returns: A dictionary containing the fingerprint of the message, which was created using the hash function that was specified during initialization of this object, the signature and a public key to verify the signature. Structure: { "w": winternitz parameter (Type: int), "fingerprint": message hash (Type: bytes), "hashalgo": hash algorithm (Type: str), "digestsize": hash byte count (Type: int), "pubkey": public key (Type: List[bytes]), "signature": signature (Type: List[bytes]) }
-
slots
= ['__weakref__', '__w', '__hashfunction', '__digestsize', '__privkey', '__pubkey', '__msg_key_count', '__cs_key_count', '__key_count']¶
-
verify
(message: bytes, signature: List[bytes]) → bool[source]¶ Verify a message
Verify whether a signature is valid for a message
Parameters: - message – Encoded message to verify
- signature – Signature that will be used to verify the message
Returns: Whether the verification succeded
-
w
¶ Winternitz parameter getter
Get the Winternitz parameter
Returns: Winternitz parameter
-
-
class
winternitz.signatures.
WOTSPLUS
(w: int = 16, hashfunction: Callable = <function openssl_sha256>, prf: Callable = <function hmac_openssl_sha256>, digestsize: int = 256, seed: Optional[bytes] = None, privkey: Optional[List[bytes]] = None, pubkey: Optional[List[bytes]] = None)[source]¶ Bases:
winternitz.signatures.WOTS
Winternitz One-Time-Signature Plus
Fully configurable class in regards to Winternitz paramter, hash function, pseudo random function, seed, private key and public key
-
__init__
(w: int = 16, hashfunction: Callable = <function openssl_sha256>, prf: Callable = <function hmac_openssl_sha256>, digestsize: int = 256, seed: Optional[bytes] = None, privkey: Optional[List[bytes]] = None, pubkey: Optional[List[bytes]] = None)[source]¶ Initialize WOTS object
Define under which circumstances a message should be signed or verified
Parameters: - w – The Winternitz parameter. A higher value reduces the space complexity, but increases the time complexity. It must be greater than 1 but less than :math: 2^{digestsize}. To get the best space to time complexity ratio, choose a value that is a power of two.
- hashfunction – The hashfunction which will be used to derive signatures and public keys. Specify a function which takes bytes as an argument and returns bytes that represent the hash.
- digestsize – The number of bits that will be emitted by the specified hash function.
- privkey – The private key to be used for signing operations. Leave None if it should be generated. In this case it will be generated when it is required.
- pubkey – The public key to be used for verifying signatures. Do not specify it if a private key was specified or if it should be derived. It will be derived when it is required.
- seed – Seed which is used in the pseudo random function to generate bitmasks.
- prf – Pseudo random function which is used to generate the bitmasks.
-
prf
¶ Pseudo random function getter
Get the pseudo random function. It is used to generate the bitmasks.
Returns: Reference to the pseudo random function
-
seed
¶ Seed getter
Get the seed which is used in the pseudo random function to generate the bitmasks.
Returns: Seed for pseudo random function
-
sign
(message: bytes) → dict[source]¶ Sign a message
This function will create a valid signature for a message on success
Parameters: message – Encoded message to sign Returns: A dictionary containing the fingerprint of the message, which was created using the hash function that was specified during initialization of this object, the signature and a public key to verify the signature. Structure: { "w": winternitz parameter (Type: int), "fingerprint": message hash (Type: bytes), "hashalgo": hash algorithm (Type: str), "digestsize": hash byte count (Type: int), "pubkey": public key (Type: List[bytes]), "prf": pseudo random function (Type: str), "seed": Seed used in prf (Type: bytes), "signature": signature (Type: List[bytes]) }
-
slots
= ['__weakref__', '__seed', '__prf']¶
-
-
winternitz.signatures.
hmac_openssl_sha256
(message: bytes, key: bytes) → bytes[source]¶ Peudo random function for key and bitmask generation
This functions wraps a pseudo random function in a way that it takes a byte-sequence as an argument and returns a value which can be used for further generation of keys.
Parameters: - message – Byte-sequence to be hashed
- key – key to be used
Returns: HMAC-sha256 hash
-
winternitz.signatures.
openssl_sha256
(message: bytes) → bytes[source]¶ Hash function for signature and public key generation
This functions wraps a hashfunction in a way that it takes a byte-sequence as an argument and returns the hash of that byte-sequence
Parameters: message – Byte-sequence to be hashed Returns: Sha256 hash
-
winternitz.signatures.
openssl_sha512
(message: bytes) → bytes[source]¶ Hash function for signature and public key generation
This functions wraps a hashfunction in a way that it takes a byte-sequence as an argument and returns the hash of that byte-sequence
Parameters: message – Byte-sequence to be hashed Returns: Sha512 hash