winternitz package

Submodules

winternitz.signatures module

class winternitz.signatures.AbstractOTS[source]

Bases: object

OTS base class

Every class implementing OTS schemes in this package should implement the functions defined in this base class

getPubkeyFromSignature(signature: List[bytes]) → bool[source]

Get pubkey derived from signature

Using this function you can get the public key from the signature. In contrast to verify(…), this function does not match the public key against the public key stored in the executing object. Getting the public key without comparing it can be useful if it is verified with another method, e.g. by deriving a XMSS root node (public key) and comparing it against a published XMSS public key.

Parameters:
  • message – Encoded message that was signed with signature
  • signature – Signature for message
Returns:

WOTS public key derived from signature
sign() → dict[source]

Sign a message

This function will create a valid signature for a message on success

Parameters:message – Encoded message to sign
Returns:A dictionary containing all the information required to verify the message. Minimal structure:
{
    "w":            winternitz parameter (Type: int),
    "algorithm":    OTS algorithm used (Type: string),
    "hashalgo":     hash algorithm (Type: str),
    "digestsize":   hash byte count (Type: int),
    "pubkey":       public key (Type: List[bytes]),
    "signature":    signature (Type: List[bytes])
}
verify(signature: List[bytes]) → bool[source]

Verify a message

Verify whether a signature is valid for a message

Parameters:
  • message – Encoded message to verify
  • signature – Signature that will be used to verify the message
Returns:

Whether the verification succeded
class winternitz.signatures.WOTS(w: int = 16, hashfunction: Callable = <function openssl_sha512>, digestsize: int = 512, privkey: Optional[List[bytes]] = None, pubkey: Optional[List[bytes]] = None)[source]

Bases: winternitz.signatures.AbstractOTS

Winternitz One-Time-Signature

Fully configurable class in regards to Winternitz paramter, hash function, private key and public key

__init__(w: int = 16, hashfunction: Callable = <function openssl_sha512>, digestsize: int = 512, privkey: Optional[List[bytes]] = None, pubkey: Optional[List[bytes]] = None) → None[source]

Initialize WOTS object

Define the parameters required to sign and verify a message

Parameters:
  • w – The Winternitz parameter. A higher value reduces the space complexity, but increases the time complexity. It must be greater than 1 but less or equal than \(2^{digestsize}\). To get the best space to time complexity ratio, choose a value that is a power of two.
  • hashfunction – The hashfunction which will be used to derive signatures and public keys. Specify a function which takes bytes as an argument and returns bytes that represent the hash.
  • digestsize – The number of bits that will be emitted by the specified hash function.
  • privkey – The private key to be used for signing operations. Leave None if it should be generated. In this case it will be generated when it is required.
  • pubkey – The public key to be used for verifying signatures. Do not specify it if a private key was specified or if it should be derived. It will be derived when it is required.
__repr__() → str[source]

Get representation of the object

This function returns a string which is a line of code which can be executed, if you have imported this module using the command “import winternitz.signatures”. This code can either be manually executed or evaluated and executed with the command eval(code).

Returns:A line of code which represents this object
_chain(value: bytes, startidx: int, endidx: int) → bytes[source]

Chaining function

Core function. It derives hash values which could either represent a part of a signature or a part of the public key.

Parameters:
  • value – Current hash
  • startidx – Current position of value in the hash chain
  • endidx – Desired position in the hash chain
Returns:

Returns the hash at the position endidx in the hash chain
_checksum(values: List[int]) → int[source]

Create checksum for a signature

This helper function is used during the generation and verification of a signature. It calculates a checksum, which is appenede to the signatures. It prevents man-in-the-middle attacks.

Parameters:values – List containing the signatures for each bit group
Returns:Checksum
_getSignatureBaseMessage(msghash: bytes) → List[bytes][source]

Get byte-sequences to sign

This functions creates a list of byte-sequences, which will be converted to a signature or public key by the chaining function.

Parameters:msghash – Fingerprint of the message which will be signed
Returns:Blocks of the message hash which each will be signed
_numberToBase(num: int, base: int) → List[int][source]

Base conversion

Using this function one can convert any number to another base

Parameters:
  • num – Number to convert
  • base – base to convert num in
Returns:

List containing each digit in base base representation. The digits are stored as decimal numbers.
digestsize

Digest size getter

Get the digest size of the hash function

Returns:Digest size of the hash function
getPubkeyFromSignature(message: bytes, signature: List[bytes]) → List[bytes][source]

Get pubkey derived from signature

Using this function you can get the public key from the signature. In contrast to verify(…), this function does not match the public key against the public key stored in the executing object. Getting the public key without comparing it can be useful if it is verified with another method, e.g. by deriving a XMSS root node (public key) and comparing it against a published XMSS public key.

Parameters:
  • message – Encoded message that was signed with signature
  • signature – Signature for message
Returns:

WOTS public key derived from signature
hashfunction

Hash function getter

Get a reference to the current hash function

Returns:Reference to hash function
privkey

Private key getter

Get a copy of the private key

Returns:Copy of the private key
pubkey

Public key getter

Get a copy of the public key

Returns:Copy of the public key
sign(message: bytes) → dict[source]

Sign a message

This function will create a valid signature for a message on success

Parameters:message – Encoded message to sign
Returns:A dictionary containing all the information required to verify the message. Minimal structure:
{
    "w":            winternitz parameter (Type: int),
    "algorithm":    OTS algorithm used (Type: string),
    "hashalgo":     hash algorithm (Type: str),
    "digestsize":   hash byte count (Type: int),
    "pubkey":       public key (Type: List[bytes]),
    "signature":    signature (Type: List[bytes])
}
verify(message: bytes, signature: List[bytes]) → bool[source]

Verify a message

Verify whether a signature is valid for a message

Parameters:
  • message – Encoded message to verify
  • signature – Signature that will be used to verify the message
Returns:

Whether the verification succeded
w

Winternitz parameter getter

Get the Winternitz parameter

Returns:Winternitz parameter
class winternitz.signatures.WOTSPLUS(w: int = 16, hashfunction: Callable = <function openssl_sha256>, prf: Callable = <function hmac_openssl_sha256>, digestsize: int = 256, seed: Optional[bytes] = None, privkey: Optional[List[bytes]] = None, pubkey: Optional[List[bytes]] = None)[source]

Bases: winternitz.signatures.WOTS

Winternitz One-Time-Signature Plus

Fully configurable class in regards to Winternitz paramter, hash function, pseudo random function, seed, private key and public key

__init__(w: int = 16, hashfunction: Callable = <function openssl_sha256>, prf: Callable = <function hmac_openssl_sha256>, digestsize: int = 256, seed: Optional[bytes] = None, privkey: Optional[List[bytes]] = None, pubkey: Optional[List[bytes]] = None)[source]

Initialize WOTS object

Define under which circumstances a message should be signed or verified

Parameters:
  • w – The Winternitz parameter. A higher value reduces the space complexity, but increases the time complexity. It must be greater than 1 but less than :math: 2^{digestsize}. To get the best space to time complexity ratio, choose a value that is a power of two.
  • hashfunction – The hashfunction which will be used to derive signatures and public keys. Specify a function which takes bytes as an argument and returns bytes that represent the hash.
  • digestsize – The number of bits that will be emitted by the specified hash function.
  • privkey – The private key to be used for signing operations. Leave None if it should be generated. In this case it will be generated when it is required.
  • pubkey – The public key to be used for verifying signatures. Do not specify it if a private key was specified or if it should be derived. It will be derived when it is required.
  • seed – Seed which is used in the pseudo random function to generate bitmasks.
  • prf – Pseudo random function which is used to generate the bitmasks.
__repr__() → str[source]

Get representation of the object

This function returns a string which is a line of code which can be executed, if you have imported this module using the command “import winternitz.signatures”. This code can either be manually executed or evaluated and executed with the command eval(code).

Returns:A line of code which represents this object
_chain(value: bytes, startidx: int, endidx: int) → bytes[source]

Chaining function

Core function. It derives hash values which could either represent a part of a signature or a part of the public key.

Parameters:
  • value – Current hash
  • startidx – Current position of value in the hash chain
  • endidx – Desired position in the hash chain
Returns:

Returns the hash at the position endidx in the hash chain
prf

Pseudo random function getter

Get the pseudo random function. It is used to generate the bitmasks.

Returns:Reference to the pseudo random function
seed

Seed getter

Get the seed which is used in the pseudo random function to generate the bitmasks.

Returns:Seed for pseudo random function
sign(message: bytes) → dict[source]

Sign a message

This function will create a valid signature for a message on success

Parameters:message – Encoded message to sign
Returns:A dictionary containing all the information required to verify the message. Structure:
{
    "w":            winternitz parameter (Type: int),
    "algorithm":    "WOTS+" (Type: string),
    "hashalgo":     hash algorithm (Type: str),
    "digestsize":   hash byte count (Type: int),
    "pubkey":       public key (Type: List[bytes]),
    "prf":          pseudo random function (Type: str),
    "seed":         Seed used in prf (Type: bytes),
    "signature":    signature (Type: List[bytes])
}
verify(message: bytes, signature: List[bytes]) → bool[source]

Verify a message

Verify whether a signature is valid for a message

Parameters:
  • message – Encoded message to verify
  • signature – Signature that will be used to verify the message
Returns:

Whether the verification succeded
winternitz.signatures.hmac_openssl_sha256(message: bytes, key: bytes) → bytes[source]

Peudo random function for key and bitmask generation

This functions wraps a pseudo random function in a way that it takes a byte-sequence as an argument and returns a value which can be used for further generation of keys.

Parameters:
  • message – Byte-sequence to be hashed
  • key – key to be used
Returns:

HMAC-sha256 hash
winternitz.signatures.openssl_sha256(message: bytes) → bytes[source]

Hash function for signature and public key generation

This functions wraps a hashfunction in a way that it takes a byte-sequence as an argument and returns the hash of that byte-sequence

Parameters:message – Byte-sequence to be hashed
Returns:Sha256 hash
winternitz.signatures.openssl_sha512(message: bytes) → bytes[source]

Hash function for signature and public key generation

This functions wraps a hashfunction in a way that it takes a byte-sequence as an argument and returns the hash of that byte-sequence

Parameters:message – Byte-sequence to be hashed
Returns:Sha512 hash

Module contents