Package org.bouncycastle.pqc.crypto.sphincs

Class SPHINCS256Signer

java.lang.Object

org.bouncycastle.pqc.crypto.sphincs.SPHINCS256Signer

All Implemented Interfaces:

MessageSigner

public class SPHINCS256Signer
extends Object
implements MessageSigner

SPHINCS-256 signer.

This implementation is heavily based on the reference implementation in SUPERCOP, the main difference being the digests used for message hashing and tree construction are now configurable (within limits...) and that the implementation produces detached signatures.

The SPHINCS reference implementation is public domain, as per the statement in the second last paragraph of section 1 in https://eprint.iacr.org/2014/795.pdf

Constructor Summary

Constructors

Constructor	Description
SPHINCS256Signer(Digest nDigest, Digest twoNDigest)	Base constructor.

Method Summary

Modifier and Type	Method	Description
byte[]	generateSignature(byte[] message)	sign the passed in message (usually the output of a hash function).
void	init(boolean forSigning, CipherParameters param)	initialise the signer for signature generation or signature verification.
boolean	verifySignature(byte[] message, byte[] signature)	verify the message message against the signature value.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SPHINCS256Signer

public SPHINCS256Signer(Digest nDigest,
 Digest twoNDigest)

Base constructor.

Parameters:

nDigest - the "n-digest" must produce 32 bytes of output - used for tree construction.

twoNDigest - the "2n-digest" must produce 64 bytes of output - used for initial message/key/seed hashing.

Method Details

init

public void init(boolean forSigning,
 CipherParameters param)

Description copied from interface: MessageSigner

initialise the signer for signature generation or signature verification.

Specified by:

init in interface MessageSigner

Parameters:

forSigning - true if we are generating a signature, false otherwise.

param - key parameters for signature generation.

generateSignature

public byte[] generateSignature(byte[] message)

Description copied from interface: MessageSigner

sign the passed in message (usually the output of a hash function).

Specified by:

generateSignature in interface MessageSigner

Parameters:

message - the message to be signed.

Returns:

the signature of the message

verifySignature

public boolean verifySignature(byte[] message,
 byte[] signature)

Description copied from interface: MessageSigner

verify the message message against the signature value.

Specified by:

verifySignature in interface MessageSigner

Parameters:

message - the message that was supposed to have been signed.

signature - the signature of the message