fors_authpath_basic.py

# @file fors_authpath_basic.py
# @version 1.1.0 (2025-12-31T07:59Z)
# @author David Ireland <https://di-mgt.com.au/contact>
# @copyright 2023-26 DI Management Services Pty Ltd
# @license Apache-2.0

"""Compute the first authpath values for index 50 in first tree"""

from slh_sha256 import PRF, SHA256, F, H

# sk = PRF(PK.seed, SK.seed, ADRS)  # ADRS type 6
#    = SHA-256(BlockPad(PK.seed) || ADRS_c || SK.seed)
# pk = F(PK.seed, ADRS, sk)  # ADRS type 3
#    = SHA-256(BlockPad(PK.seed) || ADRS || sk)

SKseed = 'D5213BA4BB6470F1B9EDA88CBC94E627'
PKseed = 'FA495FB834DEFEA7CC96A81309479135'

# Compute sk[i], pk[i] for i = 48 to 51

# ADRS to compute sk is type 6 (FORS_PRF)
# layer 0, tree height 0, leaf index 0, tree index = 48-51
adrs_c = '007cdcef4b8fdb03b006000000000000000000000030'  # 48=0x30
sk = PRF(PKseed, SKseed, adrs_c)
print(f"sk[48]={sk}")
# ADRS to compute pk is type 3 (FORS_TREE)
adrs_c = '007cdcef4b8fdb03b003000000000000000000000030'
pk_48 = F(PKseed, adrs_c, sk)
print(f"pk[48]={pk_48}")

adrs_c = '007cdcef4b8fdb03b006000000000000000000000031'  # 49=0x31
sk = PRF(PKseed, SKseed, adrs_c)
print(f"sk[49]={sk}")
adrs_c= '007cdcef4b8fdb03b003000000000000000000000031'
pk_49 = F(PKseed, adrs_c, sk)
print(f"pk[49]={pk_49}")

adrs_c = '007cdcef4b8fdb03b006000000000000000000000032'  # 50=0x32
sk = PRF(PKseed, SKseed, adrs_c)
print(f"sk[50]={sk}")
adrs_c= '007cdcef4b8fdb03b003000000000000000000000032'
pk_50 = F(PKseed, adrs_c, sk)
print(f"pk[50]={pk_50}")

adrs_c = '007cdcef4b8fdb03b006000000000000000000000033'  # 51=0x33
sk = PRF(PKseed, SKseed, adrs_c)
print(f"sk[51]={sk}")
adrs_c = '007cdcef4b8fdb03b003000000000000000000000033'
pk_51 = F(PKseed, adrs_c, sk)
print(f"pk[51]={pk_51}")

# Compute values required for authpath
# node = H(left||right)
# ADRS type 3 (FORS_TREE) tree height=1, tree index=24=0x18
adrs_c = "007cdcef4b8fdb03b003000000000000000100000018"  # 24
node_24 = H(PKseed, adrs_c, pk_48, pk_49)
print(f"node[24]={node_24}")

adrs_c = "007cdcef4b8fdb03b003000000000000000100000019"  # 25
node_25 = H(PKseed, adrs_c, pk_50, pk_51)
print(f"node[25]={node_25}")

# tree height=2 tree index=12
adrs_c = "007cdcef4b8fdb03b00300000000000000020000000c"  # 12
node_12 = H(PKseed, adrs_c, node_24, node_25)
print(f"node[12]={node_12}")

'''
EXPECTED OUTPUT:
sk[48]=06d6bddd89f5d5815063ca395e9b963d
pk[48]=631195810d16cd1cf504d77e747317c7
sk[49]=ac6e9f1dc2226ed1cb2f86e3872f3fe0
pk[49]=392e83145264282b3f728af62cd8fad8
sk[50]=925bb207d49e62bcb9b1c4685154a8b3
pk[50]=81a7b89d408f2f91d81e9303d77b49c6
sk[51]=c7005085cda77e80444a44480c67d454
pk[51]=2e58b70c7aed0e28507f31b49ec7ed6e
node[24]=d6dcb8db2da90fe938994d75c80e6712
node[25]=2364eb5855b474c27760b3933e0f911f
node[12]=086fe170a5e4a56e952077e676cd4484
'''