in xmss_fast.c [296:339]
static void validate_authpath(unsigned char *root, const unsigned char *leaf, unsigned long leafidx, const unsigned char *authpath, const xmss_params *params, const unsigned char *pub_seed, uint32_t addr[8])
{
unsigned int n = params->n;
uint32_t i, j;
unsigned char buffer[2*n];
// If leafidx is odd (last bit = 1), current path element is a right child and authpath has to go to the left.
// Otherwise, it is the other way around
if (leafidx & 1) {
for (j = 0; j < n; j++)
buffer[n+j] = leaf[j];
for (j = 0; j < n; j++)
buffer[j] = authpath[j];
}
else {
for (j = 0; j < n; j++)
buffer[j] = leaf[j];
for (j = 0; j < n; j++)
buffer[n+j] = authpath[j];
}
authpath += n;
for (i=0; i < params->h-1; i++) {
setTreeHeight(addr, i);
leafidx >>= 1;
setTreeIndex(addr, leafidx);
if (leafidx&1) {
hash_h(buffer+n, buffer, pub_seed, addr, n);
for (j = 0; j < n; j++)
buffer[j] = authpath[j];
}
else {
hash_h(buffer, buffer, pub_seed, addr, n);
for (j = 0; j < n; j++)
buffer[j+n] = authpath[j];
}
authpath += n;
}
setTreeHeight(addr, (params->h-1));
leafidx >>= 1;
setTreeIndex(addr, leafidx);
hash_h(root, buffer, pub_seed, addr, n);
}