Botan 3.4.0
Crypto and TLS for C&
Public Member Functions | Static Public Attributes | List of all members
Botan::DilithiumModeConstants Class Reference

#include <dilithium_symmetric_primitives.h>

Public Member Functions

size_t beta () const
 
secure_vector< uint8_t > CRH (const std::span< const uint8_t > in) const
 
size_t crypto_bytes () const
 
 DilithiumModeConstants (const DilithiumModeConstants &other)
 
 DilithiumModeConstants (DilithiumMode dimension)
 
 DilithiumModeConstants (DilithiumModeConstants &&other)=default
 
DilithiumEta eta () const
 
secure_vector< uint8_t > ExpandMask (const secure_vector< uint8_t > &seed, uint16_t nonce) const
 
size_t gamma1 () const
 
size_t gamma2 () const
 
decltype(auto) H (std::span< const uint8_t > seed, size_t out_len) const
 
uint8_t k () const
 
uint8_t l () const
 
DilithiumMode mode () const
 
size_t nist_security_strength () const
 
OID oid () const
 
size_t omega () const
 
DilithiumModeConstantsoperator= (const DilithiumModeConstants &other)=delete
 
DilithiumModeConstantsoperator= (DilithiumModeConstants &&other)=default
 
size_t poly_uniform_eta_nblocks () const
 
size_t poly_uniform_gamma1_nblocks () const
 
size_t poly_uniform_nblocks () const
 
size_t polyeta_packedbytes () const
 
size_t polyw1_packedbytes () const
 
size_t polyz_packedbytes () const
 
size_t private_key_bytes () const
 
size_t public_key_bytes () const
 
size_t stream128_blockbytes () const
 
size_t stream256_blockbytes () const
 
size_t tau () const
 
std::unique_ptr< Botan::XOFXOF_128 (std::span< const uint8_t > seed, uint16_t nonce) const
 
std::unique_ptr< Botan::XOFXOF_256 (std::span< const uint8_t > seed, uint16_t nonce) const
 

Static Public Attributes

static constexpr int32_t AES256CTR_BLOCKBYTES = 64
 
static constexpr int32_t CRHBYTES = 64
 
static constexpr int32_t D = 13
 
static constexpr int32_t kSerializedPolynomialByteLength = DilithiumModeConstants::N / 2 * 3
 
static constexpr int32_t N = 256
 
static constexpr int32_t POLYT0_PACKEDBYTES = 416
 
static constexpr int32_t POLYT1_PACKEDBYTES = 320
 
static constexpr int32_t Q = 8380417
 
static constexpr int32_t QINV = 58728449
 
static constexpr int32_t ROOT_OF_UNITY = 1753
 
static constexpr int32_t SEEDBYTES = 32
 
static constexpr int32_t SHA3_256_RATE = 136
 
static constexpr int32_t SHA3_512_RATE = 72
 
static constexpr int32_t SHAKE128_RATE = 168
 
static constexpr int32_t SHAKE256_RATE = 136
 
static constexpr int32_t ZETAS [DilithiumModeConstants::N]
 

Detailed Description

Definition at line 59 of file dilithium_symmetric_primitives.h.

Constructor & Destructor Documentation

◆ DilithiumModeConstants() [1/3]

Botan::DilithiumModeConstants::DilithiumModeConstants ( DilithiumMode dimension)

Definition at line 38 of file dilithium_symmetric_primitives.cpp.

38 :
39 m_mode(mode), m_symmetric_primitives(Dilithium_Symmetric_Primitives::create(mode)) {
40 if(mode.is_modern()) {
41 m_stream128_blockbytes = DilithiumModeConstants::SHAKE128_RATE;
42 m_stream256_blockbytes = DilithiumModeConstants::SHAKE256_RATE;
43 } else {
44 m_stream128_blockbytes = AES256CTR_BLOCKBYTES;
45 m_stream256_blockbytes = AES256CTR_BLOCKBYTES;
46 }
47
48 switch(m_mode.mode()) {
49 case Botan::DilithiumMode::Dilithium4x4:
50 case Botan::DilithiumMode::Dilithium4x4_AES:
51 m_k = 4;
52 m_l = 4;
53 m_eta = DilithiumEta::Eta2;
54 m_tau = 39;
55 m_beta = 78;
56 m_gamma1 = (1 << 17);
57 m_gamma2 = ((DilithiumModeConstants::Q - 1) / 88);
58 m_omega = 80;
59 m_nist_security_strength = 128;
60 m_polyz_packedbytes = 576;
61 m_polyw1_packedbytes = 192;
62 m_polyeta_packedbytes = 96;
63 m_poly_uniform_eta_nblocks = ((136 + m_stream128_blockbytes - 1) / m_stream128_blockbytes);
64 break;
65 case Botan::DilithiumMode::Dilithium6x5:
66 case Botan::DilithiumMode::Dilithium6x5_AES:
67 m_k = 6;
68 m_l = 5;
69 m_eta = DilithiumEta::Eta4;
70 m_tau = 49;
71 m_beta = 196;
72 m_gamma1 = (1 << 19);
73 m_gamma2 = ((DilithiumModeConstants::Q - 1) / 32);
74 m_omega = 55;
75 m_nist_security_strength = 192;
76 m_polyz_packedbytes = 640;
77 m_polyw1_packedbytes = 128;
78 m_polyeta_packedbytes = 128;
79 m_poly_uniform_eta_nblocks = ((227 + m_stream128_blockbytes - 1) / m_stream128_blockbytes);
80 break;
81 case Botan::DilithiumMode::Dilithium8x7:
82 case Botan::DilithiumMode::Dilithium8x7_AES:
83 m_k = 8;
84 m_l = 7;
85 m_eta = DilithiumEta::Eta2;
86 m_tau = 60;
87 m_beta = 120;
88 m_gamma1 = (1 << 19);
89 m_gamma2 = ((DilithiumModeConstants::Q - 1) / 32);
90 m_omega = 75;
91 m_nist_security_strength = 256;
92 m_polyz_packedbytes = 640;
93 m_polyw1_packedbytes = 128;
94 m_polyeta_packedbytes = 96;
95 m_poly_uniform_eta_nblocks = ((136 + m_stream128_blockbytes - 1) / m_stream128_blockbytes);
96 break;
97 }
98
99 if(m_gamma1 == (1 << 17)) {
100 m_poly_uniform_gamma1_nblocks = (576 + m_stream256_blockbytes - 1) / m_stream256_blockbytes;
101 } else {
102 BOTAN_ASSERT_NOMSG(m_gamma1 == (1 << 19));
103 m_poly_uniform_gamma1_nblocks = (640 + m_stream256_blockbytes - 1) / m_stream256_blockbytes;
104 }
105
106 // For all modes the same calculation
107 m_polyvech_packedbytes = m_omega + m_k;
108 m_poly_uniform_nblocks = ((768 + m_stream128_blockbytes - 1) / m_stream128_blockbytes);
109 m_public_key_bytes = DilithiumModeConstants::SEEDBYTES + m_k * DilithiumModeConstants::POLYT1_PACKEDBYTES;
110 m_crypto_bytes = DilithiumModeConstants::SEEDBYTES + m_l * m_polyz_packedbytes + m_polyvech_packedbytes;
111 m_private_key_bytes = (3 * DilithiumModeConstants::SEEDBYTES + m_l * m_polyeta_packedbytes +
112 m_k * m_polyeta_packedbytes + m_k * DilithiumModeConstants::POLYT0_PACKEDBYTES);
113}
BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59
Botan::DilithiumMode::mode
Mode mode() const
Definition dilithium.h:40
Botan::DilithiumMode::is_modern
bool is_modern() const
Definition dilithium.h:38
Botan::Dilithium_Symmetric_Primitives::create
static std::unique_ptr< Dilithium_Symmetric_Primitives > create(DilithiumMode mode)
Definition dilithium_symmetric_primitives.cpp:22

References AES256CTR_BLOCKBYTES, BOTAN_ASSERT_NOMSG, Botan::DilithiumMode::Dilithium4x4, Botan::DilithiumMode::Dilithium4x4_AES, Botan::DilithiumMode::Dilithium6x5, Botan::DilithiumMode::Dilithium6x5_AES, Botan::DilithiumMode::Dilithium8x7, Botan::DilithiumMode::Dilithium8x7_AES, Botan::Eta2, Botan::Eta4, Botan::DilithiumMode::is_modern(), Botan::DilithiumMode::mode(), mode(), POLYT0_PACKEDBYTES, POLYT1_PACKEDBYTES, Q, SEEDBYTES, SHAKE128_RATE, and SHAKE256_RATE.

◆ DilithiumModeConstants() [2/3]

Botan::DilithiumModeConstants::DilithiumModeConstants ( const DilithiumModeConstants & other)
inline

Definition at line 104 of file dilithium_symmetric_primitives.h.

104: DilithiumModeConstants(other.m_mode) {}

◆ DilithiumModeConstants() [3/3]

Botan::DilithiumModeConstants::DilithiumModeConstants ( DilithiumModeConstants && other)
default

Member Function Documentation

◆ beta()

size_t Botan::DilithiumModeConstants::beta ( ) const
inline

Definition at line 135 of file dilithium_symmetric_primitives.h.

135{ return m_beta; }

◆ CRH()

secure_vector< uint8_t > Botan::DilithiumModeConstants::CRH ( const std::span< const uint8_t > in) const
inline

Definition at line 160 of file dilithium_symmetric_primitives.h.

160 {
161 return m_symmetric_primitives->CRH(in, DilithiumModeConstants::CRHBYTES);
162 }

References CRHBYTES.

◆ crypto_bytes()

size_t Botan::DilithiumModeConstants::crypto_bytes ( ) const
inline

Definition at line 145 of file dilithium_symmetric_primitives.h.

145{ return m_crypto_bytes; }

Referenced by Botan::Dilithium::PolynomialVector::unpack_sig().

◆ eta()

DilithiumEta Botan::DilithiumModeConstants::eta ( ) const
inline

Definition at line 115 of file dilithium_symmetric_primitives.h.

115{ return m_eta; }

Referenced by Botan::Dilithium::Polynomial::polyeta_pack(), Botan::Dilithium::Polynomial::polyeta_unpack(), and Botan::Dilithium::Polynomial::rej_eta().

◆ ExpandMask()

secure_vector< uint8_t > Botan::DilithiumModeConstants::ExpandMask ( const secure_vector< uint8_t > & seed,
uint16_t nonce ) const
inline

Definition at line 172 of file dilithium_symmetric_primitives.h.

172 {
173 return this->m_symmetric_primitives->ExpandMask(
174 seed, nonce, poly_uniform_gamma1_nblocks() * stream256_blockbytes());
175 }

References poly_uniform_gamma1_nblocks(), and stream256_blockbytes().

Referenced by Botan::Dilithium::Polynomial::poly_uniform_gamma1().

◆ gamma1()

size_t Botan::DilithiumModeConstants::gamma1 ( ) const
inline

Definition at line 133 of file dilithium_symmetric_primitives.h.

133{ return m_gamma1; }

Referenced by Botan::Dilithium::Polynomial::polyz_pack(), and Botan::Dilithium::Polynomial::polyz_unpack().

◆ gamma2()

size_t Botan::DilithiumModeConstants::gamma2 ( ) const
inline

Definition at line 131 of file dilithium_symmetric_primitives.h.

131{ return m_gamma2; }

Referenced by Botan::Dilithium::Polynomial::decompose(), Botan::Dilithium::Polynomial::make_hint(), Botan::Dilithium::Polynomial::polyw1_pack(), and Botan::Dilithium::Polynomial::use_hint().

◆ H()

decltype(auto) Botan::DilithiumModeConstants::H ( std::span< const uint8_t > seed,
size_t out_len ) const
inline

Definition at line 156 of file dilithium_symmetric_primitives.h.

156 {
157 return m_symmetric_primitives->H(seed, out_len);
158 }

Referenced by Botan::Dilithium_PrivateKey::Dilithium_PrivateKey().

◆ k()

uint8_t Botan::DilithiumModeConstants::k ( ) const
inline

Definition at line 111 of file dilithium_symmetric_primitives.h.

111{ return m_k; }

Referenced by Botan::Dilithium_PrivateKey::Dilithium_PrivateKey(), Botan::Dilithium::PolynomialMatrix::generate_matrix(), Botan::Dilithium::PolynomialVector::generate_polyvec_matrix_pointwise_montgomery(), Botan::Dilithium::PolynomialVector::polyvec_decompose(), Botan::Dilithium::PolynomialVector::unpack_sig(), Botan::Dilithium::PolynomialVector::unpack_t0(), and Botan::Dilithium::PolynomialVector::unpack_t1().

◆ l()

uint8_t Botan::DilithiumModeConstants::l ( ) const
inline

Definition at line 113 of file dilithium_symmetric_primitives.h.

113{ return m_l; }

Referenced by Botan::Dilithium_PrivateKey::Dilithium_PrivateKey(), Botan::Dilithium::PolynomialMatrix::generate_matrix(), Botan::Dilithium::PolynomialVector::polyvec_unpack_z(), Botan::Dilithium::PolynomialVector::polyvecl_uniform_gamma1(), and Botan::Dilithium::PolynomialVector::unpack_sig().

◆ mode()

DilithiumMode Botan::DilithiumModeConstants::mode ( ) const
inline

Definition at line 149 of file dilithium_symmetric_primitives.h.

149{ return m_mode; }

Referenced by DilithiumModeConstants().

◆ nist_security_strength()

size_t Botan::DilithiumModeConstants::nist_security_strength ( ) const
inline

Definition at line 153 of file dilithium_symmetric_primitives.h.

153{ return m_nist_security_strength; }

◆ oid()

OID Botan::DilithiumModeConstants::oid ( ) const
inline

Definition at line 147 of file dilithium_symmetric_primitives.h.

147{ return m_mode.object_identifier(); }
Botan::DilithiumMode::object_identifier
OID object_identifier() const
Definition dilithium.cpp:92

References Botan::DilithiumMode::object_identifier().

◆ omega()

size_t Botan::DilithiumModeConstants::omega ( ) const
inline

Definition at line 127 of file dilithium_symmetric_primitives.h.

127{ return m_omega; }

Referenced by Botan::Dilithium::PolynomialVector::unpack_sig().

◆ operator=() [1/2]

DilithiumModeConstants & Botan::DilithiumModeConstants::operator= ( const DilithiumModeConstants & other)
delete

◆ operator=() [2/2]

DilithiumModeConstants & Botan::DilithiumModeConstants::operator= ( DilithiumModeConstants && other)
default

◆ poly_uniform_eta_nblocks()

size_t Botan::DilithiumModeConstants::poly_uniform_eta_nblocks ( ) const
inline

Definition at line 137 of file dilithium_symmetric_primitives.h.

137{ return m_poly_uniform_eta_nblocks; }

Referenced by Botan::Dilithium::Polynomial::fill_poly_uniform_eta().

◆ poly_uniform_gamma1_nblocks()

size_t Botan::DilithiumModeConstants::poly_uniform_gamma1_nblocks ( ) const
inline

Definition at line 119 of file dilithium_symmetric_primitives.h.

119{ return m_poly_uniform_gamma1_nblocks; }

Referenced by ExpandMask().

◆ poly_uniform_nblocks()

size_t Botan::DilithiumModeConstants::poly_uniform_nblocks ( ) const
inline

Definition at line 139 of file dilithium_symmetric_primitives.h.

139{ return m_poly_uniform_nblocks; }

Referenced by Botan::Dilithium::PolynomialVector::poly_uniform().

◆ polyeta_packedbytes()

size_t Botan::DilithiumModeConstants::polyeta_packedbytes ( ) const
inline

Definition at line 141 of file dilithium_symmetric_primitives.h.

141{ return m_polyeta_packedbytes; }

Referenced by Botan::Dilithium::PolynomialVector::polyvec_pack_eta(), and Botan::Dilithium::PolynomialVector::unpack_eta().

◆ polyw1_packedbytes()

size_t Botan::DilithiumModeConstants::polyw1_packedbytes ( ) const
inline

Definition at line 125 of file dilithium_symmetric_primitives.h.

125{ return m_polyw1_packedbytes; }

Referenced by Botan::Dilithium::PolynomialVector::polyvec_pack_w1().

◆ polyz_packedbytes()

size_t Botan::DilithiumModeConstants::polyz_packedbytes ( ) const
inline

Definition at line 129 of file dilithium_symmetric_primitives.h.

129{ return m_polyz_packedbytes; }

Referenced by Botan::Dilithium::PolynomialVector::polyvec_unpack_z(), and Botan::Dilithium::PolynomialVector::unpack_sig().

◆ private_key_bytes()

size_t Botan::DilithiumModeConstants::private_key_bytes ( ) const
inline

Definition at line 151 of file dilithium_symmetric_primitives.h.

151{ return m_private_key_bytes; }

Referenced by Botan::Dilithium_PrivateKey::Dilithium_PrivateKey().

◆ public_key_bytes()

size_t Botan::DilithiumModeConstants::public_key_bytes ( ) const
inline

Definition at line 143 of file dilithium_symmetric_primitives.h.

143{ return m_public_key_bytes; }

Referenced by Botan::Dilithium_PublicKey::Dilithium_PublicKey().

◆ stream128_blockbytes()

size_t Botan::DilithiumModeConstants::stream128_blockbytes ( ) const
inline

Definition at line 123 of file dilithium_symmetric_primitives.h.

123{ return m_stream128_blockbytes; }

Referenced by Botan::Dilithium::PolynomialVector::poly_uniform().

◆ stream256_blockbytes()

size_t Botan::DilithiumModeConstants::stream256_blockbytes ( ) const
inline

Definition at line 121 of file dilithium_symmetric_primitives.h.

121{ return m_stream256_blockbytes; }

Referenced by ExpandMask(), and Botan::Dilithium::Polynomial::fill_poly_uniform_eta().

◆ tau()

size_t Botan::DilithiumModeConstants::tau ( ) const
inline

Definition at line 117 of file dilithium_symmetric_primitives.h.

117{ return m_tau; }

Referenced by Botan::Dilithium::Polynomial::poly_challenge().

◆ XOF_128()

std::unique_ptr< Botan::XOF > Botan::DilithiumModeConstants::XOF_128 ( std::span< const uint8_t > seed,
uint16_t nonce ) const
inline

Definition at line 164 of file dilithium_symmetric_primitives.h.

164 {
165 return this->m_symmetric_primitives->XOF(Dilithium_Symmetric_Primitives::XofType::k128, seed, nonce);
166 }
Botan::Dilithium_Symmetric_Primitives::XofType::k128
@ k128

References Botan::Dilithium_Symmetric_Primitives::k128.

Referenced by Botan::Dilithium::PolynomialVector::poly_uniform().

◆ XOF_256()

std::unique_ptr< Botan::XOF > Botan::DilithiumModeConstants::XOF_256 ( std::span< const uint8_t > seed,
uint16_t nonce ) const
inline

Definition at line 168 of file dilithium_symmetric_primitives.h.

168 {
169 return this->m_symmetric_primitives->XOF(Dilithium_Symmetric_Primitives::XofType::k256, seed, nonce);
170 }
Botan::Dilithium_Symmetric_Primitives::XofType::k256
@ k256

References Botan::Dilithium_Symmetric_Primitives::k256.

Referenced by Botan::Dilithium::Polynomial::fill_poly_uniform_eta().

Member Data Documentation

◆ AES256CTR_BLOCKBYTES

constexpr int32_t Botan::DilithiumModeConstants::AES256CTR_BLOCKBYTES = 64
staticconstexpr

Definition at line 73 of file dilithium_symmetric_primitives.h.

Referenced by DilithiumModeConstants().

◆ CRHBYTES

constexpr int32_t Botan::DilithiumModeConstants::CRHBYTES = 64
staticconstexpr

Definition at line 62 of file dilithium_symmetric_primitives.h.

Referenced by CRH(), Botan::Dilithium_PrivateKey::Dilithium_PrivateKey(), and Botan::Dilithium::Polynomial::fill_poly_uniform_eta().

◆ D

constexpr int32_t Botan::DilithiumModeConstants::D = 13
staticconstexpr

Definition at line 65 of file dilithium_symmetric_primitives.h.

Referenced by Botan::Dilithium::Polynomial::poly_shiftl(), Botan::Dilithium::Polynomial::polyt0_pack(), Botan::Dilithium::Polynomial::polyt0_unpack(), and Botan::Dilithium::Polynomial::power2round().

◆ kSerializedPolynomialByteLength

constexpr int32_t Botan::DilithiumModeConstants::kSerializedPolynomialByteLength = DilithiumModeConstants::N / 2 * 3
staticconstexpr

Definition at line 100 of file dilithium_symmetric_primitives.h.

◆ N

constexpr int32_t Botan::DilithiumModeConstants::N = 256
staticconstexpr

Definition at line 63 of file dilithium_symmetric_primitives.h.

Referenced by Botan::Dilithium::Polynomial::fill_poly_uniform_eta(), Botan::Dilithium::Polynomial::fill_polys_power2round(), Botan::Dilithium::Polynomial::generate_hint_polynomial(), Botan::Dilithium::Polynomial::invntt_tomont(), Botan::Dilithium::Polynomial::ntt(), Botan::Dilithium::Polynomial::poly_challenge(), Botan::Dilithium::Polynomial::poly_decompose(), Botan::Dilithium::Polynomial::poly_pointwise_montgomery(), Botan::Dilithium::PolynomialVector::poly_uniform(), Botan::Dilithium::Polynomial::poly_use_hint(), Botan::Dilithium::Polynomial::polyeta_pack(), Botan::Dilithium::Polynomial::polyeta_unpack(), Botan::Dilithium::Polynomial::polyt0_pack(), Botan::Dilithium::Polynomial::polyt0_unpack(), Botan::Dilithium::Polynomial::polyt1_pack(), Botan::Dilithium::Polynomial::polyt1_unpack(), Botan::Dilithium::Polynomial::polyw1_pack(), Botan::Dilithium::Polynomial::polyz_pack(), Botan::Dilithium::Polynomial::polyz_unpack(), and Botan::Dilithium::PolynomialVector::unpack_sig().

◆ POLYT0_PACKEDBYTES

constexpr int32_t Botan::DilithiumModeConstants::POLYT0_PACKEDBYTES = 416
staticconstexpr

Definition at line 68 of file dilithium_symmetric_primitives.h.

Referenced by DilithiumModeConstants(), Botan::Dilithium::PolynomialVector::polyvec_pack_t0(), and Botan::Dilithium::PolynomialVector::unpack_t0().

◆ POLYT1_PACKEDBYTES

constexpr int32_t Botan::DilithiumModeConstants::POLYT1_PACKEDBYTES = 320
staticconstexpr

Definition at line 67 of file dilithium_symmetric_primitives.h.

Referenced by DilithiumModeConstants(), Botan::Dilithium::PolynomialVector::polyvec_pack_t1(), and Botan::Dilithium::PolynomialVector::unpack_t1().

◆ Q

constexpr int32_t Botan::DilithiumModeConstants::Q = 8380417
staticconstexpr

Definition at line 64 of file dilithium_symmetric_primitives.h.

Referenced by Botan::Dilithium::Polynomial::cadd_q(), Botan::Dilithium::Polynomial::decompose(), DilithiumModeConstants(), Botan::Dilithium::Polynomial::make_hint(), Botan::Dilithium::Polynomial::montgomery_reduce(), Botan::Dilithium::Polynomial::poly_chknorm(), Botan::Dilithium::Polynomial::poly_reduce(), Botan::Dilithium::Polynomial::polyw1_pack(), Botan::Dilithium::Polynomial::rej_uniform(), and Botan::Dilithium::Polynomial::use_hint().

◆ QINV

constexpr int32_t Botan::DilithiumModeConstants::QINV = 58728449
staticconstexpr

Definition at line 74 of file dilithium_symmetric_primitives.h.

Referenced by Botan::Dilithium::Polynomial::montgomery_reduce().

◆ ROOT_OF_UNITY

constexpr int32_t Botan::DilithiumModeConstants::ROOT_OF_UNITY = 1753
staticconstexpr

Definition at line 66 of file dilithium_symmetric_primitives.h.

◆ SEEDBYTES

constexpr int32_t Botan::DilithiumModeConstants::SEEDBYTES = 32
staticconstexpr

Definition at line 61 of file dilithium_symmetric_primitives.h.

Referenced by Botan::Dilithium_PrivateKey::Dilithium_PrivateKey(), DilithiumModeConstants(), Botan::Dilithium::PolynomialMatrix::generate_matrix(), Botan::Dilithium::Polynomial::poly_challenge(), and Botan::Dilithium::PolynomialVector::unpack_sig().

◆ SHA3_256_RATE

constexpr int32_t Botan::DilithiumModeConstants::SHA3_256_RATE = 136
staticconstexpr

Definition at line 71 of file dilithium_symmetric_primitives.h.

◆ SHA3_512_RATE

constexpr int32_t Botan::DilithiumModeConstants::SHA3_512_RATE = 72
staticconstexpr

Definition at line 72 of file dilithium_symmetric_primitives.h.

◆ SHAKE128_RATE

constexpr int32_t Botan::DilithiumModeConstants::SHAKE128_RATE = 168
staticconstexpr

Definition at line 69 of file dilithium_symmetric_primitives.h.

Referenced by DilithiumModeConstants().

◆ SHAKE256_RATE

constexpr int32_t Botan::DilithiumModeConstants::SHAKE256_RATE = 136
staticconstexpr

Definition at line 70 of file dilithium_symmetric_primitives.h.

Referenced by DilithiumModeConstants(), and Botan::Dilithium::Polynomial::poly_challenge().

◆ ZETAS

constexpr int32_t Botan::DilithiumModeConstants::ZETAS[DilithiumModeConstants::N]
staticconstexpr
Initial value:
= {
0, 25847, -2608894, -518909, 237124, -777960, -876248, 466468, 1826347, 2353451, -359251,
-2091905, 3119733, -2884855, 3111497, 2680103, 2725464, 1024112, -1079900, 3585928, -549488, -1119584,
2619752, -2108549, -2118186, -3859737, -1399561, -3277672, 1757237, -19422, 4010497, 280005, 2706023,
95776, 3077325, 3530437, -1661693, -3592148, -2537516, 3915439, -3861115, -3043716, 3574422, -2867647,
3539968, -300467, 2348700, -539299, -1699267, -1643818, 3505694, -3821735, 3507263, -2140649, -1600420,
3699596, 811944, 531354, 954230, 3881043, 3900724, -2556880, 2071892, -2797779, -3930395, -1528703,
-3677745, -3041255, -1452451, 3475950, 2176455, -1585221, -1257611, 1939314, -4083598, -1000202, -3190144,
-3157330, -3632928, 126922, 3412210, -983419, 2147896, 2715295, -2967645, -3693493, -411027, -2477047,
-671102, -1228525, -22981, -1308169, -381987, 1349076, 1852771, -1430430, -3343383, 264944, 508951,
3097992, 44288, -1100098, 904516, 3958618, -3724342, -8578, 1653064, -3249728, 2389356, -210977,
759969, -1316856, 189548, -3553272, 3159746, -1851402, -2409325, -177440, 1315589, 1341330, 1285669,
-1584928, -812732, -1439742, -3019102, -3881060, -3628969, 3839961, 2091667, 3407706, 2316500, 3817976,
-3342478, 2244091, -2446433, -3562462, 266997, 2434439, -1235728, 3513181, -3520352, -3759364, -1197226,
-3193378, 900702, 1859098, 909542, 819034, 495491, -1613174, -43260, -522500, -655327, -3122442,
2031748, 3207046, -3556995, -525098, -768622, -3595838, 342297, 286988, -2437823, 4108315, 3437287,
-3342277, 1735879, 203044, 2842341, 2691481, -2590150, 1265009, 4055324, 1247620, 2486353, 1595974,
-3767016, 1250494, 2635921, -3548272, -2994039, 1869119, 1903435, -1050970, -1333058, 1237275, -3318210,
-1430225, -451100, 1312455, 3306115, -1962642, -1279661, 1917081, -2546312, -1374803, 1500165, 777191,
2235880, 3406031, -542412, -2831860, -1671176, -1846953, -2584293, -3724270, 594136, -3776993, -2013608,
2432395, 2454455, -164721, 1957272, 3369112, 185531, -1207385, -3183426, 162844, 1616392, 3014001,
810149, 1652634, -3694233, -1799107, -3038916, 3523897, 3866901, 269760, 2213111, -975884, 1717735,
472078, -426683, 1723600, -1803090, 1910376, -1667432, -1104333, -260646, -3833893, -2939036, -2235985,
-420899, -2286327, 183443, -976891, 1612842, -3545687, -554416, 3919660, -48306, -1362209, 3937738,
1400424, -846154, 1976782}

Definition at line 75 of file dilithium_symmetric_primitives.h.

75 {
76 0, 25847, -2608894, -518909, 237124, -777960, -876248, 466468, 1826347, 2353451, -359251,
77 -2091905, 3119733, -2884855, 3111497, 2680103, 2725464, 1024112, -1079900, 3585928, -549488, -1119584,
78 2619752, -2108549, -2118186, -3859737, -1399561, -3277672, 1757237, -19422, 4010497, 280005, 2706023,
79 95776, 3077325, 3530437, -1661693, -3592148, -2537516, 3915439, -3861115, -3043716, 3574422, -2867647,
80 3539968, -300467, 2348700, -539299, -1699267, -1643818, 3505694, -3821735, 3507263, -2140649, -1600420,
81 3699596, 811944, 531354, 954230, 3881043, 3900724, -2556880, 2071892, -2797779, -3930395, -1528703,
82 -3677745, -3041255, -1452451, 3475950, 2176455, -1585221, -1257611, 1939314, -4083598, -1000202, -3190144,
83 -3157330, -3632928, 126922, 3412210, -983419, 2147896, 2715295, -2967645, -3693493, -411027, -2477047,
84 -671102, -1228525, -22981, -1308169, -381987, 1349076, 1852771, -1430430, -3343383, 264944, 508951,
85 3097992, 44288, -1100098, 904516, 3958618, -3724342, -8578, 1653064, -3249728, 2389356, -210977,
86 759969, -1316856, 189548, -3553272, 3159746, -1851402, -2409325, -177440, 1315589, 1341330, 1285669,
87 -1584928, -812732, -1439742, -3019102, -3881060, -3628969, 3839961, 2091667, 3407706, 2316500, 3817976,
88 -3342478, 2244091, -2446433, -3562462, 266997, 2434439, -1235728, 3513181, -3520352, -3759364, -1197226,
89 -3193378, 900702, 1859098, 909542, 819034, 495491, -1613174, -43260, -522500, -655327, -3122442,
90 2031748, 3207046, -3556995, -525098, -768622, -3595838, 342297, 286988, -2437823, 4108315, 3437287,
91 -3342277, 1735879, 203044, 2842341, 2691481, -2590150, 1265009, 4055324, 1247620, 2486353, 1595974,
92 -3767016, 1250494, 2635921, -3548272, -2994039, 1869119, 1903435, -1050970, -1333058, 1237275, -3318210,
93 -1430225, -451100, 1312455, 3306115, -1962642, -1279661, 1917081, -2546312, -1374803, 1500165, 777191,
94 2235880, 3406031, -542412, -2831860, -1671176, -1846953, -2584293, -3724270, 594136, -3776993, -2013608,
95 2432395, 2454455, -164721, 1957272, 3369112, 185531, -1207385, -3183426, 162844, 1616392, 3014001,
96 810149, 1652634, -3694233, -1799107, -3038916, 3523897, 3866901, 269760, 2213111, -975884, 1717735,
97 472078, -426683, 1723600, -1803090, 1910376, -1667432, -1104333, -260646, -3833893, -2939036, -2235985,
98 -420899, -2286327, 183443, -976891, 1612842, -3545687, -554416, 3919660, -48306, -1362209, 3937738,
99 1400424, -846154, 1976782};

Referenced by Botan::Dilithium::Polynomial::invntt_tomont(), and Botan::Dilithium::Polynomial::ntt().

The documentation for this class was generated from the following files:
Generated by doxygen 1.10.0