Botan 3.4.0
Crypto and TLS for C&
Public Member Functions | Protected Member Functions | Protected Attributes | Friends | List of all members
Botan::Dilithium_PublicKey Class Reference

#include <dilithium.h>

Inheritance diagram for Botan::Dilithium_PublicKey:
Botan::Public_Key Botan::Asymmetric_Key Botan::Dilithium_PrivateKey

Public Member Functions

std::string algo_name () const override
 
AlgorithmIdentifier algorithm_identifier () const override
 
bool check_key (RandomNumberGenerator &, bool) const override
 
virtual std::unique_ptr< PK_Ops::Encryptioncreate_encryption_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
 
virtual std::unique_ptr< PK_Ops::KEM_Encryptioncreate_kem_encryption_op (std::string_view params, std::string_view provider) const
 
std::unique_ptr< PK_Ops::Verificationcreate_verification_op (std::string_view params, std::string_view provider) const override
 
std::unique_ptr< PK_Ops::Verificationcreate_x509_verification_op (const AlgorithmIdentifier &signature_algorithm, std::string_view provider) const override
 
virtual Signature_Format default_x509_signature_format () const
 
 Dilithium_PublicKey (const AlgorithmIdentifier &alg_id, std::span< const uint8_t > pk)
 
 Dilithium_PublicKey (std::span< const uint8_t > pk, DilithiumMode mode)
 
size_t estimated_strength () const override
 
std::string fingerprint_public (std::string_view alg="SHA-256") const
 
std::unique_ptr< Private_Keygenerate_another (RandomNumberGenerator &rng) const final
 
virtual const BigIntget_int_field (std::string_view field) const
 
OID get_oid () const
 
size_t key_length () const override
 
virtual size_t message_part_size () const
 
virtual size_t message_parts () const
 
OID object_identifier () const override
 
Dilithium_PublicKeyoperator= (const Dilithium_PublicKey &other)=default
 
std::vector< uint8_t > public_key_bits () const override
 
std::vector< uint8_t > subject_public_key () const
 
bool supports_operation (PublicKeyOperation op) const override
 
 ~Dilithium_PublicKey () override=default
 

Protected Member Functions

 Dilithium_PublicKey ()=default
 

Protected Attributes

std::shared_ptr< Dilithium_PublicKeyInternal > m_public
 

Friends

class Dilithium_Signature_Operation
 
class Dilithium_Verification_Operation
 

Detailed Description

This implementation is based on https://github.com/pq-crystals/dilithium/commit/3e9b9f1412f6c7435dbeb4e10692ea58f181ee51

Note that this is not compatible with the round 3 submission of the NIST competition.

Definition at line 55 of file dilithium.h.

Constructor & Destructor Documentation

◆ ~Dilithium_PublicKey()

Botan::Dilithium_PublicKey::~Dilithium_PublicKey ( )
overridedefault

◆ Dilithium_PublicKey() [1/3]

Botan::Dilithium_PublicKey::Dilithium_PublicKey ( const AlgorithmIdentifier & alg_id,
std::span< const uint8_t > pk )

Definition at line 504 of file dilithium.cpp.

504 :
505 Dilithium_PublicKey(pk, DilithiumMode(alg_id.oid())) {}
Botan::Dilithium_PublicKey::Dilithium_PublicKey
Dilithium_PublicKey()=default

◆ Dilithium_PublicKey() [2/3]

Botan::Dilithium_PublicKey::Dilithium_PublicKey ( std::span< const uint8_t > pk,
DilithiumMode mode )

Definition at line 507 of file dilithium.cpp.

507 {
508 DilithiumModeConstants mode(m);
509 BOTAN_ARG_CHECK(pk.empty() || pk.size() == mode.public_key_bytes(),
510 "dilithium public key does not have the correct byte count");
511
512 m_public = std::make_shared<Dilithium_PublicKeyInternal>(std::move(mode), pk);
513}
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29
Botan::Dilithium_PublicKey::m_public
std::shared_ptr< Dilithium_PublicKeyInternal > m_public
Definition dilithium.h:95

References BOTAN_ARG_CHECK, m_public, and Botan::DilithiumModeConstants::public_key_bytes().

◆ Dilithium_PublicKey() [3/3]

Botan::Dilithium_PublicKey::Dilithium_PublicKey ( )
protecteddefault

Member Function Documentation

◆ algo_name()

std::string Botan::Dilithium_PublicKey::algo_name ( ) const
overridevirtual

Get the name of the underlying public key scheme.

Returns
name of the public key scheme

Implements Botan::Asymmetric_Key.

Definition at line 515 of file dilithium.cpp.

515 {
516 return object_identifier().to_formatted_string();
517}
Botan::Dilithium_PublicKey::object_identifier
OID object_identifier() const override
Definition dilithium.cpp:523
Botan::OID::to_formatted_string
std::string to_formatted_string() const
Definition asn1_oid.cpp:114

References object_identifier(), and Botan::OID::to_formatted_string().

Referenced by Botan::Dilithium_PrivateKey::create_signature_op(), create_verification_op(), and create_x509_verification_op().

◆ algorithm_identifier()

AlgorithmIdentifier Botan::Dilithium_PublicKey::algorithm_identifier ( ) const
overridevirtual
Returns
X.509 AlgorithmIdentifier for this key

Implements Botan::Public_Key.

Definition at line 519 of file dilithium.cpp.

519 {
520 return AlgorithmIdentifier(object_identifier(), AlgorithmIdentifier::USE_EMPTY_PARAM);
521}

References object_identifier(), and Botan::AlgorithmIdentifier::USE_EMPTY_PARAM.

Referenced by create_x509_verification_op().

◆ check_key()

bool Botan::Dilithium_PublicKey::check_key ( RandomNumberGenerator & ,
bool  ) const
overridevirtual

Implements Botan::Public_Key.

Definition at line 539 of file dilithium.cpp.

539 {
540 return true; // ???
541}

◆ create_encryption_op()

std::unique_ptr< PK_Ops::Encryption > Botan::Public_Key::create_encryption_op ( RandomNumberGenerator & rng,
std::string_view params,
std::string_view provider ) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::ElGamal_PublicKey, Botan::RSA_PublicKey, and Botan::SM2_PublicKey.

Definition at line 90 of file pk_keys.cpp.

92 {
93 throw Lookup_Error(fmt("{} does not support encryption", algo_name()));
94}
Botan::Asymmetric_Key::algo_name
virtual std::string algo_name() const =0
Botan::fmt
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_Encryptor_EME::PK_Encryptor_EME().

◆ create_kem_encryption_op()

std::unique_ptr< PK_Ops::KEM_Encryption > Botan::Public_Key::create_kem_encryption_op ( std::string_view params,
std::string_view provider ) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::TLS::Hybrid_KEM_PublicKey, Botan::TLS::KEX_to_KEM_Adapter_PublicKey, Botan::FrodoKEM_PublicKey, Botan::Kyber_PublicKey, Botan::McEliece_PublicKey, and Botan::RSA_PublicKey.

Definition at line 96 of file pk_keys.cpp.

97 {
98 throw Lookup_Error(fmt("{} does not support KEM encryption", algo_name()));
99}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_KEM_Encryptor::PK_KEM_Encryptor().

◆ create_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::Dilithium_PublicKey::create_verification_op ( std::string_view params,
std::string_view provider ) const
overridevirtual

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 547 of file dilithium.cpp.

548 {
549 BOTAN_ARG_CHECK(params.empty() || params == "Pure", "Unexpected parameters for verifying with Dilithium");
550 if(provider.empty() || provider == "base") {
551 return std::make_unique<Dilithium_Verification_Operation>(*this);
552 }
553 throw Provider_Not_Found(algo_name(), provider);
554}
Botan::Dilithium_PublicKey::algo_name
std::string algo_name() const override
Definition dilithium.cpp:515

References algo_name(), and BOTAN_ARG_CHECK.

◆ create_x509_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::Dilithium_PublicKey::create_x509_verification_op ( const AlgorithmIdentifier & signature_algorithm,
std::string_view provider ) const
overridevirtual

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a verification operation for this combination of key and signature algorithm or throw.

Parameters
signature_algorithmis the X.509 algorithm identifier encoding the padding scheme and hash hash function used in the signature if applicable.
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 556 of file dilithium.cpp.

557 {
558 if(provider.empty() || provider == "base") {
559 if(alg_id != this->algorithm_identifier()) {
560 throw Decoding_Error("Unexpected AlgorithmIdentifier for Dilithium X.509 signature");
561 }
562 return std::make_unique<Dilithium_Verification_Operation>(*this);
563 }
564 throw Provider_Not_Found(algo_name(), provider);
565}
Botan::Dilithium_PublicKey::algorithm_identifier
AlgorithmIdentifier algorithm_identifier() const override
Definition dilithium.cpp:519

References algo_name(), and algorithm_identifier().

◆ default_x509_signature_format()

virtual Signature_Format Botan::Public_Key::default_x509_signature_format ( ) const
inlinevirtualinherited

Reimplemented in Botan::GOST_3410_PublicKey.

Definition at line 190 of file pk_keys.h.

190 {
191 return (this->message_parts() >= 2) ? Signature_Format::DerSequence : Signature_Format::Standard;
192 }
Botan::Public_Key::message_parts
virtual size_t message_parts() const
Definition pk_keys.h:177

Referenced by Botan::X509_Object::choose_sig_format(), and Botan::PK_Verifier::PK_Verifier().

◆ estimated_strength()

size_t Botan::Dilithium_PublicKey::estimated_strength ( ) const
overridevirtual

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns
estimated strength in bits

Implements Botan::Asymmetric_Key.

Definition at line 531 of file dilithium.cpp.

531 {
532 return m_public->mode().nist_security_strength();
533}

References m_public.

◆ fingerprint_public()

std::string Botan::Public_Key::fingerprint_public ( std::string_view alg = "SHA-256") const
inherited
Returns
Hash of the subject public key

Definition at line 79 of file pk_keys.cpp.

79 {
80 return create_hex_fingerprint(subject_public_key(), hash_algo);
81}
Botan::Public_Key::subject_public_key
std::vector< uint8_t > subject_public_key() const
Definition pk_keys.cpp:48
Botan::create_hex_fingerprint
std::string create_hex_fingerprint(const uint8_t bits[], size_t bits_len, std::string_view hash_name)
Definition pk_keys.cpp:30

References Botan::create_hex_fingerprint(), and Botan::Public_Key::subject_public_key().

◆ generate_another()

std::unique_ptr< Private_Key > Botan::Dilithium_PublicKey::generate_another ( RandomNumberGenerator & rng) const
finalvirtual

Generate another (cryptographically independent) key pair using the same algorithm parameters as this key. This is most useful for algorithms that support PublicKeyOperation::KeyAgreement to generate a fitting ephemeral key pair. For other key types it might throw Not_Implemented.

Implements Botan::Asymmetric_Key.

Definition at line 543 of file dilithium.cpp.

543 {
544 return std::make_unique<Dilithium_PrivateKey>(rng, m_public->mode().mode());
545}

References m_public.

◆ get_int_field()

const BigInt & Botan::Asymmetric_Key::get_int_field ( std::string_view field) const
virtualinherited

Access an algorithm specific field

If the field is not known for this algorithm, an Invalid_Argument is thrown. The interpretation of the result requires knowledge of which algorithm is involved. For instance for RSA "p" represents one of the secret primes, while for DSA "p" is the public prime.

Some algorithms may not implement this method at all.

This is primarily used to implement the FFI botan_pubkey_get_field and botan_privkey_get_field functions.

Reimplemented in Botan::EC_PrivateKey, Botan::DH_PublicKey, Botan::DH_PrivateKey, Botan::DSA_PublicKey, Botan::DSA_PrivateKey, Botan::EC_PublicKey, Botan::ElGamal_PublicKey, Botan::ElGamal_PrivateKey, Botan::RSA_PublicKey, and Botan::RSA_PrivateKey.

Definition at line 18 of file pk_keys.cpp.

18 {
19 throw Unknown_PK_Field_Name(algo_name(), field);
20}

References Botan::Asymmetric_Key::algo_name().

Referenced by Botan::EC_PublicKey::get_int_field(), and Botan::RSA_PublicKey::get_int_field().

◆ get_oid()

OID Botan::Public_Key::get_oid ( ) const
inlineinherited

Deprecated version of object_identifier

Definition at line 132 of file pk_keys.h.

132{ return this->object_identifier(); }
Botan::Asymmetric_Key::object_identifier
virtual OID object_identifier() const
Definition pk_keys.cpp:22

◆ key_length()

size_t Botan::Dilithium_PublicKey::key_length ( ) const
overridevirtual

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implements Botan::Public_Key.

Definition at line 527 of file dilithium.cpp.

527 {
528 return m_public->mode().public_key_bytes();
529}

References m_public.

◆ message_part_size()

virtual size_t Botan::Public_Key::message_part_size ( ) const
inlinevirtualinherited

Returns how large each of the message parts refered to by message_parts() is

This function is public but applications should have few reasons to ever call this.

Returns
size of the message parts in bits

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 188 of file pk_keys.h.

188{ return 0; }

Referenced by Botan::PK_Signer::PK_Signer(), Botan::PK_Verifier::PK_Verifier(), and Botan::PK_Verifier::PK_Verifier().

◆ message_parts()

virtual size_t Botan::Public_Key::message_parts ( ) const
inlinevirtualinherited

Returns more than 1 if the output of this algorithm (ciphertext, signature) should be treated as more than one value. This is used for algorithms like DSA and ECDSA, where the (r,s) output pair can be encoded as either a plain binary list or a TLV tagged DER encoding depending on the protocol.

This function is public but applications should have few reasons to ever call this.

Returns
number of message parts

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 177 of file pk_keys.h.

177{ return 1; }

Referenced by Botan::PK_Signer::PK_Signer(), Botan::PK_Verifier::PK_Verifier(), and Botan::PK_Verifier::PK_Verifier().

◆ object_identifier()

OID Botan::Dilithium_PublicKey::object_identifier ( ) const
overridevirtual

Get the OID of the underlying public key scheme.

Returns
OID of the public key scheme

Reimplemented from Botan::Asymmetric_Key.

Definition at line 523 of file dilithium.cpp.

523 {
524 return m_public->mode().oid();
525}

References m_public.

Referenced by algo_name(), and algorithm_identifier().

◆ operator=()

Dilithium_PublicKey & Botan::Dilithium_PublicKey::operator= ( const Dilithium_PublicKey & other)
default

◆ public_key_bits()

std::vector< uint8_t > Botan::Dilithium_PublicKey::public_key_bits ( ) const
overridevirtual
Returns
BER encoded public key bits

Implements Botan::Public_Key.

Definition at line 535 of file dilithium.cpp.

535 {
536 return m_public->raw_pk();
537}

References m_public.

◆ subject_public_key()

std::vector< uint8_t > Botan::Public_Key::subject_public_key ( ) const
inherited
Returns
X.509 subject key encoding for this key object

Definition at line 48 of file pk_keys.cpp.

48 {
49 std::vector<uint8_t> output;
50
51 DER_Encoder(output)
52 .start_sequence()
53 .encode(algorithm_identifier())
54 .encode(public_key_bits(), ASN1_Type::BitString)
55 .end_cons();
56
57 return output;
58}
Botan::Public_Key::algorithm_identifier
virtual AlgorithmIdentifier algorithm_identifier() const =0
Botan::Public_Key::public_key_bits
virtual std::vector< uint8_t > public_key_bits() const =0

References Botan::Public_Key::algorithm_identifier(), Botan::BitString, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::Public_Key::public_key_bits(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::X509::BER_encode(), Botan::PKCS10_Request::create(), Botan::Public_Key::fingerprint_public(), and Botan::X509::PEM_encode().

◆ supports_operation()

bool Botan::Dilithium_PublicKey::supports_operation ( PublicKeyOperation op) const
inlineoverridevirtual

Return true if this key could be used for the specified type of operation.

Implements Botan::Asymmetric_Key.

Definition at line 75 of file dilithium.h.

75{ return (op == PublicKeyOperation::Signature); }

Friends And Related Symbol Documentation

◆ Dilithium_Signature_Operation

friend class Dilithium_Signature_Operation
friend

Definition at line 93 of file dilithium.h.

◆ Dilithium_Verification_Operation

friend class Dilithium_Verification_Operation
friend

Definition at line 92 of file dilithium.h.

Member Data Documentation

◆ m_public

std::shared_ptr<Dilithium_PublicKeyInternal> Botan::Dilithium_PublicKey::m_public
protected

Definition at line 95 of file dilithium.h.

Referenced by Botan::Dilithium_PrivateKey::Dilithium_PrivateKey(), Botan::Dilithium_PrivateKey::Dilithium_PrivateKey(), Dilithium_PublicKey(), estimated_strength(), generate_another(), key_length(), object_identifier(), and public_key_bits().

The documentation for this class was generated from the following files:
Generated by doxygen 1.10.0