Botan 3.6.1
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::FrodoKEMConstants Class Reference

#include <frodo_constants.h>

Public Member Functions

size_t b () const
 
uint16_t cdf_table_at (size_t i) const
 
size_t cdf_table_len () const
 
size_t d () const
 
FrodoDomainSeparator encapsulation_domain_separator () const
 
size_t estimated_strength () const
 
 FrodoKEMConstants (const FrodoKEMConstants &other)
 
 FrodoKEMConstants (FrodoKEMConstants &&other)=default
 
 FrodoKEMConstants (FrodoKEMMode mode)
 
FrodoDomainSeparator keygen_domain_separator () const
 
size_t len_a_bytes () const
 
size_t len_ct_bytes () const
 
size_t len_packed_b_bytes () const
 
size_t len_packed_c_bytes () const
 
size_t len_private_key_bytes () const
 
size_t len_public_key_bytes () const
 
size_t len_salt_bytes () const
 
size_t len_se_bytes () const
 
size_t len_sec_bytes () const
 
FrodoKEMMode mode () const
 
size_t n () const
 
size_t n_bar () const
 
FrodoKEMConstantsoperator= (const FrodoKEMConstants &other)=delete
 
FrodoKEMConstantsoperator= (FrodoKEMConstants &&other)=default
 
XOFSHAKE_XOF () const
 
 ~FrodoKEMConstants ()
 

Detailed Description

Definition at line 25 of file frodo_constants.h.

Constructor & Destructor Documentation

◆ FrodoKEMConstants() [1/3]

Botan::FrodoKEMConstants::FrodoKEMConstants ( FrodoKEMMode mode)

Definition at line 17 of file frodo_constants.cpp.

17 : m_mode(mode), m_len_a(128), m_n_bar(8) {
18 if(!mode.is_available()) {
19 throw Not_Implemented("FrodoKEM mode " + mode.to_string() + " is not available");
20 }
21
22 if(mode.is_ephemeral()) {
23 m_len_salt = 0;
24 }
25
26 switch(mode.mode()) {
27 case FrodoKEMMode::FrodoKEM640_SHAKE:
28 case FrodoKEMMode::FrodoKEM640_AES:
29 case FrodoKEMMode::eFrodoKEM640_SHAKE:
30 case FrodoKEMMode::eFrodoKEM640_AES:
31 m_nist_strength = 128;
32 m_d = 15;
33 m_n = 640;
34 m_b = 2;
35 if(mode.is_static()) {
36 m_len_salt = 256;
37 m_len_se = 256;
38 } else if(mode.is_ephemeral()) {
39 m_len_se = 128;
40 } else {
41 BOTAN_ASSERT_UNREACHABLE();
42 }
43
44 m_cdf_table = {4643, 13363, 20579, 25843, 29227, 31145, 32103, 32525, 32689, 32745, 32762, 32766, 32767};
45
46 m_shake = "SHAKE-128";
47 break;
48
49 case FrodoKEMMode::FrodoKEM976_SHAKE:
50 case FrodoKEMMode::FrodoKEM976_AES:
51 case FrodoKEMMode::eFrodoKEM976_SHAKE:
52 case FrodoKEMMode::eFrodoKEM976_AES:
53 m_nist_strength = 192;
54 m_d = 16;
55 m_n = 976;
56 m_b = 3;
57 if(mode.is_static()) {
58 m_len_salt = 384;
59 m_len_se = 384;
60 } else if(mode.is_ephemeral()) {
61 m_len_se = 192;
62 } else {
63 BOTAN_ASSERT_UNREACHABLE();
64 }
65
66 m_cdf_table = {5638, 15915, 23689, 28571, 31116, 32217, 32613, 32731, 32760, 32766, 32767};
67
68 m_shake = "SHAKE-256";
69 break;
70
71 case FrodoKEMMode::FrodoKEM1344_SHAKE:
72 case FrodoKEMMode::FrodoKEM1344_AES:
73 case FrodoKEMMode::eFrodoKEM1344_SHAKE:
74 case FrodoKEMMode::eFrodoKEM1344_AES:
75 m_nist_strength = 256;
76 m_d = 16;
77 m_n = 1344;
78 m_b = 4;
79 if(mode.is_static()) {
80 m_len_salt = 512;
81 m_len_se = 512;
82 } else if(mode.is_ephemeral()) {
83 m_len_se = 256;
84 } else {
85 BOTAN_ASSERT_UNREACHABLE();
86 }
87
88 m_cdf_table = {9142, 23462, 30338, 32361, 32725, 32765, 32767};
89
90 m_shake = "SHAKE-256";
91 break;
92 }
93
94 m_shake_xof = XOF::create_or_throw(m_shake);
95}
BOTAN_ASSERT_UNREACHABLE
#define BOTAN_ASSERT_UNREACHABLE()
Definition assert.h:137
Botan::FrodoKEMConstants::mode
FrodoKEMMode mode() const
Definition frodo_constants.h:37
Botan::FrodoKEMMode::is_static
bool is_static() const
Definition frodo_mode.h:51
Botan::FrodoKEMMode::is_available
bool is_available() const
Definition frodo_mode.h:66
Botan::FrodoKEMMode::to_string
std::string to_string() const
Definition frodo_mode.cpp:79
Botan::FrodoKEMMode::mode
Mode mode() const
Definition frodo_mode.h:44
Botan::FrodoKEMMode::is_ephemeral
bool is_ephemeral() const
Definition frodo_mode.h:46
Botan::XOF::create_or_throw
static std::unique_ptr< XOF > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition xof.cpp:42

References Botan::FrodoKEMMode::eFrodoKEM1344_AES, Botan::FrodoKEMMode::eFrodoKEM1344_SHAKE, Botan::FrodoKEMMode::eFrodoKEM976_AES, Botan::FrodoKEMMode::eFrodoKEM976_SHAKE, Botan::FrodoKEMMode::FrodoKEM1344_AES, Botan::FrodoKEMMode::FrodoKEM1344_SHAKE, Botan::FrodoKEMMode::FrodoKEM976_AES, Botan::FrodoKEMMode::FrodoKEM976_SHAKE, Botan::FrodoKEMMode::is_available(), Botan::FrodoKEMMode::is_ephemeral(), Botan::FrodoKEMMode::is_static(), mode(), and Botan::FrodoKEMMode::mode().

◆ ~FrodoKEMConstants()

Botan::FrodoKEMConstants::~FrodoKEMConstants ( )
default

◆ FrodoKEMConstants() [2/3]

Botan::FrodoKEMConstants::FrodoKEMConstants ( const FrodoKEMConstants & other)
inline

Definition at line 31 of file frodo_constants.h.

31: FrodoKEMConstants(other.m_mode) {}
Botan::FrodoKEMConstants::FrodoKEMConstants
FrodoKEMConstants(FrodoKEMMode mode)
Definition frodo_constants.cpp:17

◆ FrodoKEMConstants() [3/3]

Botan::FrodoKEMConstants::FrodoKEMConstants ( FrodoKEMConstants && other)
default

Member Function Documentation

◆ b()

size_t Botan::FrodoKEMConstants::b ( ) const
inline

Definition at line 47 of file frodo_constants.h.

47{ return m_b; } // extracted bits

Referenced by Botan::FrodoMatrix::decode(), and Botan::FrodoMatrix::encode().

◆ cdf_table_at()

uint16_t Botan::FrodoKEMConstants::cdf_table_at ( size_t i) const
inline

Definition at line 41 of file frodo_constants.h.

41{ return m_cdf_table.at(i); }

Referenced by Botan::FrodoMatrix::sample().

◆ cdf_table_len()

size_t Botan::FrodoKEMConstants::cdf_table_len ( ) const
inline

Definition at line 39 of file frodo_constants.h.

39{ return m_cdf_table.size(); }

Referenced by Botan::FrodoMatrix::sample().

◆ d()

size_t Botan::FrodoKEMConstants::d ( ) const
inline

Definition at line 49 of file frodo_constants.h.

49{ return m_d; } // D = logq

Referenced by Botan::FrodoMatrix::decode(), Botan::FrodoMatrix::encode(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey(), Botan::FrodoMatrix::pack(), Botan::FrodoMatrix::packed_size(), Botan::FrodoMatrix::reduce(), and Botan::FrodoMatrix::unpack().

◆ encapsulation_domain_separator()

FrodoDomainSeparator Botan::FrodoKEMConstants::encapsulation_domain_separator ( ) const
inline

Definition at line 75 of file frodo_constants.h.

75{ return FrodoDomainSeparator({0x96}); }
Botan::FrodoDomainSeparator
Strong< std::array< uint8_t, 1 >, struct FrodoDoaminSeparator_ > FrodoDomainSeparator
Definition frodo_types.h:47

◆ estimated_strength()

size_t Botan::FrodoKEMConstants::estimated_strength ( ) const
inline

Definition at line 43 of file frodo_constants.h.

43{ return m_nist_strength; }

◆ keygen_domain_separator()

FrodoDomainSeparator Botan::FrodoKEMConstants::keygen_domain_separator ( ) const
inline

Definition at line 77 of file frodo_constants.h.

77{ return FrodoDomainSeparator({0x5F}); }

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

◆ len_a_bytes()

size_t Botan::FrodoKEMConstants::len_a_bytes ( ) const
inline

Definition at line 53 of file frodo_constants.h.

53{ return m_len_a / 8; } // len of seed_a in bytes

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), and Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey().

◆ len_ct_bytes()

size_t Botan::FrodoKEMConstants::len_ct_bytes ( ) const
inline

Definition at line 61 of file frodo_constants.h.

61 {
62 return (m_d * m_n * m_n_bar + m_d * m_n_bar * m_n_bar + m_len_salt) / 8;
63 } // Ciphertext length in bytes

◆ len_packed_b_bytes()

size_t Botan::FrodoKEMConstants::len_packed_b_bytes ( ) const
inline

Definition at line 71 of file frodo_constants.h.

71{ return (m_d * m_n * m_n_bar) / 8; }

◆ len_packed_c_bytes()

size_t Botan::FrodoKEMConstants::len_packed_c_bytes ( ) const
inline

Definition at line 73 of file frodo_constants.h.

73{ return (m_d * m_n_bar * m_n_bar) / 8; }

◆ len_private_key_bytes()

size_t Botan::FrodoKEMConstants::len_private_key_bytes ( ) const
inline

Definition at line 67 of file frodo_constants.h.

67 {
68 return (m_nist_strength + m_len_a + (m_d * m_n * m_n_bar) + (m_n_bar * m_n * 16) + m_nist_strength) / 8;
69 }

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

◆ len_public_key_bytes()

size_t Botan::FrodoKEMConstants::len_public_key_bytes ( ) const
inline

Definition at line 65 of file frodo_constants.h.

65{ return (m_len_a + (m_d * m_n * m_n_bar)) / 8; }

Referenced by Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey().

◆ len_salt_bytes()

size_t Botan::FrodoKEMConstants::len_salt_bytes ( ) const
inline

Definition at line 59 of file frodo_constants.h.

59{ return m_len_salt / 8; }

◆ len_se_bytes()

size_t Botan::FrodoKEMConstants::len_se_bytes ( ) const
inline

Definition at line 55 of file frodo_constants.h.

55{ return m_len_se / 8; }

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

◆ len_sec_bytes()

size_t Botan::FrodoKEMConstants::len_sec_bytes ( ) const
inline

Definition at line 57 of file frodo_constants.h.

57{ return m_nist_strength / 8; }

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), and Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

◆ mode()

FrodoKEMMode Botan::FrodoKEMConstants::mode ( ) const
inline

Definition at line 37 of file frodo_constants.h.

37{ return m_mode; }

Referenced by Botan::create_aes_row_generator(), Botan::create_shake_row_generator(), and FrodoKEMConstants().

◆ n()

size_t Botan::FrodoKEMConstants::n ( ) const
inline

Definition at line 45 of file frodo_constants.h.

45{ return m_n; }

Referenced by Botan::create_aes_row_generator(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey(), Botan::FrodoMatrix::mul_add_as_plus_e(), Botan::FrodoMatrix::mul_add_sa_plus_e(), Botan::FrodoMatrix::mul_add_sb_plus_e(), and Botan::FrodoMatrix::mul_bs().

◆ n_bar()

size_t Botan::FrodoKEMConstants::n_bar ( ) const
inline

Definition at line 51 of file frodo_constants.h.

51{ return m_n_bar; }

Referenced by Botan::FrodoMatrix::add(), Botan::FrodoMatrix::decode(), Botan::FrodoMatrix::encode(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey(), Botan::FrodoMatrix::mul_add_as_plus_e(), Botan::FrodoMatrix::mul_add_sa_plus_e(), Botan::FrodoMatrix::mul_add_sb_plus_e(), Botan::FrodoMatrix::mul_bs(), and Botan::FrodoMatrix::sub().

◆ operator=() [1/2]

FrodoKEMConstants & Botan::FrodoKEMConstants::operator= ( const FrodoKEMConstants & other)
delete

◆ operator=() [2/2]

FrodoKEMConstants & Botan::FrodoKEMConstants::operator= ( FrodoKEMConstants && other)
default

◆ SHAKE_XOF()

XOF & Botan::FrodoKEMConstants::SHAKE_XOF ( ) const

Definition at line 99 of file frodo_constants.cpp.

99 {
100 m_shake_xof->clear();
101 return *m_shake_xof;
102}

References Botan::XOF::clear().

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

The documentation for this class was generated from the following files:
Generated by doxygen 1.12.0