Botan 3.9.0
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::FrodoKEMConstants Class Referencefinal

#include <frodo_constants.h>

Public Member Functions

size_t b () const
uint16_t cdf_table_at (size_t i) const
size_t cdf_table_len () const
size_t d () const
FrodoDomainSeparator encapsulation_domain_separator () const
size_t estimated_strength () const
 FrodoKEMConstants (const FrodoKEMConstants &other)
 FrodoKEMConstants (FrodoKEMConstants &&other)=default
 FrodoKEMConstants (FrodoKEMMode mode)
FrodoDomainSeparator keygen_domain_separator () const
size_t len_a_bytes () const
size_t len_ct_bytes () const
size_t len_packed_b_bytes () const
size_t len_packed_c_bytes () const
size_t len_private_key_bytes () const
size_t len_public_key_bytes () const
size_t len_salt_bytes () const
size_t len_se_bytes () const
size_t len_sec_bytes () const
FrodoKEMMode mode () const
size_t n () const
size_t n_bar () const
FrodoKEMConstantsoperator= (const FrodoKEMConstants &other)=delete
FrodoKEMConstantsoperator= (FrodoKEMConstants &&other)=default
XOFSHAKE_XOF () const
 ~FrodoKEMConstants ()

Detailed Description

Definition at line 25 of file frodo_constants.h.

Constructor & Destructor Documentation

◆ FrodoKEMConstants() [1/3]

Botan::FrodoKEMConstants::FrodoKEMConstants ( FrodoKEMMode mode)
explicit

Definition at line 18 of file frodo_constants.cpp.

18 : m_mode(mode), m_len_a(128), m_n_bar(8) {
19 if(!mode.is_available()) {
20 throw Not_Implemented("FrodoKEM mode " + mode.to_string() + " is not available");
21 }
22
23 if(mode.is_ephemeral()) {
24 m_len_salt = 0;
25 }
26
27 switch(mode.mode()) {
28 case FrodoKEMMode::FrodoKEM640_SHAKE:
29 case FrodoKEMMode::FrodoKEM640_AES:
30 case FrodoKEMMode::eFrodoKEM640_SHAKE:
31 case FrodoKEMMode::eFrodoKEM640_AES:
32 m_nist_strength = 128;
33 m_d = 15;
34 m_n = 640;
35 m_b = 2;
36 if(mode.is_static()) {
37 m_len_salt = 256;
38 m_len_se = 256;
39 } else if(mode.is_ephemeral()) {
40 m_len_se = 128;
41 } else {
42 BOTAN_ASSERT_UNREACHABLE();
43 }
44
45 m_cdf_table = {4643, 13363, 20579, 25843, 29227, 31145, 32103, 32525, 32689, 32745, 32762, 32766, 32767};
46
47 m_shake = "SHAKE-128";
48 break;
49
50 case FrodoKEMMode::FrodoKEM976_SHAKE:
51 case FrodoKEMMode::FrodoKEM976_AES:
52 case FrodoKEMMode::eFrodoKEM976_SHAKE:
53 case FrodoKEMMode::eFrodoKEM976_AES:
54 m_nist_strength = 192;
55 m_d = 16;
56 m_n = 976;
57 m_b = 3;
58 if(mode.is_static()) {
59 m_len_salt = 384;
60 m_len_se = 384;
61 } else if(mode.is_ephemeral()) {
62 m_len_se = 192;
63 } else {
64 BOTAN_ASSERT_UNREACHABLE();
65 }
66
67 m_cdf_table = {5638, 15915, 23689, 28571, 31116, 32217, 32613, 32731, 32760, 32766, 32767};
68
69 m_shake = "SHAKE-256";
70 break;
71
72 case FrodoKEMMode::FrodoKEM1344_SHAKE:
73 case FrodoKEMMode::FrodoKEM1344_AES:
74 case FrodoKEMMode::eFrodoKEM1344_SHAKE:
75 case FrodoKEMMode::eFrodoKEM1344_AES:
76 m_nist_strength = 256;
77 m_d = 16;
78 m_n = 1344;
79 m_b = 4;
80 if(mode.is_static()) {
81 m_len_salt = 512;
82 m_len_se = 512;
83 } else if(mode.is_ephemeral()) {
84 m_len_se = 256;
85 } else {
86 BOTAN_ASSERT_UNREACHABLE();
87 }
88
89 m_cdf_table = {9142, 23462, 30338, 32361, 32725, 32765, 32767};
90
91 m_shake = "SHAKE-256";
92 break;
93 }
94
95 m_shake_xof = XOF::create_or_throw(m_shake);
96}
BOTAN_ASSERT_UNREACHABLE
#define BOTAN_ASSERT_UNREACHABLE()
Definition assert.h:163
Botan::FrodoKEMConstants::mode
FrodoKEMMode mode() const
Definition frodo_constants.h:37
Botan::XOF::create_or_throw
static std::unique_ptr< XOF > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition xof.cpp:44

References Botan::FrodoKEMMode::eFrodoKEM1344_AES, Botan::FrodoKEMMode::eFrodoKEM1344_SHAKE, Botan::FrodoKEMMode::eFrodoKEM976_AES, Botan::FrodoKEMMode::eFrodoKEM976_SHAKE, Botan::FrodoKEMMode::FrodoKEM1344_AES, Botan::FrodoKEMMode::FrodoKEM1344_SHAKE, Botan::FrodoKEMMode::FrodoKEM976_AES, Botan::FrodoKEMMode::FrodoKEM976_SHAKE, and mode().

Referenced by FrodoKEMConstants(), FrodoKEMConstants(), operator=(), and operator=().

◆ ~FrodoKEMConstants()

Botan::FrodoKEMConstants::~FrodoKEMConstants ( )
default

◆ FrodoKEMConstants() [2/3]

Botan::FrodoKEMConstants::FrodoKEMConstants ( const FrodoKEMConstants & other)
inline

Definition at line 31 of file frodo_constants.h.

31: FrodoKEMConstants(other.m_mode) {}
Botan::FrodoKEMConstants::FrodoKEMConstants
FrodoKEMConstants(FrodoKEMMode mode)
Definition frodo_constants.cpp:18

References FrodoKEMConstants().

◆ FrodoKEMConstants() [3/3]

Botan::FrodoKEMConstants::FrodoKEMConstants ( FrodoKEMConstants && other)
default

References FrodoKEMConstants().

Member Function Documentation

◆ b()

size_t Botan::FrodoKEMConstants::b ( ) const
inline

Definition at line 47 of file frodo_constants.h.

47{ return m_b; } // extracted bits

Referenced by Botan::FrodoMatrix::decode(), and Botan::FrodoMatrix::encode().

◆ cdf_table_at()

uint16_t Botan::FrodoKEMConstants::cdf_table_at ( size_t i) const
inline

Definition at line 41 of file frodo_constants.h.

41{ return m_cdf_table.at(i); }

Referenced by Botan::FrodoMatrix::sample().

◆ cdf_table_len()

size_t Botan::FrodoKEMConstants::cdf_table_len ( ) const
inline

Definition at line 39 of file frodo_constants.h.

39{ return m_cdf_table.size(); }

Referenced by Botan::FrodoMatrix::sample().

◆ d()

size_t Botan::FrodoKEMConstants::d ( ) const
inline

Definition at line 49 of file frodo_constants.h.

49{ return m_d; } // D = logq

Referenced by Botan::FrodoMatrix::decode(), Botan::FrodoMatrix::encode(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey(), Botan::FrodoMatrix::pack(), Botan::FrodoMatrix::packed_size(), Botan::FrodoMatrix::reduce(), and Botan::FrodoMatrix::unpack().

◆ encapsulation_domain_separator()

FrodoDomainSeparator Botan::FrodoKEMConstants::encapsulation_domain_separator ( ) const
inline

Definition at line 75 of file frodo_constants.h.

75{ return FrodoDomainSeparator({0x96}); }
Botan::FrodoDomainSeparator
Strong< std::array< uint8_t, 1 >, struct FrodoDoaminSeparator_ > FrodoDomainSeparator
Definition frodo_types.h:47

◆ estimated_strength()

size_t Botan::FrodoKEMConstants::estimated_strength ( ) const
inline

Definition at line 43 of file frodo_constants.h.

43{ return m_nist_strength; }

◆ keygen_domain_separator()

FrodoDomainSeparator Botan::FrodoKEMConstants::keygen_domain_separator ( ) const
inline

Definition at line 77 of file frodo_constants.h.

77{ return FrodoDomainSeparator({0x5F}); }

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

◆ len_a_bytes()

size_t Botan::FrodoKEMConstants::len_a_bytes ( ) const
inline

Definition at line 53 of file frodo_constants.h.

53{ return m_len_a / 8; } // len of seed_a in bytes

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), and Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey().

◆ len_ct_bytes()

size_t Botan::FrodoKEMConstants::len_ct_bytes ( ) const
inline

Definition at line 61 of file frodo_constants.h.

61 {
62 return (m_d * m_n * m_n_bar + m_d * m_n_bar * m_n_bar + m_len_salt) / 8;
63 } // Ciphertext length in bytes

◆ len_packed_b_bytes()

size_t Botan::FrodoKEMConstants::len_packed_b_bytes ( ) const
inline

Definition at line 71 of file frodo_constants.h.

71{ return (m_d * m_n * m_n_bar) / 8; }

◆ len_packed_c_bytes()

size_t Botan::FrodoKEMConstants::len_packed_c_bytes ( ) const
inline

Definition at line 73 of file frodo_constants.h.

73{ return (m_d * m_n_bar * m_n_bar) / 8; }

◆ len_private_key_bytes()

size_t Botan::FrodoKEMConstants::len_private_key_bytes ( ) const
inline

Definition at line 67 of file frodo_constants.h.

67 {
68 return (m_nist_strength + m_len_a + (m_d * m_n * m_n_bar) + (m_n_bar * m_n * 16) + m_nist_strength) / 8;
69 }

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

◆ len_public_key_bytes()

size_t Botan::FrodoKEMConstants::len_public_key_bytes ( ) const
inline

Definition at line 65 of file frodo_constants.h.

65{ return (m_len_a + (m_d * m_n * m_n_bar)) / 8; }

Referenced by Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey().

◆ len_salt_bytes()

size_t Botan::FrodoKEMConstants::len_salt_bytes ( ) const
inline

Definition at line 59 of file frodo_constants.h.

59{ return m_len_salt / 8; }

◆ len_se_bytes()

size_t Botan::FrodoKEMConstants::len_se_bytes ( ) const
inline

Definition at line 55 of file frodo_constants.h.

55{ return m_len_se / 8; }

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

◆ len_sec_bytes()

size_t Botan::FrodoKEMConstants::len_sec_bytes ( ) const
inline

Definition at line 57 of file frodo_constants.h.

57{ return m_nist_strength / 8; }

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), and Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey().

◆ mode()

FrodoKEMMode Botan::FrodoKEMConstants::mode ( ) const
inline

Definition at line 37 of file frodo_constants.h.

37{ return m_mode; }

Referenced by Botan::create_aes_row_generator(), Botan::create_shake_row_generator(), and FrodoKEMConstants().

◆ n()

size_t Botan::FrodoKEMConstants::n ( ) const
inline

Definition at line 45 of file frodo_constants.h.

45{ return m_n; }

Referenced by Botan::create_aes_row_generator(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey(), Botan::FrodoMatrix::mul_add_as_plus_e(), Botan::FrodoMatrix::mul_add_sa_plus_e(), Botan::FrodoMatrix::mul_add_sb_plus_e(), and Botan::FrodoMatrix::mul_bs().

◆ n_bar()

size_t Botan::FrodoKEMConstants::n_bar ( ) const
inline

Definition at line 51 of file frodo_constants.h.

51{ return m_n_bar; }

Referenced by Botan::FrodoMatrix::add(), Botan::FrodoMatrix::decode(), Botan::FrodoMatrix::encode(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), Botan::FrodoKEM_PublicKey::FrodoKEM_PublicKey(), Botan::FrodoMatrix::mul_add_as_plus_e(), Botan::FrodoMatrix::mul_add_sa_plus_e(), Botan::FrodoMatrix::mul_add_sb_plus_e(), Botan::FrodoMatrix::mul_bs(), and Botan::FrodoMatrix::sub().

◆ operator=() [1/2]

FrodoKEMConstants & Botan::FrodoKEMConstants::operator= ( const FrodoKEMConstants & other)
delete

References FrodoKEMConstants().

◆ operator=() [2/2]

FrodoKEMConstants & Botan::FrodoKEMConstants::operator= ( FrodoKEMConstants && other)
default

References FrodoKEMConstants().

◆ SHAKE_XOF()

XOF & Botan::FrodoKEMConstants::SHAKE_XOF ( ) const

Definition at line 100 of file frodo_constants.cpp.

100 {
101 m_shake_xof->clear();
102 return *m_shake_xof;
103}

References SHAKE_XOF().

Referenced by Botan::FrodoKEM_PrivateKey::FrodoKEM_PrivateKey(), and SHAKE_XOF().

The documentation for this class was generated from the following files:
Generated by doxygen 1.14.0