Botan 3.9.0
Crypto and TLS for C&
Botan::KEM_Encryption_with_Combiner Class Referenceabstract

Abstract interface for a KEM encryption operation for KEM combiners. More...

#include <hybrid_kem_ops.h>

Inheritance diagram for Botan::KEM_Encryption_with_Combiner:
Botan::PK_Ops::KEM_Encryption

Public Member Functions

size_t encapsulated_key_length () const override
 The default implementation returns the sum of the encapsulated key lengths of the underlying KEMs.
void kem_encrypt (std::span< uint8_t > out_encapsulated_key, std::span< uint8_t > out_shared_key, RandomNumberGenerator &rng, size_t desired_shared_key_len, std::span< const uint8_t > salt) final
 KEM_Encryption_with_Combiner (const std::vector< std::unique_ptr< Public_Key > > &public_keys, std::string_view provider)
virtual size_t shared_key_length (size_t desired_shared_key_len) const =0

Protected Member Functions

virtual void combine_ciphertexts (std::span< uint8_t > out_ciphertext, const std::vector< std::vector< uint8_t > > &ciphertexts, std::span< const uint8_t > salt)
 Defines how multiple ciphertexts are combined into a single ciphertext.
virtual void combine_shared_secrets (std::span< uint8_t > out_shared_secret, const std::vector< secure_vector< uint8_t > > &shared_secrets, const std::vector< std::vector< uint8_t > > &ciphertexts, size_t desired_shared_key_len, std::span< const uint8_t > salt)=0
 Describes how the shared secrets are combined to derive the final shared secret.
std::vector< PK_KEM_Encryptor > & encryptors ()
const std::vector< PK_KEM_Encryptor > & encryptors () const

Detailed Description

Abstract interface for a KEM encryption operation for KEM combiners.

Multiple public keys are used to encapsulate shared secrets. These shared secrets (and maybe the ciphertexts and public keys) are combined using the KEM combiner to derive the final shared secret.

Definition at line 31 of file hybrid_kem_ops.h.

Constructor & Destructor Documentation

◆ KEM_Encryption_with_Combiner()

Botan::KEM_Encryption_with_Combiner::KEM_Encryption_with_Combiner ( const std::vector< std::unique_ptr< Public_Key > > & public_keys,
std::string_view provider )

Definition at line 15 of file hybrid_kem_ops.cpp.

16 :
17 m_encapsulated_key_length(0) {
18 m_encryptors.reserve(public_keys.size());
19 for(const auto& pk : public_keys) {
20 const auto& newenc = m_encryptors.emplace_back(*pk, "Raw", provider);
21 m_encapsulated_key_length += newenc.encapsulated_key_length();
22 }
23}

Member Function Documentation

◆ combine_ciphertexts()

void Botan::KEM_Encryption_with_Combiner::combine_ciphertexts ( std::span< uint8_t > out_ciphertext,
const std::vector< std::vector< uint8_t > > & ciphertexts,
std::span< const uint8_t > salt )
protectedvirtual

Defines how multiple ciphertexts are combined into a single ciphertext.

The default implementation concatenates the ciphertexts.

Parameters
out_ciphertextThe output buffer for the combined ciphertext
ciphertextsThe ciphertexts to combine
saltThe salt. In this default implementation the salt must be empty.

Definition at line 50 of file hybrid_kem_ops.cpp.

52 {
53 BOTAN_ARG_CHECK(salt.empty(), "Salt not supported by this KEM");
54 BOTAN_ARG_CHECK(ciphertexts.size() == m_encryptors.size(), "Invalid number of ciphertexts");
55 BOTAN_ARG_CHECK(out_ciphertext.size() == encapsulated_key_length(), "Invalid output buffer size");
56 BufferStuffer ct_stuffer(out_ciphertext);
57 for(size_t idx = 0; idx < ciphertexts.size(); idx++) {
58 BOTAN_ARG_CHECK(ciphertexts.at(idx).size() == m_encryptors.at(idx).encapsulated_key_length(),
59 "Invalid ciphertext length");
60 ct_stuffer.append(ciphertexts.at(idx));
61 }
62 BOTAN_ASSERT_NOMSG(ct_stuffer.full());
63}
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:75
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:33
size_t encapsulated_key_length() const override
The default implementation returns the sum of the encapsulated key lengths of the underlying KEMs.

References Botan::BufferStuffer::append(), BOTAN_ARG_CHECK, BOTAN_ASSERT_NOMSG, encapsulated_key_length(), and Botan::BufferStuffer::full().

Referenced by kem_encrypt().

◆ combine_shared_secrets()

virtual void Botan::KEM_Encryption_with_Combiner::combine_shared_secrets ( std::span< uint8_t > out_shared_secret,
const std::vector< secure_vector< uint8_t > > & shared_secrets,
const std::vector< std::vector< uint8_t > > & ciphertexts,
size_t desired_shared_key_len,
std::span< const uint8_t > salt )
protectedpure virtual

Describes how the shared secrets are combined to derive the final shared secret.

Parameters
out_shared_secretthe output buffer for the shared secret
shared_secretsa list of shared secrets coreesponding to the public keys
ciphertextsa list of encapsulated shared secrets
desired_shared_key_lenthe desired shared key length
saltthe salt (input of kem_encrypt)

Referenced by kem_encrypt().

◆ encapsulated_key_length()

size_t Botan::KEM_Encryption_with_Combiner::encapsulated_key_length ( ) const
inlineoverridevirtual

The default implementation returns the sum of the encapsulated key lengths of the underlying KEMs.

Implements Botan::PK_Ops::KEM_Encryption.

Definition at line 43 of file hybrid_kem_ops.h.

43{ return m_encapsulated_key_length; }

Referenced by combine_ciphertexts(), and kem_encrypt().

◆ encryptors() [1/2]

std::vector< PK_KEM_Encryptor > & Botan::KEM_Encryption_with_Combiner::encryptors ( )
inlineprotected

Definition at line 74 of file hybrid_kem_ops.h.

74{ return m_encryptors; }

◆ encryptors() [2/2]

const std::vector< PK_KEM_Encryptor > & Botan::KEM_Encryption_with_Combiner::encryptors ( ) const
inlineprotected

Definition at line 76 of file hybrid_kem_ops.h.

76{ return m_encryptors; }

◆ kem_encrypt()

void Botan::KEM_Encryption_with_Combiner::kem_encrypt ( std::span< uint8_t > out_encapsulated_key,
std::span< uint8_t > out_shared_key,
RandomNumberGenerator & rng,
size_t desired_shared_key_len,
std::span< const uint8_t > salt )
finalvirtual

Implements Botan::PK_Ops::KEM_Encryption.

Definition at line 25 of file hybrid_kem_ops.cpp.

29 {
30 BOTAN_ARG_CHECK(out_encapsulated_key.size() == encapsulated_key_length(),
31 "Encapsulated key output buffer has wrong size");
32 BOTAN_ARG_CHECK(out_shared_key.size() == shared_key_length(desired_shared_key_len),
33 "Shared key output buffer has wrong size");
34
35 std::vector<secure_vector<uint8_t>> shared_secrets;
36 shared_secrets.reserve(m_encryptors.size());
37
38 std::vector<std::vector<uint8_t>> ciphertexts;
39 ciphertexts.reserve(m_encryptors.size());
40
41 for(auto& encryptor : m_encryptors) {
42 auto [ct, ss] = KEM_Encapsulation::destructure(encryptor.encrypt(rng, 0 /* no KDF */));
43 shared_secrets.push_back(std::move(ss));
44 ciphertexts.push_back(std::move(ct));
45 }
46 combine_ciphertexts(out_encapsulated_key, ciphertexts, salt);
47 combine_shared_secrets(out_shared_key, shared_secrets, ciphertexts, desired_shared_key_len, salt);
48}
static std::pair< std::vector< uint8_t >, secure_vector< uint8_t > > destructure(KEM_Encapsulation &&kem)
Definition pubkey.h:579
virtual void combine_ciphertexts(std::span< uint8_t > out_ciphertext, const std::vector< std::vector< uint8_t > > &ciphertexts, std::span< const uint8_t > salt)
Defines how multiple ciphertexts are combined into a single ciphertext.
virtual void combine_shared_secrets(std::span< uint8_t > out_shared_secret, const std::vector< secure_vector< uint8_t > > &shared_secrets, const std::vector< std::vector< uint8_t > > &ciphertexts, size_t desired_shared_key_len, std::span< const uint8_t > salt)=0
Describes how the shared secrets are combined to derive the final shared secret.
virtual size_t shared_key_length(size_t desired_shared_key_len) const =0

References BOTAN_ARG_CHECK, combine_ciphertexts(), combine_shared_secrets(), Botan::KEM_Encapsulation::destructure(), encapsulated_key_length(), and Botan::PK_Ops::KEM_Encryption::shared_key_length().

◆ shared_key_length()

virtual size_t Botan::PK_Ops::KEM_Encryption::shared_key_length ( size_t desired_shared_key_len) const
pure virtualinherited

The documentation for this class was generated from the following files: