Botan 3.8.1
Crypto and TLS for C&
Botan::Kyber_PrivateKeyInternal Class Reference

#include <kyber_keys.h>

Public Member Functions

void _const_time_poison () const
 
void _const_time_unpoison () const
 
KyberMessage indcpa_decrypt (StrongSpan< const KyberCompressedCiphertext > ct) const
 
 Kyber_PrivateKeyInternal ()=delete
 
 Kyber_PrivateKeyInternal (KyberConstants mode, KyberPolyVecNTT s, KyberPrivateKeySeed seed)
 
const KyberConstantsmode () const
 
KyberPolyVecNTTs ()
 
const KyberPolyVecNTTs () const
 
const KyberPrivateKeySeedseed () const
 
const KyberImplicitRejectionValuez () const
 

Detailed Description

Definition at line 81 of file kyber_keys.h.

Constructor & Destructor Documentation

◆ Kyber_PrivateKeyInternal() [1/2]

Botan::Kyber_PrivateKeyInternal::Kyber_PrivateKeyInternal ( KyberConstants mode,
KyberPolyVecNTT s,
KyberPrivateKeySeed seed )
inline

Definition at line 83 of file kyber_keys.h.

83 :
84 m_mode(std::move(mode)), m_s(std::move(s)), m_seed(std::move(seed)) {}
const KyberConstants & mode() const
Definition kyber_keys.h:96
const KyberPrivateKeySeed & seed() const
Definition kyber_keys.h:92

References mode(), s(), and seed().

◆ Kyber_PrivateKeyInternal() [2/2]

Botan::Kyber_PrivateKeyInternal::Kyber_PrivateKeyInternal ( )
delete

Member Function Documentation

◆ _const_time_poison()

void Botan::Kyber_PrivateKeyInternal::_const_time_poison ( ) const
inline

Definition at line 100 of file kyber_keys.h.

100{ CT::poison_all(m_s, m_seed.d, m_seed.z); }
constexpr void poison_all(Ts &&... ts)
Definition ct_utils.h:196

References Botan::CT::poison_all().

◆ _const_time_unpoison()

void Botan::Kyber_PrivateKeyInternal::_const_time_unpoison ( ) const
inline

Definition at line 102 of file kyber_keys.h.

102{ CT::unpoison_all(m_s, m_seed.d, m_seed.z); }
constexpr void unpoison_all(Ts &&... ts)
Definition ct_utils.h:202

References Botan::CT::unpoison_all().

◆ indcpa_decrypt()

KyberMessage Botan::Kyber_PrivateKeyInternal::indcpa_decrypt ( StrongSpan< const KyberCompressedCiphertext > ct) const

NIST FIPS 203, Algorithm 15 (K-PKE.Decrypt)

s^T is already decoded and available as a member variable. This allows to reuse the structure for multiple decryptions.

Definition at line 158 of file kyber_keys.cpp.

158 {
159 auto [u, v] = Kyber_Algos::decompress_ciphertext(ct, m_mode);
160 v -= inverse_ntt(m_s * ntt(std::move(u)));
161 v.reduce();
163}
Polynomial< Trait, Domain::NTT > ntt(Polynomial< Trait, Domain::Normal > p)
Definition pqcrystals.h:557
Polynomial< Trait, Domain::Normal > inverse_ntt(Polynomial< Trait, Domain::NTT > p_ntt)
Definition pqcrystals.h:564
KyberMessage polynomial_to_message(const KyberPoly &p)
std::pair< KyberPolyVec, KyberPoly > decompress_ciphertext(StrongSpan< const KyberCompressedCiphertext > ct, const KyberConstants &mode)

References Botan::Kyber_Algos::decompress_ciphertext(), and Botan::Kyber_Algos::polynomial_to_message().

◆ mode()

const KyberConstants & Botan::Kyber_PrivateKeyInternal::mode ( ) const
inline

Definition at line 96 of file kyber_keys.h.

96{ return m_mode; }

Referenced by Kyber_PrivateKeyInternal().

◆ s() [1/2]

KyberPolyVecNTT & Botan::Kyber_PrivateKeyInternal::s ( )
inline

Definition at line 88 of file kyber_keys.h.

88{ return m_s; }

Referenced by Kyber_PrivateKeyInternal().

◆ s() [2/2]

const KyberPolyVecNTT & Botan::Kyber_PrivateKeyInternal::s ( ) const
inline

Definition at line 90 of file kyber_keys.h.

90{ return m_s; }

◆ seed()

const KyberPrivateKeySeed & Botan::Kyber_PrivateKeyInternal::seed ( ) const
inline

Definition at line 92 of file kyber_keys.h.

92{ return m_seed; }

Referenced by Kyber_PrivateKeyInternal().

◆ z()

const KyberImplicitRejectionValue & Botan::Kyber_PrivateKeyInternal::z ( ) const
inline

Definition at line 94 of file kyber_keys.h.

94{ return m_seed.z; }

The documentation for this class was generated from the following files: