Botan::ML_KEM_Symmetric_Primitives Class Reference

#include <ml_kem_impl.h>

Inheritance diagram for Botan::ML_KEM_Symmetric_Primitives:

Public Member Functions
std::pair< KyberSharedSecret, KyberEncryptionRandomness >	G (StrongSpan< const KyberMessage > msg, StrongSpan< const KyberHashedPublicKey > pubkey_hash) const
std::pair< KyberSeedRho, KyberSeedSigma >	G (StrongSpan< const KyberSeedRandomness > seed, const KyberConstants &mode) const
KyberHashedCiphertext	H (StrongSpan< const KyberCompressedCiphertext > r) const
KyberMessage	H (StrongSpan< const KyberMessage > m) const
KyberHashedPublicKey	H (StrongSpan< const KyberSerializedPublicKey > pk) const
KyberSharedSecret	J (StrongSpan< const KyberImplicitRejectionValue > rejection_value, StrongSpan< const KyberCompressedCiphertext > ciphertext) const
void	KDF (StrongSpan< KyberSharedSecret > out, StrongSpan< const KyberSharedSecret > shared_secret, StrongSpan< const KyberHashedCiphertext > hashed_ciphertext) const
KyberSamplingRandomness	PRF (KyberSigmaOrEncryptionRandomness seed, const uint8_t nonce, const size_t outlen) const
void	setup_PRF (std::unique_ptr< Botan::XOF > &xof, std::span< const uint8_t > seed, uint8_t nonce) const
	Setup a seeded PRF XOF for polynomial sampling.
void	setup_XOF (std::unique_ptr< Botan::XOF > &xof, StrongSpan< const KyberSeedRho > seed, std::tuple< uint8_t, uint8_t > matrix_position) const
	Setup an XOF object for matrix sampling.

Protected Member Functions
std::unique_ptr< HashFunction >	create_G () const override
std::unique_ptr< HashFunction >	create_H () const override
std::unique_ptr< HashFunction >	create_J () const override
std::unique_ptr< HashFunction >	create_KDF () const override
std::unique_ptr< Botan::XOF >	create_PRF (std::span< const uint8_t > seed, const uint8_t nonce) const override
std::unique_ptr< Botan::XOF >	create_XOF (std::span< const uint8_t > seed, std::tuple< uint8_t, uint8_t > matrix_position) const override
void	init_PRF (Botan::XOF &xof, std::span< const uint8_t > seed, const uint8_t nonce) const override
void	init_XOF (Botan::XOF &xof, std::span< const uint8_t > seed, std::tuple< uint8_t, uint8_t > matrix_position) const override
std::optional< std::array< uint8_t, 1 > >	seed_expansion_domain_separator (const KyberConstants &mode) const override

Detailed Description

Definition at line 57 of file ml_kem_impl.h.

Member Function Documentation

create_G()

std::unique_ptr< HashFunction > Botan::ML_KEM_Symmetric_Primitives::create_G ( ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 67 of file ml_kem_impl.h.

{ return HashFunction::create_or_throw("SHA-3(512)"); }

References Botan::HashFunction::create_or_throw().

create_H()

std::unique_ptr< HashFunction > Botan::ML_KEM_Symmetric_Primitives::create_H ( ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 69 of file ml_kem_impl.h.

{ return HashFunction::create_or_throw("SHA-3(256)"); }

References Botan::HashFunction::create_or_throw().

create_J()

std::unique_ptr< HashFunction > Botan::ML_KEM_Symmetric_Primitives::create_J ( ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 71 of file ml_kem_impl.h.

                                                            {
         return HashFunction::create_or_throw("SHAKE-256(256)");
      }

References Botan::HashFunction::create_or_throw().

create_KDF()

std::unique_ptr< HashFunction > Botan::ML_KEM_Symmetric_Primitives::create_KDF ( ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 75 of file ml_kem_impl.h.

                                                              {
         throw Invalid_State("ML-KEM does not support KDF()");
      }

create_PRF()

std::unique_ptr< Botan::XOF > Botan::ML_KEM_Symmetric_Primitives::create_PRF ( std::span< const uint8_t > seed, const uint8_t nonce ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 79 of file ml_kem_impl.h.

                                                                                                          {
         auto xof = Botan::XOF::create_or_throw("SHAKE-256");
         init_PRF(*xof, seed, nonce);
         return xof;
      }

References Botan::XOF::create_or_throw(), and init_PRF().

create_XOF()

std::unique_ptr< Botan::XOF > Botan::ML_KEM_Symmetric_Primitives::create_XOF ( std::span< const uint8_t > seed, std::tuple< uint8_t, uint8_t > matrix_position ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 91 of file ml_kem_impl.h.

                                                                                                        {
         auto xof = Botan::XOF::create_or_throw("SHAKE-128");
         init_XOF(*xof, seed, matrix_position);
         return xof;
      }

References Botan::XOF::create_or_throw(), and init_XOF().

G() [1/2]

std::pair< KyberSharedSecret, KyberEncryptionRandomness > Botan::Kyber_Symmetric_Primitives::G ( StrongSpan< const KyberMessage > msg, StrongSpan< const KyberHashedPublicKey > pubkey_hash ) const

inlineinherited

Definition at line 53 of file kyber_symmetric_primitives.h.

                                                                                                       {
         return G_split<KyberSharedSecret, KyberEncryptionRandomness>(msg, pubkey_hash);
      }

G() [2/2]

std::pair< KyberSeedRho, KyberSeedSigma > Botan::Kyber_Symmetric_Primitives::G ( StrongSpan< const KyberSeedRandomness > seed, const KyberConstants & mode ) const

inlineinherited

Definition at line 44 of file kyber_symmetric_primitives.h.

                                                                                  {
         if(auto domsep = seed_expansion_domain_separator(mode)) {
            return G_split<KyberSeedRho, KyberSeedSigma>(seed, *domsep);
         } else {
            return G_split<KyberSeedRho, KyberSeedSigma>(seed);
         }
      }

References seed_expansion_domain_separator().

Referenced by Botan::Kyber_KEM_Decryptor::decapsulate(), Botan::ML_KEM_Decryptor::decapsulate(), and Botan::Kyber_Algos::expand_keypair().

H() [1/3]

KyberHashedCiphertext Botan::Kyber_Symmetric_Primitives::H ( StrongSpan< const KyberCompressedCiphertext > r ) const

inlineinherited

Definition at line 36 of file kyber_symmetric_primitives.h.

                                                                                   {
         return create_H()->process<KyberHashedCiphertext>(r);
      }

References create_H().

H() [2/3]

KyberMessage Botan::Kyber_Symmetric_Primitives::H ( StrongSpan< const KyberMessage > m ) const

inlineinherited

Definition at line 33 of file kyber_symmetric_primitives.h.

{ return create_H()->process<KyberMessage>(m); }

References create_H().

H() [3/3]

KyberHashedPublicKey Botan::Kyber_Symmetric_Primitives::H ( StrongSpan< const KyberSerializedPublicKey > pk ) const

inlineinherited

Definition at line 40 of file kyber_symmetric_primitives.h.

                                                                                  {
         return create_H()->process<KyberHashedPublicKey>(pk);
      }

References create_H().

init_PRF()

void Botan::ML_KEM_Symmetric_Primitives::init_PRF ( Botan::XOF & xof, std::span< const uint8_t > seed, const uint8_t nonce ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 85 of file ml_kem_impl.h.

                                                                                                    {
         xof.clear();
         xof.update(seed);
         xof.update(store_be(nonce));
      }

References Botan::XOF::clear(), Botan::store_be(), and Botan::XOF::update().

Referenced by create_PRF().

init_XOF()

void Botan::ML_KEM_Symmetric_Primitives::init_XOF ( Botan::XOF & xof, std::span< const uint8_t > seed, std::tuple< uint8_t, uint8_t > matrix_position ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 98 of file ml_kem_impl.h.

                                                                               {
         xof.clear();
         xof.update(seed);
         xof.update(store_be(make_uint16(std::get<0>(matrix_position), std::get<1>(matrix_position))));
      }

References Botan::XOF::clear(), Botan::make_uint16(), Botan::store_be(), and Botan::XOF::update().

Referenced by create_XOF().

J()

KyberSharedSecret Botan::Kyber_Symmetric_Primitives::J ( StrongSpan< const KyberImplicitRejectionValue > rejection_value, StrongSpan< const KyberCompressedCiphertext > ciphertext ) const

inlineinherited

Definition at line 58 of file kyber_symmetric_primitives.h.

                                                                                        {
         auto j = create_J();
         j->update(rejection_value);
         j->update(ciphertext);
         return j->final<KyberSharedSecret>();
      }

References create_J().

KDF()

void Botan::Kyber_Symmetric_Primitives::KDF ( StrongSpan< KyberSharedSecret > out, StrongSpan< const KyberSharedSecret > shared_secret, StrongSpan< const KyberHashedCiphertext > hashed_ciphertext ) const

inlineinherited

Definition at line 67 of file kyber_symmetric_primitives.h.

                                                                                {
         auto kdf = create_KDF();
         kdf->update(shared_secret);
         kdf->update(hashed_ciphertext);
         kdf->final(out);
      }

References create_KDF().

PRF()

KyberSamplingRandomness Botan::Kyber_Symmetric_Primitives::PRF ( KyberSigmaOrEncryptionRandomness seed, const uint8_t nonce, const size_t outlen ) const

inlineinherited

Definition at line 76 of file kyber_symmetric_primitives.h.

                                                             {
         auto bare_seed_span = std::visit([&](const auto s) { return s.get(); }, seed);
         return create_PRF(bare_seed_span, nonce)->output<KyberSamplingRandomness>(outlen);
      }

References create_PRF().

seed_expansion_domain_separator()

std::optional< std::array< uint8_t, 1 > > Botan::ML_KEM_Symmetric_Primitives::seed_expansion_domain_separator ( const KyberConstants & mode ) const

inlineoverrideprotectedvirtual

Implements Botan::Kyber_Symmetric_Primitives.

Definition at line 59 of file ml_kem_impl.h.

                                                                                                                   {
         // NIST FIPS 203, Algorithm 13 (K-PKE.KeyGen)
         //    Byte 33 of the input to G is the module dimension k from {2,3,4}.
         //    This is included to establish domain separation between the three
         //    parameter sets
         return std::array{mode.k()};
      }

References Botan::KyberConstants::k().

setup_PRF()

void Botan::Kyber_Symmetric_Primitives::setup_PRF ( std::unique_ptr< Botan::XOF > & xof, std::span< const uint8_t > seed, uint8_t nonce ) const

inlineinherited

Setup a seeded PRF XOF for polynomial sampling.

Definition at line 95 of file kyber_symmetric_primitives.h.

                                                                                                     {
         if(!xof) {
            xof = create_PRF(seed, nonce);
         } else {
            init_PRF(*xof, seed, nonce);
         }
      }

References create_PRF(), and init_PRF().

setup_XOF()

void Botan::Kyber_Symmetric_Primitives::setup_XOF ( std::unique_ptr< Botan::XOF > & xof, StrongSpan< const KyberSeedRho > seed, std::tuple< uint8_t, uint8_t > matrix_position ) const

inlineinherited

Setup an XOF object for matrix sampling.

Definition at line 84 of file kyber_symmetric_primitives.h.

                                                                       {
         if(!xof) {
            xof = create_XOF(seed, matrix_position);
         } else {
            init_XOF(*xof, seed, matrix_position);
         }
      }

References create_XOF(), and init_XOF().

---

The documentation for this class was generated from the following file:

• src/lib/pubkey/kyber/ml_kem/ml_kem_impl.h