Botan 3.5.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::PolynomialVector Class Reference

#include <kyber_structures.h>

Public Member Functions

void csubq ()
 
void invntt_tomont ()
 
void ntt ()
 
PolynomialVectoroperator+= (const PolynomialVector &other)
 
Polynomialoperator[] (size_t idx)
 
 PolynomialVector ()=delete
 
 PolynomialVector (const size_t k)
 
void reduce ()
 
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T to_bytes ()
 

Static Public Member Functions

static PolynomialVector from_bytes (std::span< const uint8_t > a, const KyberConstants &mode)
 
static PolynomialVector getnoise_eta1 (KyberSigmaOrEncryptionRandomness seed, uint8_t nonce, const KyberConstants &mode)
 
static PolynomialVector getnoise_eta2 (StrongSpan< const KyberEncryptionRandomness > seed, uint8_t nonce, const KyberConstants &mode)
 
static Polynomial pointwise_acc_montgomery (const PolynomialVector &a, const PolynomialVector &b)
 

Detailed Description

Definition at line 391 of file kyber_structures.h.

Constructor & Destructor Documentation

◆ PolynomialVector() [1/2]

Botan::PolynomialVector::PolynomialVector ( )
delete

◆ PolynomialVector() [2/2]

Botan::PolynomialVector::PolynomialVector ( const size_t k)
inlineexplicit

Definition at line 395 of file kyber_structures.h.

395: m_vec(k) {}

Member Function Documentation

◆ csubq()

void Botan::PolynomialVector::csubq ( )
inline

Applies conditional subtraction of q to each coefficient of each element of the vector of polynomials.

Definition at line 465 of file kyber_structures.h.

465 {
466 for(auto& p : m_vec) {
467 p.csubq();
468 }
469 }

◆ from_bytes()

static PolynomialVector Botan::PolynomialVector::from_bytes ( std::span< const uint8_t > a,
const KyberConstants & mode )
inlinestatic

Definition at line 398 of file kyber_structures.h.

398 {
399 BOTAN_ASSERT(a.size() == mode.polynomial_vector_byte_length(), "wrong byte length for frombytes");
400
401 PolynomialVector r(mode.k());
402
403 BufferSlicer bs(a);
404 for(size_t i = 0; i < mode.k(); ++i) {
405 r.m_vec[i] = Polynomial::from_bytes(bs.take(KyberConstants::kSerializedPolynomialByteLength));
406 }
407 BOTAN_ASSERT_NOMSG(bs.empty());
408
409 return r;
410 }
BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59
BOTAN_ASSERT
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:50
Botan::KyberConstants::kSerializedPolynomialByteLength
static constexpr size_t kSerializedPolynomialByteLength
Definition kyber_constants.h:51
Botan::Polynomial::from_bytes
static Polynomial from_bytes(std::span< const uint8_t > a)
Definition kyber_structures.h:184

References BOTAN_ASSERT, BOTAN_ASSERT_NOMSG, Botan::BufferSlicer::empty(), Botan::Polynomial::from_bytes(), Botan::KyberConstants::k(), Botan::KyberConstants::kSerializedPolynomialByteLength, Botan::KyberConstants::polynomial_vector_byte_length(), and Botan::BufferSlicer::take().

Referenced by Botan::Kyber_PrivateKey::Kyber_PrivateKey().

◆ getnoise_eta1()

static PolynomialVector Botan::PolynomialVector::getnoise_eta1 ( KyberSigmaOrEncryptionRandomness seed,
uint8_t nonce,
const KyberConstants & mode )
inlinestatic

Definition at line 438 of file kyber_structures.h.

440 {
441 PolynomialVector r(mode.k());
442 for(auto& p : r.m_vec) {
443 p = Polynomial::getnoise_eta1(seed, nonce++, mode);
444 }
445 return r;
446 }
Botan::Polynomial::getnoise_eta1
static Polynomial getnoise_eta1(KyberSigmaOrEncryptionRandomness seed, uint8_t nonce, const KyberConstants &mode)
Definition kyber_structures.h:173

References Botan::Polynomial::getnoise_eta1(), and Botan::KyberConstants::k().

Referenced by Botan::Kyber_PublicKeyInternal::indcpa_encrypt(), and Botan::Kyber_PrivateKey::Kyber_PrivateKey().

◆ getnoise_eta2()

static PolynomialVector Botan::PolynomialVector::getnoise_eta2 ( StrongSpan< const KyberEncryptionRandomness > seed,
uint8_t nonce,
const KyberConstants & mode )
inlinestatic

Definition at line 428 of file kyber_structures.h.

430 {
431 PolynomialVector r(mode.k());
432 for(auto& p : r.m_vec) {
433 p = Polynomial::getnoise_eta2(seed, nonce++, mode);
434 }
435 return r;
436 }
Botan::Polynomial::getnoise_eta2
static Polynomial getnoise_eta2(StrongSpan< const KyberEncryptionRandomness > seed, uint8_t nonce, const KyberConstants &mode)
Definition kyber_structures.h:159

References Botan::Polynomial::getnoise_eta2(), and Botan::KyberConstants::k().

Referenced by Botan::Kyber_PublicKeyInternal::indcpa_encrypt().

◆ invntt_tomont()

void Botan::PolynomialVector::invntt_tomont ( )
inline

Apply inverse NTT to all elements of a vector of polynomials and multiply by Montgomery factor 2^16.

Definition at line 494 of file kyber_structures.h.

494 {
495 for(auto& v : m_vec) {
496 v.invntt_tomont();
497 }
498 }

◆ ntt()

void Botan::PolynomialVector::ntt ( )
inline

Apply forward NTT to all elements of a vector of polynomials.

Definition at line 503 of file kyber_structures.h.

503 {
504 for(auto& v : m_vec) {
505 v.ntt();
506 }
507 }

◆ operator+=()

PolynomialVector & Botan::PolynomialVector::operator+= ( const PolynomialVector & other)
inline

Definition at line 471 of file kyber_structures.h.

471 {
472 BOTAN_ASSERT(m_vec.size() == other.m_vec.size(), "cannot add polynomial vectors of differing lengths");
473
474 for(size_t i = 0; i < m_vec.size(); ++i) {
475 m_vec[i] += other.m_vec[i];
476 }
477 return *this;
478 }

References BOTAN_ASSERT.

◆ operator[]()

Polynomial & Botan::PolynomialVector::operator[] ( size_t idx)
inline

Definition at line 480 of file kyber_structures.h.

480{ return m_vec[idx]; }

◆ pointwise_acc_montgomery()

static Polynomial Botan::PolynomialVector::pointwise_acc_montgomery ( const PolynomialVector & a,
const PolynomialVector & b )
inlinestatic

Pointwise multiply elements of a and b, accumulate into r, and multiply by 2^-16.

Definition at line 415 of file kyber_structures.h.

415 {
416 BOTAN_ASSERT(a.m_vec.size() == b.m_vec.size(),
417 "pointwise_acc_montgomery works on equally sized "
418 "PolynomialVectors only");
419
420 Polynomial r;
421 for(size_t i = 0; i < a.m_vec.size(); ++i) {
422 r += Polynomial::basemul_montgomery(a.m_vec[i], b.m_vec[i]);
423 }
424 r.reduce();
425 return r;
426 }
Botan::Polynomial::basemul_montgomery
static Polynomial basemul_montgomery(const Polynomial &a, const Polynomial &b)
Definition kyber_structures.h:252

References Botan::Polynomial::basemul_montgomery(), BOTAN_ASSERT, and Botan::Polynomial::reduce().

Referenced by Botan::Kyber_PrivateKeyInternal::indcpa_decrypt(), Botan::Kyber_PublicKeyInternal::indcpa_encrypt(), and Botan::PolynomialMatrix::pointwise_acc_montgomery().

◆ reduce()

void Botan::PolynomialVector::reduce ( )
inline

Applies Barrett reduction to each coefficient of each element of a vector of polynomials.

Definition at line 485 of file kyber_structures.h.

485 {
486 for(auto& v : m_vec) {
487 v.reduce();
488 }
489 }

◆ to_bytes()

template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T Botan::PolynomialVector::to_bytes ( )
inline

Definition at line 449 of file kyber_structures.h.

449 {
450 T r(m_vec.size() * KyberConstants::kSerializedPolynomialByteLength);
451
452 BufferStuffer bs(r);
453 for(auto& v : m_vec) {
454 v.to_bytes(bs.next(KyberConstants::kSerializedPolynomialByteLength));
455 }
456 BOTAN_ASSERT_NOMSG(bs.full());
457
458 return r;
459 }
T
FE_25519 T
Definition ge.cpp:34

References BOTAN_ASSERT_NOMSG, Botan::BufferStuffer::full(), Botan::KyberConstants::kSerializedPolynomialByteLength, Botan::BufferStuffer::next(), and T.

The documentation for this class was generated from the following file:
Generated by doxygen 1.11.0