doxygen/cmce__keys__internal_8h_source.html

/*

 * Classic McEliece key generation with Internal Private and Public Key classes

 * (C) 2023 Jack Lloyd

 *     2023,2024 Fabian Albert, Amos Treiber - Rohde & Schwarz Cybersecurity

 *

 * Botan is released under the Simplified BSD License (see license.txt)

 **/


#ifndef BOTAN_CMCE_KEYS_INTERNAL_H_

#define BOTAN_CMCE_KEYS_INTERNAL_H_


#include <botan/internal/cmce_field_ordering.h>

#include <botan/internal/cmce_matrix.h>

#include <botan/internal/cmce_parameters.h>

#include <botan/internal/cmce_poly.h>

#include <botan/internal/cmce_types.h>


namespace Botan {


class Classic_McEliece_PrivateKeyInternal;


/**

 * @brief Representation of a Classic McEliece public key.

 *

 * This class represents a Classic McEliece public key. It is used internally by the Classic McEliece

 * public key class and contains the following data:

 * - The Classic McEliece parameters

 * - The public key matrix

 */


class BOTAN_TEST_API Classic_McEliece_PublicKeyInternal {

   public:

      /**

       * @brief Construct a Classic McEliece public key.

       *

       * @param params The Classic McEliece parameters

       * @param matrix The public key matrix

       */


      Classic_McEliece_PublicKeyInternal(const Classic_McEliece_Parameters& params, Classic_McEliece_Matrix matrix) :

            m_params(params), m_matrix(std::move(matrix)) {

         BOTAN_ASSERT_NOMSG(m_matrix.bytes().size() == m_params.pk_size_bytes());

      }

      Classic_McEliece_PublicKeyInternal(const Classic_McEliece_Parameters& params, Classic_McEliece_Matrix matrix) : {…}


      /**

       * @brief Create a Classic McEliece public key from a private key.

       *

       * Create the matrix from the private key values. Expects that the private key is valid, i.e.

       * the matrix creation works.

       *

       * @param sk The private key

       * @return The public key as a shared pointer

       */

      static std::shared_ptr<Classic_McEliece_PublicKeyInternal> create_from_private_key(

         const Classic_McEliece_PrivateKeyInternal& sk);


      /**

       * @brief Serializes the Classic McEliece public key as defined in Classic McEliece ISO Section 9.2.7.

       */

      std::vector<uint8_t> serialize() const { return m_matrix.bytes(); }


      /**

       * @brief The Classic McEliece matrix.

       */

      const Classic_McEliece_Matrix& matrix() const { return m_matrix; }


      /**

       * @brief The Classic McEliece parameters.

       */

      const Classic_McEliece_Parameters& params() const { return m_params; }


      constexpr void _const_time_unpoison() const { CT::unpoison(m_matrix); }


   private:

      Classic_McEliece_Parameters m_params;

      Classic_McEliece_Matrix m_matrix;

};

class BOTAN_TEST_API Classic_McEliece_PublicKeyInternal {…};


/**

 * @brief Representation of a Classic McEliece private key.

 *

 * This class represents a Classic McEliece private key. It is used internally by the Classic McEliece

 * private key class and contains the following data (see Classic McEliece ISO Section 9.2.12):

 * - The Classic McEliece parameters

 * - The seed delta

 * - The column selection pivot vector c

 * - The minimal polynomial g

 * - The field ordering alpha

 * - The seed s for implicit rejection

 */


class BOTAN_TEST_API Classic_McEliece_PrivateKeyInternal {

   public:

      /**

       * @brief Construct a Classic McEliece private key.

       *

       * @param params The Classic McEliece parameters

       * @param delta The seed delta

       * @param c The column selection pivot vector c

       * @param g The minimal polynomial g

       * @param alpha The field ordering alpha

       * @param s The seed s for implicit rejection

       */


      Classic_McEliece_PrivateKeyInternal(const Classic_McEliece_Parameters& params,

                                          CmceKeyGenSeed delta,

                                          CmceColumnSelection c,

                                          Classic_McEliece_Minimal_Polynomial g,

                                          Classic_McEliece_Field_Ordering alpha,

                                          CmceRejectionSeed s) :

            m_params(params),

            m_delta(std::move(delta)),

            m_c(std::move(c)),

            m_g(std::move(g)),

            m_field_ordering(std::move(alpha)),

            m_s(std::move(s)) {}

      Classic_McEliece_PrivateKeyInternal(const Classic_McEliece_Parameters& params, {…}


      /**

       * @brief Parses a Classic McEliece private key from a byte sequence.

       *

       * It also creates the field ordering from the control bits in @p sk_bytes.

       *

       * @param params The Classic McEliece parameters

       * @param sk_bytes The secret key byte sequence

       * @return the Classic McEliece private key

       */

      static Classic_McEliece_PrivateKeyInternal from_bytes(const Classic_McEliece_Parameters& params,

                                                            std::span<const uint8_t> sk_bytes);


      /**

       * @brief Serializes the Classic McEliece private key as defined in Classic McEliece ISO Section 9.2.12.

       *

       * @return the serialized Classic McEliece private key

       */

      secure_vector<uint8_t> serialize() const;


      /**

       * @brief The seed delta that was used to create the private key.

       */

      const CmceKeyGenSeed& delta() const { return m_delta; }


      /**

       * @brief The column selection pivot vector c as defined in Classic McEliece ISO Section 9.2.11.

       */

      const CmceColumnSelection& c() const { return m_c; }


      /**

       * @brief The minimal polynomial g.

       */

      const Classic_McEliece_Minimal_Polynomial& g() const { return m_g; }


      /**

       * @brief The field ordering alpha.

       */

      const Classic_McEliece_Field_Ordering& field_ordering() const { return m_field_ordering; }


      /**

       * @brief The seed s for implicit rejection on decryption failure.

       */

      const CmceRejectionSeed& s() const { return m_s; }


      /**

       * @brief The Classic McEliece parameters.

       */

      const Classic_McEliece_Parameters& params() const { return m_params; }


      /**

       * @brief Checks the private key for consistency with the first component delta, i.e.,

       * recomputes s as a hash of delta and checks equivalence with sk.s, checks the weight of c,

       * and checks the control bits. It also recomputes beta based on delta and recomputes g based on beta,

       * checking that g is equal to the value sk.s

       *

       * See NIST Impl. guide 6.3 Double-Checks on Private Keys.

       */

      bool check_key() const;


      constexpr void _const_time_poison() const { CT::poison_all(m_delta, m_c, m_g, m_field_ordering, m_s); }


      constexpr void _const_time_unpoison() const { CT::unpoison_all(m_delta, m_c, m_g, m_field_ordering, m_s); }


   private:

      Classic_McEliece_Parameters m_params;

      CmceKeyGenSeed m_delta;

      CmceColumnSelection m_c;

      Classic_McEliece_Minimal_Polynomial m_g;

      Classic_McEliece_Field_Ordering m_field_ordering;

      CmceRejectionSeed m_s;

};

class BOTAN_TEST_API Classic_McEliece_PrivateKeyInternal {…};


/**

 * @brief Representation of a Classic McEliece key pair.

 */


struct BOTAN_TEST_API Classic_McEliece_KeyPair_Internal {

      std::shared_ptr<Classic_McEliece_PrivateKeyInternal> private_key;

      std::shared_ptr<Classic_McEliece_PublicKeyInternal> public_key;


      /**

       * @brief Generate a Classic McEliece key pair using the algorithm described

       * in Classic McEliece ISO Section 8.3

       */

      static Classic_McEliece_KeyPair_Internal generate(const Classic_McEliece_Parameters& params,

                                                        StrongSpan<const CmceInitialSeed> seed);


      /**

       * @brief Decompose the key pair into a pair of shared pointers to the private and public key.

       */

      std::pair<std::shared_ptr<Classic_McEliece_PrivateKeyInternal>,

                std::shared_ptr<Classic_McEliece_PublicKeyInternal>>


      decompose_to_pair() && {

         return {std::move(private_key), std::move(public_key)};

      }

      decompose_to_pair() && {…}

};

struct BOTAN_TEST_API Classic_McEliece_KeyPair_Internal {…};


}  // namespace Botan


#endif  // BOTAN_CMCE_KEYS_INTERNAL_H_

BOTAN_TEST_API
#define BOTAN_TEST_API
Definition api.h:39

BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59

Botan::Classic_McEliece_Field_Ordering
Represents a field ordering for the Classic McEliece cryptosystem.
Definition cmce_field_ordering.h:25

Botan::Classic_McEliece_Matrix
Representation of the binary Classic McEliece matrix H, with H = (I_mt | T).
Definition cmce_matrix.h:26

Botan::Classic_McEliece_Minimal_Polynomial
Representation of a minimal polynomial in GF(q)[y].
Definition cmce_poly.h:81

Botan::Classic_McEliece_Parameters
Definition cmce_parameters.h:29

Botan::Classic_McEliece_PrivateKeyInternal
Representation of a Classic McEliece private key.
Definition cmce_keys_internal.h:89

Botan::Classic_McEliece_PrivateKeyInternal::s
const CmceRejectionSeed & s() const
The seed s for implicit rejection on decryption failure.
Definition cmce_keys_internal.h:156

Botan::Classic_McEliece_PrivateKeyInternal::field_ordering
const Classic_McEliece_Field_Ordering & field_ordering() const
The field ordering alpha.
Definition cmce_keys_internal.h:151

Botan::Classic_McEliece_PrivateKeyInternal::delta
const CmceKeyGenSeed & delta() const
The seed delta that was used to create the private key.
Definition cmce_keys_internal.h:136

Botan::Classic_McEliece_PrivateKeyInternal::_const_time_unpoison
constexpr void _const_time_unpoison() const
Definition cmce_keys_internal.h:175

Botan::Classic_McEliece_PrivateKeyInternal::params
const Classic_McEliece_Parameters & params() const
The Classic McEliece parameters.
Definition cmce_keys_internal.h:161

Botan::Classic_McEliece_PrivateKeyInternal::_const_time_poison
constexpr void _const_time_poison() const
Definition cmce_keys_internal.h:173

Botan::Classic_McEliece_PrivateKeyInternal::Classic_McEliece_PrivateKeyInternal
Classic_McEliece_PrivateKeyInternal(const Classic_McEliece_Parameters &params, CmceKeyGenSeed delta, CmceColumnSelection c, Classic_McEliece_Minimal_Polynomial g, Classic_McEliece_Field_Ordering alpha, CmceRejectionSeed s)
Construct a Classic McEliece private key.
Definition cmce_keys_internal.h:101

Botan::Classic_McEliece_PrivateKeyInternal::c
const CmceColumnSelection & c() const
The column selection pivot vector c as defined in Classic McEliece ISO Section 9.2....
Definition cmce_keys_internal.h:141

Botan::Classic_McEliece_PrivateKeyInternal::g
const Classic_McEliece_Minimal_Polynomial & g() const
The minimal polynomial g.
Definition cmce_keys_internal.h:146

Botan::Classic_McEliece_PublicKeyInternal
Representation of a Classic McEliece public key.
Definition cmce_keys_internal.h:30

Botan::Classic_McEliece_PublicKeyInternal::params
const Classic_McEliece_Parameters & params() const
The Classic McEliece parameters.
Definition cmce_keys_internal.h:68

Botan::Classic_McEliece_PublicKeyInternal::matrix
const Classic_McEliece_Matrix & matrix() const
The Classic McEliece matrix.
Definition cmce_keys_internal.h:63

Botan::Classic_McEliece_PublicKeyInternal::serialize
std::vector< uint8_t > serialize() const
Serializes the Classic McEliece public key as defined in Classic McEliece ISO Section 9....
Definition cmce_keys_internal.h:58

Botan::Classic_McEliece_PublicKeyInternal::_const_time_unpoison
constexpr void _const_time_unpoison() const
Definition cmce_keys_internal.h:70

Botan::Classic_McEliece_PublicKeyInternal::Classic_McEliece_PublicKeyInternal
Classic_McEliece_PublicKeyInternal(const Classic_McEliece_Parameters &params, Classic_McEliece_Matrix matrix)
Construct a Classic McEliece public key.
Definition cmce_keys_internal.h:38

Botan::StrongSpan
Definition strong_type.h:638

Botan::Strong< secure_vector< uint8_t >, struct CmceKeyGenSeed_ >

Botan
Definition alg_id.cpp:13

Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61

Botan::Classic_McEliece_KeyPair_Internal
Representation of a Classic McEliece key pair.
Definition cmce_keys_internal.h:189

Botan::Classic_McEliece_KeyPair_Internal::public_key
std::shared_ptr< Classic_McEliece_PublicKeyInternal > public_key
Definition cmce_keys_internal.h:191

Botan::Classic_McEliece_KeyPair_Internal::decompose_to_pair
std::pair< std::shared_ptr< Classic_McEliece_PrivateKeyInternal >, std::shared_ptr< Classic_McEliece_PublicKeyInternal > > decompose_to_pair() &&
Decompose the key pair into a pair of shared pointers to the private and public key.
Definition cmce_keys_internal.h:205

Botan::Classic_McEliece_KeyPair_Internal::private_key
std::shared_ptr< Classic_McEliece_PrivateKeyInternal > private_key
Definition cmce_keys_internal.h:190