Botan 3.9.0
Crypto and TLS for C&
dilithium.h
Go to the documentation of this file.
1/*
2* Crystals Dilithium Digital Signature Algorithms
3* Based on the public domain reference implementation by the
4* designers (https://github.com/pq-crystals/dilithium)
5*
6* Further changes
7* (C) 2021-2023 Jack Lloyd
8* (C) 2021-2022 Manuel Glaser - Rohde & Schwarz Cybersecurity
9* (C) 2021-2023 Michael Boric, René Meusel - Rohde & Schwarz Cybersecurity
10*
11* Botan is released under the Simplified BSD License (see license.txt)
12*/
13
14#ifndef BOTAN_DILITHIUM_COMMON_H_
15#define BOTAN_DILITHIUM_COMMON_H_
16
17#include <botan/pk_keys.h>
18
19namespace Botan {
20
22 public:
23 enum Mode : uint8_t {
25 Dilithium4x4_AES BOTAN_DEPRECATED("Dilithium AES mode is deprecated"),
27 Dilithium6x5_AES BOTAN_DEPRECATED("Dilithium AES mode is deprecated"),
29 Dilithium8x7_AES BOTAN_DEPRECATED("Dilithium AES mode is deprecated"),
33 };
34
35 public:
36 // NOLINTNEXTLINE(*-explicit-conversions)
38
39 explicit DilithiumMode(const OID& oid);
40 explicit DilithiumMode(std::string_view str);
41
42 OID object_identifier() const;
43 std::string to_string() const;
44
45 BOTAN_DEPRECATED("Dilithium AES mode is deprecated") bool is_aes() const;
46 BOTAN_DEPRECATED("Dilithium AES mode is deprecated") bool is_modern() const;
47 bool is_ml_dsa() const;
48
49 bool is_dilithium_round3() const { return !is_ml_dsa(); }
50
51 bool is_available() const;
52
53 Mode mode() const { return m_mode; }
54
55 private:
56 Mode m_mode;
57};
58
59class Dilithium_PublicKeyInternal;
60class Dilithium_PrivateKeyInternal;
61
62/**
63 * This implementation is based on
64 * https://github.com/pq-crystals/dilithium/commit/3e9b9f1412f6c7435dbeb4e10692ea58f181ee51
65 *
66 * Note that this is _not_ compatible with the round 3 submission of the NIST competition.
67 */
68class BOTAN_PUBLIC_API(3, 0) Dilithium_PublicKey : public virtual Public_Key {
69 public:
70 std::string algo_name() const override;
71
73
74 OID object_identifier() const override;
75
76 size_t key_length() const override;
77
78 size_t estimated_strength() const override;
79
80 std::vector<uint8_t> raw_public_key_bits() const override;
81
82 std::vector<uint8_t> public_key_bits() const override;
83
84 bool check_key(RandomNumberGenerator& rng, bool strong) const override;
85
86 bool supports_operation(PublicKeyOperation op) const override { return (op == PublicKeyOperation::Signature); }
87
88 std::unique_ptr<Private_Key> generate_another(RandomNumberGenerator& rng) const final;
89
90 Dilithium_PublicKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> pk);
91
92 Dilithium_PublicKey(std::span<const uint8_t> pk, DilithiumMode mode);
93
94 std::unique_ptr<PK_Ops::Verification> create_verification_op(std::string_view params,
95 std::string_view provider) const override;
96
97 std::unique_ptr<PK_Ops::Verification> create_x509_verification_op(const AlgorithmIdentifier& signature_algorithm,
98 std::string_view provider) const override;
99
100 protected:
102
105
106 std::shared_ptr<Dilithium_PublicKeyInternal> m_public; // NOLINT(*non-private-member-variable*)
107};
108
111
113 public virtual Botan::Private_Key {
114 public:
115 std::unique_ptr<Public_Key> public_key() const override;
116
117 /**
118 * Generates a new key pair
119 */
121
122 /**
123 * Read an encoded private key.
124 */
125 Dilithium_PrivateKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> sk);
126
127 /**
128 * Read an encoded private key given the dilithium @p mode.
129 */
130 Dilithium_PrivateKey(std::span<const uint8_t> sk, DilithiumMode mode);
131
133
135
136 /**
137 * Create a signature operation that produces a Dilithium signature either
138 * with "Randomized" or "Deterministic" rhoprime. Pass either of those
139 * strings as @p params. Default (i.e. empty @p params is "Randomized").
140 */
141 std::unique_ptr<PK_Ops::Signature> create_signature_op(RandomNumberGenerator& rng,
142 std::string_view params,
143 std::string_view provider) const override;
144
145 private:
147
148 std::shared_ptr<Dilithium_PrivateKeyInternal> m_private;
149};
150
152
153} // namespace Botan
154
155#endif
#define BOTAN_DIAGNOSTIC_POP
Definition api.h:122
#define BOTAN_DIAGNOSTIC_PUSH
Definition api.h:119
#define BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
Definition api.h:121
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:21
#define BOTAN_DEPRECATED(msg)
Definition api.h:73
Mode mode() const
Definition dilithium.h:53
DilithiumMode(Mode mode)
Definition dilithium.h:37
bool is_dilithium_round3() const
Definition dilithium.h:49
bool is_ml_dsa() const
friend class Dilithium_Signature_Operation
Definition dilithium.h:146
std::unique_ptr< PK_Ops::Signature > create_signature_op(RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
Dilithium_PrivateKey(RandomNumberGenerator &rng, DilithiumMode mode)
secure_vector< uint8_t > raw_private_key_bits() const override
secure_vector< uint8_t > private_key_bits() const override
std::unique_ptr< Public_Key > public_key() const override
AlgorithmIdentifier algorithm_identifier() const override
std::vector< uint8_t > public_key_bits() const override
friend class Dilithium_Signature_Operation
Definition dilithium.h:104
OID object_identifier() const override
bool supports_operation(PublicKeyOperation op) const override
Definition dilithium.h:86
Dilithium_PublicKey(const AlgorithmIdentifier &alg_id, std::span< const uint8_t > pk)
size_t key_length() const override
friend class Dilithium_Verification_Operation
Definition dilithium.h:103
std::string algo_name() const override
size_t estimated_strength() const override
std::vector< uint8_t > raw_public_key_bits() const override
std::shared_ptr< Dilithium_PublicKeyInternal > m_public
Definition dilithium.h:106
bool check_key(RandomNumberGenerator &rng, bool strong) const override
PublicKeyOperation
Definition pk_keys.h:46
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition exceptn.cpp:13