doxygen/frodo__aes__generator_8h_source.html

/*

 * FrodoKEM matrix generator based on AES

 *

 * The Fellowship of the FrodoKEM:

 * (C) 2023 Jack Lloyd

 *     2023 René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity

 *

 * Botan is released under the Simplified BSD License (see license.txt)

 */


#ifndef BOTAN_FRODOKEM_AES_GENERATOR_H_

#define BOTAN_FRODOKEM_AES_GENERATOR_H_


#include <botan/internal/aes.h>

#include <botan/internal/frodo_constants.h>

#include <botan/internal/frodo_types.h>

#include <botan/internal/loadstor.h>

#include <botan/internal/stl_util.h>


#include <functional>

#include <span>


namespace Botan {


inline auto create_aes_row_generator(const FrodoKEMConstants& constants, StrongSpan<const FrodoSeedA> seed_a) {

   BOTAN_ASSERT_NOMSG(constants.mode().is_aes());


   auto setup_aes = [](StrongSpan<const FrodoSeedA> seed) {

      AES_128 aes;

      aes.set_key(seed);

      return aes;

   };


   return [n = static_cast<uint16_t>(constants.n()), aes = setup_aes(seed_a)](std::span<uint8_t> out, uint16_t i) {

      BufferStuffer out_bs(out);


      BOTAN_DEBUG_ASSERT(out_bs.remaining_capacity() % AES_128::BLOCK_SIZE == 0);


      for(uint16_t j = 0; j < n; j += AES_128::BLOCK_SIZE / 2) {

         // set up the to-be-encrypted 'b' value in the out variable

         // for in-place encryption of the block cipher

         // b = i || j || 0000...

         out_bs.append(store_le(i, j));

         clear_mem(out_bs.next<AES_128::BLOCK_SIZE - sizeof(i) - sizeof(j)>());

      }


      BOTAN_DEBUG_ASSERT(out_bs.full());


      aes.encrypt(out);

   };

}


}  // namespace Botan


#endif

BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59

BOTAN_DEBUG_ASSERT
#define BOTAN_DEBUG_ASSERT(expr)
Definition assert.h:98

Botan::AES_128
Definition aes.h:18

Botan::Block_Cipher_Fixed_Params< 16, 16 >::BLOCK_SIZE
@ BLOCK_SIZE
Definition block_cipher.h:197

Botan::BufferStuffer
Helper class to ease in-place marshalling of concatenated fixed-length values.
Definition stl_util.h:142

Botan::BufferStuffer::append
constexpr void append(std::span< const uint8_t > buffer)
Definition stl_util.h:177

Botan::BufferStuffer::remaining_capacity
constexpr size_t remaining_capacity() const
Definition stl_util.h:189

Botan::BufferStuffer::next
constexpr std::span< uint8_t > next(size_t bytes)
Definition stl_util.h:150

Botan::BufferStuffer::full
constexpr bool full() const
Definition stl_util.h:187

Botan::FrodoKEMConstants
Definition frodo_constants.h:25

Botan::FrodoKEMConstants::mode
FrodoKEMMode mode() const
Definition frodo_constants.h:37

Botan::FrodoKEMConstants::n
size_t n() const
Definition frodo_constants.h:45

Botan::FrodoKEMMode::is_aes
bool is_aes() const
Definition frodo_mode.h:61

Botan::StrongSpan
Definition strong_type.h:544

Botan::SymmetricAlgorithm::set_key
void set_key(const SymmetricKey &key)
Definition sym_algo.h:113

Botan
Definition alg_id.cpp:13

Botan::store_le
constexpr auto store_le(ParamTs &&... params)
Definition loadstor.h:698

Botan::create_aes_row_generator
auto create_aes_row_generator(const FrodoKEMConstants &constants, StrongSpan< const FrodoSeedA > seed_a)
Definition frodo_aes_generator.h:25

Botan::clear_mem
constexpr void clear_mem(T *ptr, size_t n)
Definition mem_ops.h:120