doxygen/frodo__constants_8cpp_source.html

/*

 * FrodoKEM modes and constants

 *

 * The Fellowship of the FrodoKEM:

 * (C) 2023 Jack Lloyd

 *     2023 René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity

 *

 * Botan is released under the Simplified BSD License (see license.txt)

 */


#include <botan/internal/frodo_constants.h>


#include <botan/xof.h>


namespace Botan {


FrodoKEMConstants::FrodoKEMConstants(FrodoKEMMode mode) : m_mode(mode), m_len_a(128), m_n_bar(8) {

   if(!mode.is_available()) {

      throw Not_Implemented("FrodoKEM mode " + mode.to_string() + " is not available");

   }


   if(mode.is_ephemeral()) {

      m_len_salt = 0;

   }


   switch(mode.mode()) {

      case FrodoKEMMode::FrodoKEM640_SHAKE:

      case FrodoKEMMode::FrodoKEM640_AES:

      case FrodoKEMMode::eFrodoKEM640_SHAKE:

      case FrodoKEMMode::eFrodoKEM640_AES:

         m_nist_strength = 128;

         m_d = 15;

         m_n = 640;

         m_b = 2;

         if(mode.is_static()) {

            m_len_salt = 256;

            m_len_se = 256;

         } else if(mode.is_ephemeral()) {

            m_len_se = 128;

         } else {

            BOTAN_ASSERT_UNREACHABLE();

         }


         m_cdf_table = {4643, 13363, 20579, 25843, 29227, 31145, 32103, 32525, 32689, 32745, 32762, 32766, 32767};


         m_shake = "SHAKE-128";

         break;


      case FrodoKEMMode::FrodoKEM976_SHAKE:

      case FrodoKEMMode::FrodoKEM976_AES:

      case FrodoKEMMode::eFrodoKEM976_SHAKE:

      case FrodoKEMMode::eFrodoKEM976_AES:

         m_nist_strength = 192;

         m_d = 16;

         m_n = 976;

         m_b = 3;

         if(mode.is_static()) {

            m_len_salt = 384;

            m_len_se = 384;

         } else if(mode.is_ephemeral()) {

            m_len_se = 192;

         } else {

            BOTAN_ASSERT_UNREACHABLE();

         }


         m_cdf_table = {5638, 15915, 23689, 28571, 31116, 32217, 32613, 32731, 32760, 32766, 32767};


         m_shake = "SHAKE-256";

         break;


      case FrodoKEMMode::FrodoKEM1344_SHAKE:

      case FrodoKEMMode::FrodoKEM1344_AES:

      case FrodoKEMMode::eFrodoKEM1344_SHAKE:

      case FrodoKEMMode::eFrodoKEM1344_AES:

         m_nist_strength = 256;

         m_d = 16;

         m_n = 1344;

         m_b = 4;

         if(mode.is_static()) {

            m_len_salt = 512;

            m_len_se = 512;

         } else if(mode.is_ephemeral()) {

            m_len_se = 256;

         } else {

            BOTAN_ASSERT_UNREACHABLE();

         }


         m_cdf_table = {9142, 23462, 30338, 32361, 32725, 32765, 32767};


         m_shake = "SHAKE-256";

         break;

   }


   m_shake_xof = XOF::create_or_throw(m_shake);

}


FrodoKEMConstants::~FrodoKEMConstants() = default;


XOF& FrodoKEMConstants::SHAKE_XOF() const {

   m_shake_xof->clear();

   return *m_shake_xof;

}


}  // namespace Botan

Botan::FrodoKEMConstants::mode
FrodoKEMMode mode() const
Definition frodo_constants.h:37

Botan::FrodoKEMConstants::FrodoKEMConstants
FrodoKEMConstants(FrodoKEMMode mode)
Definition frodo_constants.cpp:17

Botan::FrodoKEMMode
Definition frodo_mode.h:20

Botan::FrodoKEMMode::is_static
bool is_static() const
Definition frodo_mode.h:51

Botan::FrodoKEMMode::is_available
bool is_available() const
Definition frodo_mode.h:66

Botan::FrodoKEMMode::mode
Mode mode() const
Definition frodo_mode.h:44

Botan::FrodoKEMMode::is_ephemeral
bool is_ephemeral() const
Definition frodo_mode.h:46

Botan::FrodoKEMMode::eFrodoKEM976_SHAKE
@ eFrodoKEM976_SHAKE
Definition frodo_mode.h:27

Botan::FrodoKEMMode::FrodoKEM976_AES
@ FrodoKEM976_AES
Definition frodo_mode.h:30

Botan::FrodoKEMMode::eFrodoKEM976_AES
@ eFrodoKEM976_AES
Definition frodo_mode.h:33

Botan::FrodoKEMMode::FrodoKEM1344_SHAKE
@ FrodoKEM1344_SHAKE
Definition frodo_mode.h:25

Botan::FrodoKEMMode::FrodoKEM1344_AES
@ FrodoKEM1344_AES
Definition frodo_mode.h:31

Botan::FrodoKEMMode::FrodoKEM976_SHAKE
@ FrodoKEM976_SHAKE
Definition frodo_mode.h:24

Botan::FrodoKEMMode::eFrodoKEM1344_AES
@ eFrodoKEM1344_AES
Definition frodo_mode.h:34

Botan::FrodoKEMMode::eFrodoKEM1344_SHAKE
@ eFrodoKEM1344_SHAKE
Definition frodo_mode.h:28

Botan::XOF
Definition xof.h:29

Botan::XOF::clear
void clear()
Definition xof.h:66

Botan::XOF::create_or_throw
static std::unique_ptr< XOF > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition xof.cpp:42

Botan
Definition alg_id.cpp:13