Botan 3.4.0
Crypto and TLS for C&
hybrid_public_key.h
Go to the documentation of this file.
1/**
2* Composite key pair that exposes the Public/Private key API but combines
3* multiple key agreement schemes into a hybrid algorithm.
4*
5* (C) 2023 Jack Lloyd
6* 2023 Fabian Albert, René Meusel - Rohde & Schwarz Cybersecurity
7*
8* Botan is released under the Simplified BSD License (see license.txt)
9*/
10
11#ifndef BOTAN_TLS_13_HYBRID_KEM_PUBLIC_KEY_H_
12#define BOTAN_TLS_13_HYBRID_KEM_PUBLIC_KEY_H_
13
14#include <botan/pubkey.h>
15
16#include <botan/tls_algos.h>
17
18#include <memory>
19#include <vector>
20
21namespace Botan::TLS {
22
23/**
24 * Composes a number of public keys as defined in this IETF draft:
25 * https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design-04
26 *
27 * To an upstream user, this composite key pair is presented as a KEM. Each
28 * individual key pair must either work as a KEX or as a KEM. Currently, the
29 * class can deal with ECC keys and Kyber.
30 *
31 * The typical use case provides exactly two keys (one traditional KEX and one
32 * post-quantum secure KEM). However, this class technically allows composing
33 * any number of such keys. Composing more than two keys simply generates a
34 * shared secret based on more algorithms.
35 *
36 * Note that this class is not generic enough for arbitrary use cases but
37 * serializes and parses keys and ciphertexts as described in the
38 * above-mentioned IETF draft for a post-quantum TLS 1.3.
39 */
40class BOTAN_TEST_API Hybrid_KEM_PublicKey : public virtual Public_Key {
41 public:
42 static std::unique_ptr<Hybrid_KEM_PublicKey> load_for_group(Group_Params group,
43 std::span<const uint8_t> concatenated_public_values);
44
45 public:
46 explicit Hybrid_KEM_PublicKey(std::vector<std::unique_ptr<Public_Key>> pks);
47
48 Hybrid_KEM_PublicKey(Hybrid_KEM_PublicKey&&) = default;
49 Hybrid_KEM_PublicKey(const Hybrid_KEM_PublicKey&) = delete;
50 Hybrid_KEM_PublicKey& operator=(Hybrid_KEM_PublicKey&&) = default;
51 Hybrid_KEM_PublicKey& operator=(const Hybrid_KEM_PublicKey&) = delete;
52 ~Hybrid_KEM_PublicKey() = default;
53
54 std::string algo_name() const override;
55 size_t estimated_strength() const override;
56 size_t key_length() const override;
57 bool check_key(RandomNumberGenerator& rng, bool strong) const override;
58 AlgorithmIdentifier algorithm_identifier() const override;
59 std::vector<uint8_t> public_key_bits() const override;
60 std::vector<uint8_t> public_value() const;
61 std::unique_ptr<Private_Key> generate_another(RandomNumberGenerator& rng) const final;
62
63 bool supports_operation(PublicKeyOperation op) const override;
64
65 std::unique_ptr<PK_Ops::KEM_Encryption> create_kem_encryption_op(
66 std::string_view kdf, std::string_view provider = "base") const override;
67
68 const auto& public_keys() const { return m_public_keys; }
69
70 protected:
71 std::vector<std::unique_ptr<Public_Key>> m_public_keys;
72
73 private:
74 size_t m_key_length;
75 size_t m_estimated_strength;
76};
77
78BOTAN_DIAGNOSTIC_PUSH
79BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
80
81/**
82 * Composes a number of private keys for hybrid key agreement as defined in this
83 * IETF draft: https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design-04
84 */
85class BOTAN_TEST_API Hybrid_KEM_PrivateKey final : public Private_Key,
86 public Hybrid_KEM_PublicKey {
87 public:
88 /**
89 * Generate a hybrid private key for the given TLS code point.
90 */
91 static std::unique_ptr<Hybrid_KEM_PrivateKey> generate_from_group(Group_Params group, RandomNumberGenerator& rng);
92
93 public:
94 Hybrid_KEM_PrivateKey(std::vector<std::unique_ptr<Private_Key>> private_keys);
95
96 secure_vector<uint8_t> private_key_bits() const override;
97
98 std::unique_ptr<Public_Key> public_key() const override;
99
100 bool check_key(RandomNumberGenerator& rng, bool strong) const override;
101
102 std::unique_ptr<PK_Ops::KEM_Decryption> create_kem_decryption_op(
103 RandomNumberGenerator& rng, std::string_view kdf, std::string_view provider = "base") const override;
104
105 const auto& private_keys() const { return m_private_keys; }
106
107 private:
108 std::vector<std::unique_ptr<Private_Key>> m_private_keys;
109};
110
111BOTAN_DIAGNOSTIC_POP
112
113} // namespace Botan::TLS
114
115#endif
Botan::Private_Key
Definition pk_keys.h:252
Botan::Public_Key
Definition pk_keys.h:119
Botan::TLS::Group_Params
Definition tls_algos.h:151
Botan::TLS::Hybrid_KEM_PrivateKey
Definition hybrid_public_key.h:86
Botan::TLS::Hybrid_KEM_PrivateKey::private_keys
const auto & private_keys() const
Definition hybrid_public_key.h:105
Botan::TLS::Hybrid_KEM_PublicKey
Definition hybrid_public_key.h:40
Botan::TLS::Hybrid_KEM_PublicKey::Hybrid_KEM_PublicKey
Hybrid_KEM_PublicKey(Hybrid_KEM_PublicKey &&)=default
Botan::TLS::Hybrid_KEM_PublicKey::~Hybrid_KEM_PublicKey
~Hybrid_KEM_PublicKey()=default
Botan::TLS::Hybrid_KEM_PublicKey::m_public_keys
std::vector< std::unique_ptr< Public_Key > > m_public_keys
Definition hybrid_public_key.h:71
Botan::TLS::Hybrid_KEM_PublicKey::public_keys
const auto & public_keys() const
Definition hybrid_public_key.h:68
Botan::TLS::Hybrid_KEM_PublicKey::Hybrid_KEM_PublicKey
Hybrid_KEM_PublicKey(const Hybrid_KEM_PublicKey &)=delete
Botan::TLS::Hybrid_KEM_PublicKey::operator=
Hybrid_KEM_PublicKey & operator=(const Hybrid_KEM_PublicKey &)=delete
Botan::TLS::Hybrid_KEM_PublicKey::operator=
Hybrid_KEM_PublicKey & operator=(Hybrid_KEM_PublicKey &&)=default
final
int(* final)(unsigned char *, CTX *)
Definition commoncrypto_hash.cpp:29
BOTAN_DIAGNOSTIC_POP
#define BOTAN_DIAGNOSTIC_POP
Definition compiler.h:191
BOTAN_DIAGNOSTIC_PUSH
#define BOTAN_DIAGNOSTIC_PUSH
Definition compiler.h:188
BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
#define BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
Definition compiler.h:190
BOTAN_TEST_API
#define BOTAN_TEST_API
Definition compiler.h:51
Botan::PublicKeyOperation
PublicKeyOperation
Definition pk_keys.h:45
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61
Generated by doxygen 1.10.0