doxygen/kyber__modern_8h_source.html

/*

 * Symmetric primitives for Kyber (modern (non-90s) mode)

 * (C) 2022-2024 Jack Lloyd

 * (C) 2022 Hannes Rantzsch, René Meusel, neXenio GmbH

 * (C) 2024 René Meusel, Rohde & Schwarz Cybersecurity

 *

 * Botan is released under the Simplified BSD License (see license.txt)

 */


#ifndef BOTAN_KYBER_MODERN_H_

#define BOTAN_KYBER_MODERN_H_


#include <botan/hash.h>

#include <botan/xof.h>


#include <botan/internal/kyber_symmetric_primitives.h>

#include <botan/internal/loadstor.h>


#include <memory>


namespace Botan {


class Kyber_Modern_Symmetric_Primitives final : public Kyber_Symmetric_Primitives {

   public:


      Kyber_Modern_Symmetric_Primitives() :

            m_sha3_512(HashFunction::create_or_throw("SHA-3(512)")),

            m_sha3_256(HashFunction::create_or_throw("SHA-3(256)")),

            m_shake256_256(HashFunction::create_or_throw("SHAKE-256(256)")),

            m_shake128(Botan::XOF::create_or_throw("SHAKE-128")),

            m_shake256(Botan::XOF::create_or_throw("SHAKE-256")) {}


   protected:


      std::optional<std::array<uint8_t, 1>> seed_expansion_domain_separator(const KyberConstants&) const override {

         return {};

      }


      HashFunction& get_G() const override { return *m_sha3_512; }


      HashFunction& get_H() const override { return *m_sha3_256; }


      HashFunction& get_J() const override { throw Invalid_State("Kyber-R3 does not support J()"); }


      HashFunction& get_KDF() const override { return *m_shake256_256; }


      Botan::XOF& get_PRF(std::span<const uint8_t> seed, const uint8_t nonce) const override {

         m_shake256->clear();

         m_shake256->update(seed);

         m_shake256->update(store_be(nonce));

         return *m_shake256;

      }


      Botan::XOF& get_XOF(std::span<const uint8_t> seed, std::tuple<uint8_t, uint8_t> matrix_position) const override {

         m_shake128->clear();

         m_shake128->update(seed);

         m_shake128->update(store_be(make_uint16(std::get<0>(matrix_position), std::get<1>(matrix_position))));

         return *m_shake128;

      }


   private:

      std::unique_ptr<HashFunction> m_sha3_512;

      std::unique_ptr<HashFunction> m_sha3_256;

      std::unique_ptr<HashFunction> m_shake256_256;

      std::unique_ptr<Botan::XOF> m_shake128;

      std::unique_ptr<Botan::XOF> m_shake256;

};


}  // namespace Botan


#endif

Botan::HashFunction
Definition hash.h:21

Botan::Invalid_State
Definition exceptn.h:206

Botan::KyberConstants
Definition kyber_constants.h:22

Botan::Kyber_Modern_Symmetric_Primitives
Definition kyber_modern.h:23

Botan::Kyber_Modern_Symmetric_Primitives::get_KDF
HashFunction & get_KDF() const override
Definition kyber_modern.h:43

Botan::Kyber_Modern_Symmetric_Primitives::get_G
HashFunction & get_G() const override
Definition kyber_modern.h:37

Botan::Kyber_Modern_Symmetric_Primitives::get_PRF
Botan::XOF & get_PRF(std::span< const uint8_t > seed, const uint8_t nonce) const override
Definition kyber_modern.h:45

Botan::Kyber_Modern_Symmetric_Primitives::get_H
HashFunction & get_H() const override
Definition kyber_modern.h:39

Botan::Kyber_Modern_Symmetric_Primitives::Kyber_Modern_Symmetric_Primitives
Kyber_Modern_Symmetric_Primitives()
Definition kyber_modern.h:25

Botan::Kyber_Modern_Symmetric_Primitives::get_XOF
Botan::XOF & get_XOF(std::span< const uint8_t > seed, std::tuple< uint8_t, uint8_t > matrix_position) const override
Definition kyber_modern.h:52

Botan::Kyber_Modern_Symmetric_Primitives::seed_expansion_domain_separator
std::optional< std::array< uint8_t, 1 > > seed_expansion_domain_separator(const KyberConstants &) const override
Definition kyber_modern.h:33

Botan::Kyber_Modern_Symmetric_Primitives::get_J
HashFunction & get_J() const override
Definition kyber_modern.h:41

Botan::Kyber_Symmetric_Primitives
Definition kyber_symmetric_primitives.h:30

Botan::XOF
Definition xof.h:29

final
int(* final)(unsigned char *, CTX *)
Definition commoncrypto_hash.cpp:29

Botan
Definition alg_id.cpp:13

Botan::store_be
constexpr auto store_be(ParamTs &&... params)
Definition loadstor.h:773

Botan::make_uint16
constexpr uint16_t make_uint16(uint8_t i0, uint8_t i1)
Definition loadstor.h:88