/src/botan/build/include/botan/dilithium.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Crystals Dilithium Digital Signature Algorithms |
3 | | * Based on the public domain reference implementation by the |
4 | | * designers (https://github.com/pq-crystals/dilithium) |
5 | | * |
6 | | * Further changes |
7 | | * (C) 2021-2023 Jack Lloyd |
8 | | * (C) 2021-2022 Manuel Glaser - Rohde & Schwarz Cybersecurity |
9 | | * (C) 2021-2023 Michael Boric, René Meusel - Rohde & Schwarz Cybersecurity |
10 | | * |
11 | | * Botan is released under the Simplified BSD License (see license.txt) |
12 | | */ |
13 | | |
14 | | #ifndef BOTAN_DILITHIUM_COMMON_H_ |
15 | | #define BOTAN_DILITHIUM_COMMON_H_ |
16 | | |
17 | | #include <botan/pk_keys.h> |
18 | | |
19 | | namespace Botan { |
20 | | |
21 | | class BOTAN_PUBLIC_API(3,0) DilithiumMode |
22 | | { |
23 | | public: |
24 | | enum Mode |
25 | | { |
26 | | Dilithium4x4 = 1, |
27 | | Dilithium4x4_AES, |
28 | | Dilithium6x5, |
29 | | Dilithium6x5_AES, |
30 | | Dilithium8x7, |
31 | | Dilithium8x7_AES |
32 | | }; |
33 | | |
34 | | public: |
35 | 0 | DilithiumMode(Mode mode) : m_mode(mode) {} |
36 | | explicit DilithiumMode(const OID& oid); |
37 | | explicit DilithiumMode(const std::string& str); |
38 | | |
39 | | OID get_oid() const; |
40 | | std::string to_string() const; |
41 | | |
42 | 0 | bool is_aes() const { return m_mode == Dilithium4x4_AES || m_mode == Dilithium6x5_AES || m_mode == Dilithium8x7_AES; } |
43 | 0 | bool is_modern() const { return !is_aes(); } |
44 | | |
45 | 0 | Mode mode() const { return m_mode; } |
46 | | |
47 | | private: |
48 | | Mode m_mode; |
49 | | }; |
50 | | |
51 | | enum class DilithiumKeyEncoding |
52 | | { |
53 | | Raw, // as implemented in the reference implementation |
54 | | DER // as described in draft-uni-qsckeys-dilithium/00 |
55 | | // Sections 3.3 (private key), 3.6 (public key) |
56 | | }; |
57 | | |
58 | | class Dilithium_PublicKeyInternal; |
59 | | class Dilithium_PrivateKeyInternal; |
60 | | |
61 | | /** |
62 | | * This implementation is based on |
63 | | * https://github.com/pq-crystals/dilithium/commit/3e9b9f1412f6c7435dbeb4e10692ea58f181ee51 |
64 | | * |
65 | | * Note that this is _not_ compatible with the round 3 submission of the NIST competition. |
66 | | */ |
67 | | class BOTAN_PUBLIC_API(3, 0) Dilithium_PublicKey : public virtual Public_Key |
68 | | { |
69 | | public: |
70 | | Dilithium_PublicKey& operator=(const Dilithium_PublicKey& other) = default; |
71 | | |
72 | 0 | virtual ~Dilithium_PublicKey() = default; |
73 | | |
74 | | std::string algo_name() const override; |
75 | | |
76 | | AlgorithmIdentifier algorithm_identifier() const override; |
77 | | |
78 | | OID get_oid() const override; |
79 | | |
80 | | size_t key_length() const override; |
81 | | |
82 | | size_t estimated_strength() const override; |
83 | | |
84 | | std::vector<uint8_t> public_key_bits() const override; |
85 | | |
86 | | bool check_key(RandomNumberGenerator&, bool) const override; |
87 | | |
88 | | std::unique_ptr<PK_Ops::Verification> |
89 | | create_verification_op(const std::string& params, |
90 | | const std::string& provider) const override; |
91 | | |
92 | | void set_binary_encoding(DilithiumKeyEncoding encoding) |
93 | 0 | { |
94 | 0 | m_key_encoding = encoding; |
95 | 0 | } |
96 | | |
97 | | DilithiumKeyEncoding binary_encoding() const |
98 | 0 | { |
99 | 0 | return m_key_encoding; |
100 | 0 | } |
101 | | |
102 | | Dilithium_PublicKey(const AlgorithmIdentifier& alg_id, const std::vector<uint8_t>& pk); |
103 | | |
104 | | Dilithium_PublicKey(const std::vector<uint8_t>& pk, |
105 | | DilithiumMode mode, DilithiumKeyEncoding encoding); |
106 | | |
107 | | protected: |
108 | | Dilithium_PublicKey() : m_key_encoding(DilithiumKeyEncoding::Raw) |
109 | 0 | { |
110 | 0 | } |
111 | | |
112 | | friend class Dilithium_Verification_Operation; |
113 | | friend class Dilithium_Signature_Operation; |
114 | | |
115 | | std::shared_ptr<Dilithium_PublicKeyInternal> m_public; |
116 | | DilithiumKeyEncoding m_key_encoding; |
117 | | }; |
118 | | |
119 | | class BOTAN_PUBLIC_API(3, 0) Dilithium_PrivateKey final : public virtual Dilithium_PublicKey, |
120 | | public virtual Botan::Private_Key |
121 | | { |
122 | | public: |
123 | | std::unique_ptr<Public_Key> public_key() const override; |
124 | | |
125 | | /** |
126 | | * Generates a new key pair |
127 | | */ |
128 | | Dilithium_PrivateKey(RandomNumberGenerator& rng, DilithiumMode mode); |
129 | | |
130 | | /** |
131 | | * Read an encoded private key. |
132 | | */ |
133 | | Dilithium_PrivateKey(const AlgorithmIdentifier& alg_id, const secure_vector<uint8_t>& sk); |
134 | | |
135 | | /** |
136 | | * Read an encoded private key given the dilithium @p mode and @p encoding. |
137 | | */ |
138 | | Dilithium_PrivateKey(const secure_vector<uint8_t>& sk, |
139 | | DilithiumMode mode, DilithiumKeyEncoding encoding); |
140 | | |
141 | | secure_vector<uint8_t> private_key_bits() const override; |
142 | | |
143 | | /** |
144 | | * Create a signature operation that produces a Dilithium signature either |
145 | | * with "Randomized" or "Deterministic" rhoprime. Pass either of those |
146 | | * strings as @p params. Default (i.e. empty @p params is "Randomized"). |
147 | | */ |
148 | | std::unique_ptr<PK_Ops::Signature> create_signature_op(RandomNumberGenerator&, |
149 | | const std::string& params, const std::string& provider) const override; |
150 | | |
151 | | private: |
152 | | friend class Dilithium_Signature_Operation; |
153 | | |
154 | | std::shared_ptr<Dilithium_PrivateKeyInternal> m_private; |
155 | | }; |
156 | | |
157 | | } // namespace Botan |
158 | | |
159 | | #endif |