/src/botan/build/include/internal/botan/internal/kyber_keys.h

Source (jump to first uncovered line)
/*
 * Crystals Kyber Internal Key Types
 *
 * (C) 2021-2024 Jack Lloyd
 * (C) 2021-2022 Manuel Glaser and Michael Boric, Rohde & Schwarz Cybersecurity
 * (C) 2021-2022 René Meusel and Hannes Rantzsch, neXenio GmbH
 * (C) 2024 René Meusel, Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */

#ifndef BOTAN_KYBER_INTERNAL_KEYS_H_
#define BOTAN_KYBER_INTERNAL_KEYS_H_

#include <botan/internal/ct_utils.h>
#include <botan/internal/kyber_algos.h>
#include <botan/internal/kyber_constants.h>
#include <botan/internal/kyber_types.h>

namespace Botan {

class Kyber_Keypair_Codec {
   public:
      virtual ~Kyber_Keypair_Codec() = default;
      virtual secure_vector<uint8_t> encode_keypair(KyberInternalKeypair keypair) const = 0;
      virtual KyberInternalKeypair decode_keypair(std::span<const uint8_t> private_key, KyberConstants mode) const = 0;
};

/// Codec for expanded private keys (as specified in FIPS 203)
class Expanded_Keypair_Codec final : public Kyber_Keypair_Codec {
   public:
      KyberInternalKeypair decode_keypair(std::span<const uint8_t> buffer, KyberConstants mode) const override;
      secure_vector<uint8_t> encode_keypair(KyberInternalKeypair private_key) const override;
};

/// Codec for private keys as 64-byte seeds: d || z
class Seed_Expanding_Keypair_Codec final : public Kyber_Keypair_Codec {
   public:
      KyberInternalKeypair decode_keypair(std::span<const uint8_t> buffer, KyberConstants mode) const override;
      secure_vector<uint8_t> encode_keypair(KyberInternalKeypair keypair) const override;
};

class Kyber_PublicKeyInternal {
   public:
      Kyber_PublicKeyInternal(KyberConstants mode, KyberSerializedPublicKey public_key);
      Kyber_PublicKeyInternal(KyberConstants mode, KyberPolyVecNTT polynomials, KyberSeedRho seed);

      void indcpa_encrypt(StrongSpan<KyberCompressedCiphertext> out_ct,
                          StrongSpan<const KyberMessage> m,
                          StrongSpan<const KyberEncryptionRandomness> r,
                          const KyberPolyMat& At) const;

      KyberCompressedCiphertext indcpa_encrypt(const KyberMessage& m,
                                               const KyberEncryptionRandomness& r,
                                               const KyberPolyMat& At) const {
         KyberCompressedCiphertext ct(m_mode.ciphertext_bytes());
         indcpa_encrypt(ct, m, r, At);
         return ct;
      }

      const KyberPolyVecNTT& t() const { return m_t; }

      const KyberSeedRho& rho() const { return m_rho; }

      const KyberConstants& mode() const { return m_mode; }

      const KyberSerializedPublicKey& public_key_bits_raw() const { return m_public_key_bits_raw; }

      const KyberHashedPublicKey& H_public_key_bits_raw() const { return m_H_public_key_bits_raw; }

      Kyber_PublicKeyInternal() = delete;

   private:
      const KyberConstants m_mode;
      const KyberSerializedPublicKey m_public_key_bits_raw;
      const KyberHashedPublicKey m_H_public_key_bits_raw;
      KyberPolyVecNTT m_t;
      const KyberSeedRho m_rho;
};

class Kyber_PrivateKeyInternal {
   public:
      Kyber_PrivateKeyInternal(KyberConstants mode, KyberPolyVecNTT s, KyberPrivateKeySeed seed) :
            m_mode(std::move(mode)), m_s(std::move(s)), m_seed(std::move(seed)) {}

      KyberMessage indcpa_decrypt(StrongSpan<const KyberCompressedCiphertext> ct) const;

      KyberPolyVecNTT& s() { return m_s; }

      const KyberPolyVecNTT& s() const { return m_s; }

      const KyberPrivateKeySeed& seed() const { return m_seed; }

      const KyberImplicitRejectionValue& z() const { return m_seed.z; }

      const KyberConstants& mode() const { return m_mode; }

      Kyber_PrivateKeyInternal() = delete;

      void _const_time_poison() const { CT::poison_all(m_s, m_seed.d, m_seed.z); }

      void _const_time_unpoison() const { CT::unpoison_all(m_s, m_seed.d, m_seed.z); }

   private:
      KyberConstants m_mode;
      KyberPolyVecNTT m_s;
      KyberPrivateKeySeed m_seed;
};

}  // namespace Botan

#endif

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Crystals Kyber Internal Key Types
3		*
4		* (C) 2021-2024 Jack Lloyd
5		* (C) 2021-2022 Manuel Glaser and Michael Boric, Rohde & Schwarz Cybersecurity
6		* (C) 2021-2022 René Meusel and Hannes Rantzsch, neXenio GmbH
7		* (C) 2024 René Meusel, Rohde & Schwarz Cybersecurity
8		*
9		* Botan is released under the Simplified BSD License (see license.txt)
10		*/
11
12		#ifndef BOTAN_KYBER_INTERNAL_KEYS_H_
13		#define BOTAN_KYBER_INTERNAL_KEYS_H_
14
15		#include <botan/internal/ct_utils.h>
16		#include <botan/internal/kyber_algos.h>
17		#include <botan/internal/kyber_constants.h>
18		#include <botan/internal/kyber_types.h>
19
20		namespace Botan {
21
22		class Kyber_Keypair_Codec {
23		public:
24	0	virtual ~Kyber_Keypair_Codec() = default;
25		virtual secure_vector<uint8_t> encode_keypair(KyberInternalKeypair keypair) const = 0;
26		virtual KyberInternalKeypair decode_keypair(std::span<const uint8_t> private_key, KyberConstants mode) const = 0;
27		};
28
29		/// Codec for expanded private keys (as specified in FIPS 203)
30		class Expanded_Keypair_Codec final : public Kyber_Keypair_Codec {
31		public:
32		KyberInternalKeypair decode_keypair(std::span<const uint8_t> buffer, KyberConstants mode) const override;
33		secure_vector<uint8_t> encode_keypair(KyberInternalKeypair private_key) const override;
34		};
35
36		/// Codec for private keys as 64-byte seeds: d \|\| z
37		class Seed_Expanding_Keypair_Codec final : public Kyber_Keypair_Codec {
38		public:
39		KyberInternalKeypair decode_keypair(std::span<const uint8_t> buffer, KyberConstants mode) const override;
40		secure_vector<uint8_t> encode_keypair(KyberInternalKeypair keypair) const override;
41		};
42
43		class Kyber_PublicKeyInternal {
44		public:
45		Kyber_PublicKeyInternal(KyberConstants mode, KyberSerializedPublicKey public_key);
46		Kyber_PublicKeyInternal(KyberConstants mode, KyberPolyVecNTT polynomials, KyberSeedRho seed);
47
48		void indcpa_encrypt(StrongSpan<KyberCompressedCiphertext> out_ct,
49		StrongSpan<const KyberMessage> m,
50		StrongSpan<const KyberEncryptionRandomness> r,
51		const KyberPolyMat& At) const;
52
53		KyberCompressedCiphertext indcpa_encrypt(const KyberMessage& m,
54		const KyberEncryptionRandomness& r,
55	0	const KyberPolyMat& At) const {
56	0	KyberCompressedCiphertext ct(m_mode.ciphertext_bytes());
57	0	indcpa_encrypt(ct, m, r, At);
58	0	return ct;
59	0	}
60
61	0	const KyberPolyVecNTT& t() const { return m_t; }
62
63	0	const KyberSeedRho& rho() const { return m_rho; }
64
65	0	const KyberConstants& mode() const { return m_mode; }
66
67	0	const KyberSerializedPublicKey& public_key_bits_raw() const { return m_public_key_bits_raw; }
68
69	0	const KyberHashedPublicKey& H_public_key_bits_raw() const { return m_H_public_key_bits_raw; }
70
71		Kyber_PublicKeyInternal() = delete;
72
73		private:
74		const KyberConstants m_mode;
75		const KyberSerializedPublicKey m_public_key_bits_raw;
76		const KyberHashedPublicKey m_H_public_key_bits_raw;
77		KyberPolyVecNTT m_t;
78		const KyberSeedRho m_rho;
79		};
80
81		class Kyber_PrivateKeyInternal {
82		public:
83		Kyber_PrivateKeyInternal(KyberConstants mode, KyberPolyVecNTT s, KyberPrivateKeySeed seed) :
84	0	m_mode(std::move(mode)), m_s(std::move(s)), m_seed(std::move(seed)) {}
85
86		KyberMessage indcpa_decrypt(StrongSpan<const KyberCompressedCiphertext> ct) const;
87
88	0	KyberPolyVecNTT& s() { return m_s; }
89
90	0	const KyberPolyVecNTT& s() const { return m_s; }
91
92	0	const KyberPrivateKeySeed& seed() const { return m_seed; }
93
94	0	const KyberImplicitRejectionValue& z() const { return m_seed.z; }
95
96	0	const KyberConstants& mode() const { return m_mode; }
97
98		Kyber_PrivateKeyInternal() = delete;
99
100	0	void _const_time_poison() const { CT::poison_all(m_s, m_seed.d, m_seed.z); }
101
102	0	void _const_time_unpoison() const { CT::unpoison_all(m_s, m_seed.d, m_seed.z); }
103
104		private:
105		KyberConstants m_mode;
106		KyberPolyVecNTT m_s;
107		KyberPrivateKeySeed m_seed;
108		};
109
110		} // namespace Botan
111
112		#endif

Coverage Report

Created: 2025-04-11 06:34