/src/botan/src/lib/pubkey/kyber/kyber_common/kyber_constants.cpp

Source (jump to first uncovered line)
/*
 * Crystals Kyber Constants
 *
 * (C) 2021-2024 Jack Lloyd
 * (C) 2021-2022 Manuel Glaser and Michael Boric, Rohde & Schwarz Cybersecurity
 * (C) 2021-2022 René Meusel and Hannes Rantzsch, neXenio GmbH
 * (C) 2024 René Meusel, Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */

#include <botan/internal/kyber_constants.h>

#include <botan/internal/pqcrystals_helpers.h>

#if defined(BOTAN_HAS_KYBER)
   #include <botan/internal/kyber_modern.h>
#endif

#if defined(BOTAN_HAS_KYBER_90S)
   #include <botan/internal/kyber_90s.h>
#endif

#if defined(BOTAN_HAS_KYBER) || defined(BOTAN_HAS_KYBER_90S)
   #include <botan/internal/kyber_round3_impl.h>
#endif

#if defined(BOTAN_HAS_ML_KEM)
   #include <botan/internal/ml_kem_impl.h>
#endif

namespace Botan {

KyberConstants::KyberConstants(KyberMode mode) : m_mode(mode) {
   switch(mode.mode()) {
      case KyberMode::Kyber512_R3:
      case KyberMode::Kyber512_90s:
      case KyberMode::ML_KEM_512:
         m_nist_strength = KyberStrength::_128;
         m_k = 2;
         m_eta1 = KyberEta::_3;
         m_du = KyberDu::_10;
         m_dv = KyberDv::_4;
         break;

      case KyberMode::Kyber768_R3:
      case KyberMode::Kyber768_90s:
      case KyberMode::ML_KEM_768:
         m_nist_strength = KyberStrength::_192;
         m_k = 3;
         m_eta1 = KyberEta::_2;
         m_du = KyberDu::_10;
         m_dv = KyberDv::_4;
         break;

      case KyberMode::Kyber1024_R3:
      case KyberMode::Kyber1024_90s:
      case KyberMode::ML_KEM_1024:
         m_nist_strength = KyberStrength::_256;
         m_k = 4;
         m_eta1 = KyberEta::_2;
         m_du = KyberDu::_11;
         m_dv = KyberDv::_5;
         break;

      default:
         BOTAN_ASSERT_UNREACHABLE();
   }

#ifdef BOTAN_HAS_KYBER_90S
   if(mode.is_kyber_round3() && mode.is_90s()) {
      m_symmetric_primitives = std::make_unique<Kyber_90s_Symmetric_Primitives>();
   }
#endif

#ifdef BOTAN_HAS_KYBER
   if(mode.is_kyber_round3() && mode.is_modern()) {
      m_symmetric_primitives = std::make_unique<Kyber_Modern_Symmetric_Primitives>();
   }
#endif

#ifdef BOTAN_HAS_ML_KEM
   if(mode.is_ml_kem()) {
      m_symmetric_primitives = std::make_unique<ML_KEM_Symmetric_Primitives>();
   }
#endif

   static_assert(N % 8 == 0);
   m_polynomial_vector_bytes = (bitlen(Q) * (N / 8)) * k();
   m_polynomial_vector_compressed_bytes = d_u() * k() * (N / 8);
   m_polynomial_compressed_bytes = d_v() * (N / 8);
   m_expanded_private_key_bytes =
      static_cast<uint32_t>(m_polynomial_vector_bytes + public_key_bytes() + PUBLIC_KEY_HASH_BYTES + SEED_BYTES);
   m_seed_private_key_bytes = 2 * SEED_BYTES;

   if(!m_symmetric_primitives) {
      throw Not_Implemented("requested Kyber mode is not enabled in this build");
   }
}

KyberConstants::~KyberConstants() = default;

}  // namespace Botan

Coverage Report

Created: 2025-04-11 06:34

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Crystals Kyber Constants
3		*
4		* (C) 2021-2024 Jack Lloyd
5		* (C) 2021-2022 Manuel Glaser and Michael Boric, Rohde & Schwarz Cybersecurity
6		* (C) 2021-2022 René Meusel and Hannes Rantzsch, neXenio GmbH
7		* (C) 2024 René Meusel, Rohde & Schwarz Cybersecurity
8		*
9		* Botan is released under the Simplified BSD License (see license.txt)
10		*/
11
12		#include <botan/internal/kyber_constants.h>
13
14		#include <botan/internal/pqcrystals_helpers.h>
15
16		#if defined(BOTAN_HAS_KYBER)
17		#include <botan/internal/kyber_modern.h>
18		#endif
19
20		#if defined(BOTAN_HAS_KYBER_90S)
21		#include <botan/internal/kyber_90s.h>
22		#endif
23
24		#if defined(BOTAN_HAS_KYBER) \|\| defined(BOTAN_HAS_KYBER_90S)
25		#include <botan/internal/kyber_round3_impl.h>
26		#endif
27
28		#if defined(BOTAN_HAS_ML_KEM)
29		#include <botan/internal/ml_kem_impl.h>
30		#endif
31
32		namespace Botan {
33
34	21	KyberConstants::KyberConstants(KyberMode mode) : m_mode(mode) {
35	21	switch(mode.mode()) {
36	0	case KyberMode::Kyber512_R3:
37	0	case KyberMode::Kyber512_90s:
38	7	case KyberMode::ML_KEM_512:
39	7	m_nist_strength = KyberStrength::_128;
40	7	m_k = 2;
41	7	m_eta1 = KyberEta::_3;
42	7	m_du = KyberDu::_10;
43	7	m_dv = KyberDv::_4;
44	7	break;
45
46	0	case KyberMode::Kyber768_R3:
47	0	case KyberMode::Kyber768_90s:
48	7	case KyberMode::ML_KEM_768:
49	7	m_nist_strength = KyberStrength::_192;
50	7	m_k = 3;
51	7	m_eta1 = KyberEta::_2;
52	7	m_du = KyberDu::_10;
53	7	m_dv = KyberDv::_4;
54	7	break;
55
56	0	case KyberMode::Kyber1024_R3:
57	0	case KyberMode::Kyber1024_90s:
58	7	case KyberMode::ML_KEM_1024:
59	7	m_nist_strength = KyberStrength::_256;
60	7	m_k = 4;
61	7	m_eta1 = KyberEta::_2;
62	7	m_du = KyberDu::_11;
63	7	m_dv = KyberDv::_5;
64	7	break;
65
66	0	default:
67	0	BOTAN_ASSERT_UNREACHABLE();
68	21	}
69
70	21	#ifdef BOTAN_HAS_KYBER_90S
71	21	if(mode.is_kyber_round3() && mode.is_90s()) {
72	0	m_symmetric_primitives = std::make_unique<Kyber_90s_Symmetric_Primitives>();
73	0	}
74	21	#endif
75
76	21	#ifdef BOTAN_HAS_KYBER
77	21	if(mode.is_kyber_round3() && mode.is_modern()) {
78	0	m_symmetric_primitives = std::make_unique<Kyber_Modern_Symmetric_Primitives>();
79	0	}
80	21	#endif
81
82	21	#ifdef BOTAN_HAS_ML_KEM
83	21	if(mode.is_ml_kem()) {
84	21	m_symmetric_primitives = std::make_unique<ML_KEM_Symmetric_Primitives>();
85	21	}
86	21	#endif
87
88	21	static_assert(N % 8 == 0);
89	21	m_polynomial_vector_bytes = (bitlen(Q) * (N / 8)) * k();
90	21	m_polynomial_vector_compressed_bytes = d_u() * k() * (N / 8);
91	21	m_polynomial_compressed_bytes = d_v() * (N / 8);
92	21	m_expanded_private_key_bytes =
93	21	static_cast<uint32_t>(m_polynomial_vector_bytes + public_key_bytes() + PUBLIC_KEY_HASH_BYTES + SEED_BYTES);
94	21	m_seed_private_key_bytes = 2 * SEED_BYTES;
95
96	21	if(!m_symmetric_primitives) {
97	0	throw Not_Implemented("requested Kyber mode is not enabled in this build");
98	0	}
99	21	}
100
101	42	KyberConstants::~KyberConstants() = default;
102
103		} // namespace Botan