Botan 3.7.1
Crypto and TLS for C&
kyber.h
Go to the documentation of this file.
1/*
2 * Crystals Kyber key encapsulation mechanism
3 * Based on the public domain reference implementation by the
4 * designers (https://github.com/pq-crystals/kyber)
5 *
6 * Further changes
7 * (C) 2021-2022 Jack Lloyd
8 * (C) 2021-2022 Manuel Glaser and Michael Boric, Rohde & Schwarz Cybersecurity
9 * (C) 2021-2022 René Meusel and Hannes Rantzsch, neXenio GmbH
10 *
11 * Botan is released under the Simplified BSD License (see license.txt)
12 */
13
14#ifndef BOTAN_KYBER_COMMON_H_
15#define BOTAN_KYBER_COMMON_H_
16
17#include <botan/asn1_obj.h>
18#include <botan/der_enc.h>
19#include <botan/exceptn.h>
20#include <botan/pk_keys.h>
21
22#include <span>
23
24#if !defined(BOTAN_HAS_KYBER_90S) && !defined(BOTAN_HAS_KYBER) && !defined(BOTAN_HAS_ML_KEM)
25static_assert(
26 false,
27 "botan module 'kyber_common' is useful only when enabling at least one of those modules: 'kyber', 'kyber_90s', 'ml_kem'");
28#endif
29
30namespace Botan {
31
33 public:
34 enum Mode {
35 // Kyber512 as proposed in round 3 of the NIST competition
37 // Kyber768 as proposed in round 3 of the NIST competition
39 // Kyber1024 as proposed in round 3 of the NIST competition
41
45
49
50 Kyber512_90s BOTAN_DEPRECATED("Kyber 90s mode is deprecated"),
51 Kyber768_90s BOTAN_DEPRECATED("Kyber 90s mode is deprecated"),
52 Kyber1024_90s BOTAN_DEPRECATED("Kyber 90s mode is deprecated"),
53 };
54
55 KyberMode(Mode mode);
56 explicit KyberMode(const OID& oid);
57 explicit KyberMode(std::string_view str);
58
59 OID object_identifier() const;
60 std::string to_string() const;
61
62 Mode mode() const { return m_mode; }
63
64 BOTAN_DEPRECATED("Kyber 90s mode is deprecated") bool is_90s() const;
65
66 BOTAN_DEPRECATED("Kyber 90s mode is deprecated") bool is_modern() const;
67
68 bool is_ml_kem() const;
69
70 bool is_kyber_round3() const;
71
72 bool is_available() const;
73
74 bool operator==(const KyberMode& other) const { return m_mode == other.m_mode; }
75
76 bool operator!=(const KyberMode& other) const { return !(*this == other); }
77
78 private:
79 Mode m_mode;
80};
81
82class Kyber_PublicKeyInternal;
83class Kyber_PrivateKeyInternal;
84
85class BOTAN_PUBLIC_API(3, 0) Kyber_PublicKey : public virtual Public_Key {
86 public:
87 Kyber_PublicKey(std::span<const uint8_t> pub_key, KyberMode mode);
88
89 Kyber_PublicKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits);
90
91 Kyber_PublicKey(const Kyber_PublicKey& other);
92
93 Kyber_PublicKey& operator=(const Kyber_PublicKey& other) = default;
94
95 ~Kyber_PublicKey() override = default;
96
97 std::string algo_name() const override;
98
100
101 OID object_identifier() const override;
102
103 size_t key_length() const override;
104
105 size_t estimated_strength() const override;
106
107 std::vector<uint8_t> raw_public_key_bits() const override;
108
109 std::vector<uint8_t> public_key_bits() const override;
110
111 bool check_key(RandomNumberGenerator& rng, bool strong) const override;
112
113 std::unique_ptr<Private_Key> generate_another(RandomNumberGenerator& rng) const final;
114
115 bool supports_operation(PublicKeyOperation op) const override {
117 }
118
119 std::unique_ptr<PK_Ops::KEM_Encryption> create_kem_encryption_op(std::string_view params,
120 std::string_view provider) const override;
121
122 KyberMode mode() const;
123
124 protected:
125 Kyber_PublicKey() = default;
126
127 static std::shared_ptr<Kyber_PublicKeyInternal> initialize_from_encoding(std::span<const uint8_t> pub_key,
128 KyberMode m);
129
130 protected:
133
134 std::shared_ptr<Kyber_PublicKeyInternal> m_public;
135};
136
139
140class BOTAN_PUBLIC_API(3, 0) Kyber_PrivateKey final : public virtual Kyber_PublicKey,
141 public virtual Private_Key {
142 public:
144
145 Kyber_PrivateKey(std::span<const uint8_t> sk, KyberMode mode);
146
147 Kyber_PrivateKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits);
148
149 std::unique_ptr<Public_Key> public_key() const override;
150
152
154
155 bool check_key(RandomNumberGenerator& rng, bool strong) const override;
156
157 std::unique_ptr<PK_Ops::KEM_Decryption> create_kem_decryption_op(RandomNumberGenerator& rng,
158 std::string_view params,
159 std::string_view provider) const override;
160
161 private:
163
164 std::shared_ptr<Kyber_PrivateKeyInternal> m_private;
165};
166
168
169} // namespace Botan
170
171#endif
#define BOTAN_DIAGNOSTIC_POP
Definition api.h:108
#define BOTAN_DIAGNOSTIC_PUSH
Definition api.h:105
#define BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
Definition api.h:107
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:19
#define BOTAN_DEPRECATED(msg)
Definition api.h:59
bool operator!=(const KyberMode &other) const
Definition kyber.h:76
KyberMode(Mode mode)
Definition kyber.cpp:89
Mode mode() const
Definition kyber.h:62
std::unique_ptr< PK_Ops::KEM_Decryption > create_kem_decryption_op(RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
Definition kyber.cpp:306
std::unique_ptr< Public_Key > public_key() const override
Definition kyber.cpp:253
bool check_key(RandomNumberGenerator &rng, bool strong) const override
Definition kyber.cpp:265
Kyber_PrivateKey(RandomNumberGenerator &rng, KyberMode mode)
Definition kyber.cpp:232
secure_vector< uint8_t > raw_private_key_bits() const override
Definition kyber.cpp:257
friend class Kyber_KEM_Decryptor
Definition kyber.h:162
secure_vector< uint8_t > private_key_bits() const override
Definition kyber.cpp:261
Kyber_PublicKey & operator=(const Kyber_PublicKey &other)=default
std::vector< uint8_t > public_key_bits() const override
Definition kyber.cpp:202
std::vector< uint8_t > raw_public_key_bits() const override
Definition kyber.cpp:198
bool check_key(RandomNumberGenerator &rng, bool strong) const override
Definition kyber.cpp:212
std::string algo_name() const override
Definition kyber.cpp:167
std::shared_ptr< Kyber_PublicKeyInternal > m_public
Definition kyber.h:134
friend class Kyber_KEM_Encryptor
Definition kyber.h:131
size_t key_length() const override
Definition kyber.cpp:208
AlgorithmIdentifier algorithm_identifier() const override
Definition kyber.cpp:171
~Kyber_PublicKey() override=default
static std::shared_ptr< Kyber_PublicKeyInternal > initialize_from_encoding(std::span< const uint8_t > pub_key, KyberMode m)
bool supports_operation(PublicKeyOperation op) const override
Definition kyber.h:115
KyberMode mode() const
Definition kyber.cpp:163
OID object_identifier() const override
Definition kyber.cpp:179
friend class Kyber_KEM_Decryptor
Definition kyber.h:132
std::unique_ptr< Private_Key > generate_another(RandomNumberGenerator &rng) const final
Definition kyber.cpp:225
Kyber_PublicKey(std::span< const uint8_t > pub_key, KyberMode mode)
Definition kyber.cpp:190
size_t estimated_strength() const override
Definition kyber.cpp:183
PublicKeyOperation
Definition pk_keys.h:45
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition exceptn.cpp:13