Skip to content

Commit

Permalink
introduce module frodokem_shake
Browse files Browse the repository at this point in the history
  • Loading branch information
@reneme
reneme committed Nov 14, 2023
1 parent 687354f commit 3fdafc6
Show file tree
Hide file tree
Showing 14 changed files with 74 additions and 14 deletions.
1 change: 1 addition & 0 deletions src/lib/pubkey/frodokem/frodokem_aes/info.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,5 @@ name -> "FrodoKEM-AES"

<requires>
aes
frodokem_common
</requires>
0 src/lib/pubkey/frodokem/frodo_constants.cpp → ...dokem/frodokem_common/frodo_constants.cpp
View file
File renamed without changes.
0 src/lib/pubkey/frodokem/frodo_constants.h → ...rodokem/frodokem_common/frodo_constants.h
View file
File renamed without changes.
20 changes: 8 additions & 12 deletions src/lib/pubkey/frodokem/frodo_matrix.cpp → ...frodokem/frodokem_common/frodo_matrix.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,16 +16,20 @@
#include <botan/frodokem.h>
#include <botan/hex.h>
#include <botan/mem_ops.h>
#include <botan/xof.h>
#include <botan/internal/bit_ops.h>
#include <botan/internal/frodo_constants.h>
#include <botan/internal/loadstor.h>
#include <botan/internal/shake_xof.h>
#include <botan/internal/stl_util.h>

#if defined(BOTAN_HAS_FRODOKEM_AES)
#include <botan/internal/frodo_aes_generator.h>
#endif

#if defined(BOTAN_HAS_FRODOKEM_SHAKE)
#include <botan/internal/frodo_shake_generator.h>
#endif

#include <array>
#include <cmath>
#include <cstdint>
Expand All @@ -50,19 +54,11 @@ std::function<void(std::span<uint8_t> out, uint16_t i)> make_row_generator(const
}
#endif

#if defined(BOTAN_HAS_FRODOKEM_SHAKE)
if(constants.mode().is_shake()) {
SHAKE_128_XOF xof;
return [xof, a = FrodoSeedA(seed_a)](std::span<uint8_t> out, uint16_t i) mutable {
xof.clear();
// TODO: update that once #3707 is merged
// potentially add a new method: std::array<uint8_t, XX> as_le(uintXX_t)
std::array<uint8_t, 2> le;
store_le(i, le.data());
xof.update(le);
xof.update(a);
xof.output(out);
};
return create_shake_row_generator(constants, seed_a);
}
#endif

// If we don't have AES in this build, the instantiation of the FrodoKEM instance
// is blocked upstream already. Hence, assert is save here.
Expand Down
0 src/lib/pubkey/frodokem/frodo_matrix.h → ...y/frodokem/frodokem_common/frodo_matrix.h
View file
File renamed without changes.
0 src/lib/pubkey/frodokem/frodo_mode.cpp → ...y/frodokem/frodokem_common/frodo_mode.cpp
View file
File renamed without changes.
7 changes: 6 additions & 1 deletion src/lib/pubkey/frodokem/frodo_mode.h → ...key/frodokem/frodokem_common/frodo_mode.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,12 @@ class BOTAN_PUBLIC_API(3, 3) FrodoKEMMode {
#if defined(BOTAN_HAS_FRODOKEM_AES)
is_aes() ||
#endif
is_shake();

#if defined(BOTAN_HAS_FRODOKEM_SHAKE)
is_shake() ||
#endif

false;
}

bool operator==(const FrodoKEMMode& other) const { return m_mode == other.m_mode; }
Expand Down
0 src/lib/pubkey/frodokem/frodo_types.h → ...ey/frodokem/frodokem_common/frodo_types.h
View file
File renamed without changes.
0 src/lib/pubkey/frodokem/frodokem.cpp → ...key/frodokem/frodokem_common/frodokem.cpp
View file
File renamed without changes.
0 src/lib/pubkey/frodokem/frodokem.h → ...ubkey/frodokem/frodokem_common/frodokem.h
View file
File renamed without changes.
6 changes: 5 additions & 1 deletion src/lib/pubkey/frodokem/info.txt → .../pubkey/frodokem/frodokem_common/info.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,14 @@ FRODOKEM -> 20230801
</defines>

<module_info>
name -> "FrodoKEM"
name -> "FrodoKEM (common)"
brief -> "Base implementation of FrodoKEM"
type -> "Internal"
</module_info>

<requires>
pubkey
rng
shake_xof
</requires>

Expand Down
40 changes: 40 additions & 0 deletions src/lib/pubkey/frodokem/frodokem_shake/frodo_shake_generator.h
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
/*
* FrodoKEM matrix generator based on SHAKE
*
* The Fellowship of the FrodoKEM:
* (C) 2023 Jack Lloyd
* 2023 René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_FRODOKEM_SHAKE_GENERATOR_H_
#define BOTAN_FRODOKEM_SHAKE_GENERATOR_H_

#include <botan/internal/frodo_constants.h>
#include <botan/internal/frodo_types.h>
#include <botan/internal/loadstor.h>
#include <botan/internal/shake_xof.h>

#include <span>

namespace Botan {

inline auto create_shake_row_generator(const FrodoKEMConstants& constants, StrongSpan<const FrodoSeedA> seed_a) {
BOTAN_ASSERT_NOMSG(constants.mode().is_shake());

return [xof = SHAKE_128_XOF(), a = FrodoSeedA(seed_a)](std::span<uint8_t> out, uint16_t i) mutable {
xof.clear();
// TODO: update that once #3707 is merged
// potentially add a new method: std::array<uint8_t, XX> as_le(uintXX_t)
std::array<uint8_t, 2> le;
store_le(i, le.data());
xof.update(le);
xof.update(a);
xof.output(out);
};
}

} // namespace Botan

#endif
12 changes: 12 additions & 0 deletions src/lib/pubkey/frodokem/frodokem_shake/info.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
<defines>
FRODOKEM_SHAKE -> 20231114
</defines>

<module_info>
name -> "FrodoKEM-SHAKE"
</module_info>

<requires>
shake_xof
frodokem_common
</requires>
2 changes: 2 additions & 0 deletions src/tests/test_frodokem.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,9 @@ class Frodo_Keygen_Tests final : public PK_Key_Generation_Test {
public:
std::vector<std::string> keygen_params() const override {
return {
#if defined(BOTAN_HAS_FRODOKEM_SHAKE)
"FrodoKEM-640-SHAKE", "FrodoKEM-976-SHAKE", "eFrodoKEM-640-SHAKE", "eFrodoKEM-976-SHAKE",
#endif
#if defined(BOTAN_HAS_FRODOKEM_AES)
"FrodoKEM-640-AES", "FrodoKEM-976-AES", "eFrodoKEM-640-AES", "eFrodoKEM-976-AES",
#endif
Expand Down

0 comments on commit 3fdafc6

Please sign in to comment.