3312af6e07
We currently use an old version of libgcrypt which results in us having fewer ciphers and missing on many other improvements. Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
131 lines
4.8 KiB
C
131 lines
4.8 KiB
C
/* kyber.h - the Kyber key encapsulation mechanism (header)
|
|
* Copyright (C) 2024 g10 Code GmbH
|
|
*
|
|
* This file was modified for use by Libgcrypt.
|
|
*
|
|
* This file is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU Lesser General Public License as
|
|
* published by the Free Software Foundation; either version 2.1 of
|
|
* the License, or (at your option) any later version.
|
|
*
|
|
* This file is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this program; if not, see <https://www.gnu.org/licenses/>.
|
|
* SPDX-License-Identifier: LGPL-2.1-or-later
|
|
*
|
|
* You can also use this file under the same licence of original code.
|
|
* SPDX-License-Identifier: CC0 OR Apache-2.0
|
|
*
|
|
*/
|
|
/*
|
|
Original code from:
|
|
|
|
Repository: https://github.com/pq-crystals/kyber.git
|
|
Branch: standard
|
|
Commit: 11d00ff1f20cfca1f72d819e5a45165c1e0a2816
|
|
|
|
Licence:
|
|
Public Domain (https://creativecommons.org/share-your-work/public-domain/cc0/);
|
|
or Apache 2.0 License (https://www.apache.org/licenses/LICENSE-2.0.html).
|
|
|
|
Authors:
|
|
Joppe Bos
|
|
Léo Ducas
|
|
Eike Kiltz
|
|
Tancrède Lepoint
|
|
Vadim Lyubashevsky
|
|
John Schanck
|
|
Peter Schwabe
|
|
Gregor Seiler
|
|
Damien Stehlé
|
|
|
|
Kyber Home: https://www.pq-crystals.org/kyber/
|
|
*/
|
|
/* Standalone use is possible either with KYBER_K defined with the
|
|
* value (2, 3, or 4), or not defined. For the latter, routines for
|
|
* three variants are available.
|
|
*/
|
|
|
|
#ifndef KYBER_H
|
|
#define KYBER_H
|
|
|
|
#ifdef _GCRYPT_IN_LIBGCRYPT
|
|
/**** Start of the glue code to libgcrypt ****/
|
|
#define kyber_keypair _gcry_mlkem_keypair
|
|
#define kyber_encap _gcry_mlkem_encap
|
|
#define kyber_decap _gcry_mlkem_decap
|
|
/**** End of the glue code ****/
|
|
|
|
void kyber_keypair (int algo, uint8_t *pk, uint8_t *sk);
|
|
void kyber_encap (int algo, uint8_t *ct, uint8_t *ss, const uint8_t *pk);
|
|
void kyber_decap (int algo, uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
|
|
#elif defined(KYBER_K)
|
|
int crypto_kem_keypair (uint8_t *pk, uint8_t *sk);
|
|
int crypto_kem_enc (uint8_t *ct, uint8_t *ss, const uint8_t *pk);
|
|
int crypto_kem_dec (uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
|
|
# if KYBER_K == 2
|
|
# define CRYPTO_SECRETKEYBYTES (2*384+2*384+32+2*32)
|
|
# define CRYPTO_PUBLICKEYBYTES (2*384+32)
|
|
# define CRYPTO_CIPHERTEXTBYTES (128+2*320)
|
|
# define CRYPTO_BYTES 32
|
|
# define CRYPTO_ALGNAME "Kyber512"
|
|
# elif KYBER_K == 3
|
|
# define CRYPTO_SECRETKEYBYTES (3*384+3*384+32+2*32)
|
|
# define CRYPTO_PUBLICKEYBYTES (3*384+32)
|
|
# define CRYPTO_CIPHERTEXTBYTES (128+3*320)
|
|
# define CRYPTO_BYTES 32
|
|
# define CRYPTO_ALGNAME "Kyber768"
|
|
# elif KYBER_K == 4
|
|
# define CRYPTO_SECRETKEYBYTES (4*384+2*384+32+2*32)
|
|
# define CRYPTO_PUBLICKEYBYTES (4*384+32)
|
|
# define CRYPTO_CIPHERTEXTBYTES (160+2*352)
|
|
# define CRYPTO_BYTES 32
|
|
# define CRYPTO_ALGNAME "Kyber1024"
|
|
# else
|
|
# define CRYPTO_SECRETKEYBYTES_512 (2*384+2*384+32+2*32)
|
|
# define CRYPTO_PUBLICKEYBYTES_512 (2*384+32)
|
|
# define CRYPTO_CIPHERTEXTBYTES_512 (128+2*320)
|
|
# define CRYPTO_BYTES_512 32
|
|
|
|
# define CRYPTO_SECRETKEYBYTES_768 (3*384+3*384+32+2*32)
|
|
# define CRYPTO_PUBLICKEYBYTES_768 (3*384+32)
|
|
# define CRYPTO_CIPHERTEXTBYTES_768 (128+3*320)
|
|
# define CRYPTO_BYTES_768 32
|
|
|
|
# define CRYPTO_SECRETKEYBYTES_1024 (4*384+2*384+32+2*32)
|
|
# define CRYPTO_PUBLICKEYBYTES_1024 (4*384+32)
|
|
# define CRYPTO_CIPHERTEXTBYTES_1024 (160+2*352)
|
|
# define CRYPTO_BYTES_1024 32
|
|
|
|
# define CRYPTO_ALGNAME "Kyber"
|
|
|
|
# define crypto_kem_keypair_2 crypto_kem_keypair_512
|
|
# define crypto_kem_keypair_3 crypto_kem_keypair_768
|
|
# define crypto_kem_keypair_4 crypto_kem_keypair_1024
|
|
|
|
int crypto_kem_keypair_2 (uint8_t *pk, uint8_t *sk);
|
|
int crypto_kem_keypair_3 (uint8_t *pk, uint8_t *sk);
|
|
int crypto_kem_keypair_4 (uint8_t *pk, uint8_t *sk);
|
|
|
|
# define crypto_kem_enc_2 crypto_kem_enc_512
|
|
# define crypto_kem_enc_3 crypto_kem_enc_768
|
|
# define crypto_kem_enc_4 crypto_kem_enc_1024
|
|
int crypto_kem_enc_2 (uint8_t *ct, uint8_t *ss, const uint8_t *pk);
|
|
int crypto_kem_enc_3 (uint8_t *ct, uint8_t *ss, const uint8_t *pk);
|
|
int crypto_kem_enc_4 (uint8_t *ct, uint8_t *ss, const uint8_t *pk);
|
|
|
|
# define crypto_kem_dec_2 crypto_kem_dec_512
|
|
# define crypto_kem_dec_3 crypto_kem_dec_768
|
|
# define crypto_kem_dec_4 crypto_kem_dec_1024
|
|
int crypto_kem_dec_2 (uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
|
|
int crypto_kem_dec_3 (uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
|
|
int crypto_kem_dec_4 (uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
|
|
# endif
|
|
#endif
|
|
|
|
#endif /* KYBER_H */
|