hkds_server.h

Go to the documentation of this file.

/* 2025 Quantum Resistant Cryptographic Solutions Corporation
 * All Rights Reserved.
 *
 * NOTICE: This software and all accompanying materials are the exclusive 
 * property of Quantum Resistant Cryptographic Solutions Corporation (QRCS).
 * The intellectual and technical concepts contained within this implementation 
 * are proprietary to QRCS and its authorized licensors and are protected under 
 * applicable U.S. and international copyright, patent, and trade secret laws.
 *
 * CRYPTOGRAPHIC STANDARDS:
 * - This software includes implementations of cryptographic algorithms such as 
 *   SHA3, AES, and others. These algorithms are public domain or standardized 
 *   by organizations such as NIST and are NOT the property of QRCS.
 * - However, all source code, optimizations, and implementations in this library 
 *   are original works of QRCS and are protected under this license.
 *
 * RESTRICTIONS:
 * - Redistribution, modification, or unauthorized distribution of this software, 
 *   in whole or in part, is strictly prohibited.
 * - This software is provided for non-commercial, educational, and research 
 *   purposes only. Commercial use in any form is expressly forbidden.
 * - Licensing and authorized distribution are solely at the discretion of QRCS.
 * - Any use of this software implies acceptance of these restrictions.
 *
 * DISCLAIMER:
 * This software is provided "as is," without warranty of any kind, express or 
 * implied, including but not limited to warranties of merchantability or fitness 
 * for a particular purpose. QRCS disclaims all liability for any direct, indirect, 
 * incidental, or consequential damages resulting from the use or misuse of this software.
 *
 * FULL LICENSE:
 * This software is subject to the **Quantum Resistant Cryptographic Solutions 
 * Proprietary License (QRCS-PL)**. The complete license terms are included 
 * in the LICENSE.txt file distributed with this software.
 *
 * Written by: John G. Underhill
 * Contact: john.underhill@protonmail.com
 */
 
#ifndef HKDS_SERVER_H
#define HKDS_SERVER_H
 
#include "hkds_config.h"


HKDS_EXPORT_API typedef struct
{
    uint8_t bdk[HKDS_BDK_SIZE];  
    uint8_t stk[HKDS_STK_SIZE];  
    uint8_t kid[HKDS_KID_SIZE];  
} hkds_master_key;

HKDS_EXPORT_API typedef struct
{
    uint8_t ksn[HKDS_KSN_SIZE];  
    hkds_master_key* mdk;        
    size_t count;                
    size_t rate;                 
} hkds_server_state;

HKDS_EXPORT_API void hkds_server_decrypt_message(hkds_server_state* state, const uint8_t* ciphertext, uint8_t* plaintext);

HKDS_EXPORT_API bool hkds_server_decrypt_verify_message(hkds_server_state* state, const uint8_t* ciphertext, const uint8_t* data,
    size_t datalen, uint8_t* plaintext);

HKDS_EXPORT_API void hkds_server_encrypt_token(hkds_server_state* state, uint8_t* etok);

HKDS_EXPORT_API void hkds_server_generate_edk(const uint8_t* bdk, const uint8_t* did, uint8_t* edk);

HKDS_EXPORT_API void hkds_server_generate_mdk(bool (*rng_generate)(uint8_t*, size_t), hkds_master_key* mdk, const uint8_t* kid);

HKDS_EXPORT_API void hkds_server_initialize_state(hkds_server_state* state, hkds_master_key* mdk, const uint8_t* ksn);
 
/* --- Parallel Vectorized x8 API --- */

HKDS_EXPORT_API typedef struct
{
    uint8_t ksn[HKDS_CACHX8_DEPTH][HKDS_KSN_SIZE];  
    hkds_master_key* mdk;                           
} hkds_server_x8_state;

HKDS_EXPORT_API void hkds_server_decrypt_message_x8(hkds_server_x8_state* state, 
    const uint8_t ciphertext[HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE],
    uint8_t plaintext[HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE]);

HKDS_EXPORT_API void hkds_server_decrypt_verify_message_x8(hkds_server_x8_state* state, 
    const uint8_t ciphertext[HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE + HKDS_TAG_SIZE],
    const uint8_t data[HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE], size_t datalen, 
    uint8_t plaintext[HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE], 
    bool valid[HKDS_CACHX8_DEPTH]);

HKDS_EXPORT_API void hkds_server_encrypt_token_x8(hkds_server_x8_state* state, 
    uint8_t etok[HKDS_CACHX8_DEPTH][HKDS_STK_SIZE + HKDS_TAG_SIZE]);

HKDS_EXPORT_API void hkds_server_generate_edk_x8(const hkds_server_x8_state* state, 
    const uint8_t did[HKDS_CACHX8_DEPTH][HKDS_DID_SIZE],
    uint8_t edk[HKDS_CACHX8_DEPTH][HKDS_EDK_SIZE]);

HKDS_EXPORT_API void hkds_server_initialize_state_x8(hkds_server_x8_state* state, 
    hkds_master_key* mdk, 
    const uint8_t ksn[HKDS_CACHX8_DEPTH][HKDS_KSN_SIZE]);
 
#if defined(SYSTEM_OPENMP)
 
/* --- Parallel SIMD Vectorized x64 API --- */

HKDS_EXPORT_API void hkds_server_decrypt_message_x64(hkds_server_x8_state state[HKDS_PARALLEL_DEPTH],
    const uint8_t ciphertext[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE],
    uint8_t plaintext[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE]);

HKDS_EXPORT_API void hkds_server_decrypt_verify_message_x64(hkds_server_x8_state state[HKDS_PARALLEL_DEPTH],
    const uint8_t ciphertext[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_TAG_SIZE + HKDS_MESSAGE_SIZE],
    const uint8_t data[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE], size_t datalen,
    uint8_t plaintext[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_MESSAGE_SIZE],
    bool valid[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH]);

HKDS_EXPORT_API void hkds_server_encrypt_token_x64(hkds_server_x8_state state[HKDS_PARALLEL_DEPTH], 
    uint8_t etok[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_STK_SIZE + HKDS_TAG_SIZE]);

HKDS_EXPORT_API void hkds_server_generate_edk_x64(const hkds_server_x8_state state[HKDS_PARALLEL_DEPTH],
    const uint8_t did[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_DID_SIZE],
    uint8_t edk[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_EDK_SIZE]);

HKDS_EXPORT_API void hkds_server_initialize_state_x64(hkds_server_x8_state state[HKDS_PARALLEL_DEPTH],
    hkds_master_key mdk[HKDS_PARALLEL_DEPTH],
    const uint8_t ksn[HKDS_PARALLEL_DEPTH][HKDS_CACHX8_DEPTH][HKDS_KSN_SIZE]);
 
#endif
#endif