Remove the RNG argument from PK_KEM_Encryptor

It was entirely unused by all algorithms

src/cli/speed.cpp

@@ -1806,7 +1806,7 @@ class Speed final : public Command
                         std::chrono::milliseconds msec)
          {
          Botan::PK_KEM_Decryptor dec(key, rng(), kdf, provider);
-         Botan::PK_KEM_Encryptor enc(key, rng(), kdf, provider);
+         Botan::PK_KEM_Encryptor enc(key, kdf, provider);
 
          auto kem_enc_timer = make_timer(nm, provider, "KEM encrypt");
          auto kem_dec_timer = make_timer(nm, provider, "KEM decrypt");

src/lib/pubkey/kyber/kyber_common/kyber.cpp

@@ -1569,11 +1569,11 @@ secure_vector<uint8_t> Kyber_PrivateKey::private_key_bits_der() const
    return output;
    }
 
-std::unique_ptr<PK_Ops::KEM_Encryption> Kyber_PublicKey::create_kem_encryption_op(RandomNumberGenerator& rng,
-      const std::string& params,
-      const std::string& provider) const
+std::unique_ptr<PK_Ops::KEM_Encryption>
+Kyber_PublicKey::create_kem_encryption_op(
+   const std::string& params,
+   const std::string& provider) const
    {
-   BOTAN_UNUSED(rng);
    if(provider.empty() || provider == "base")
       return std::make_unique<Kyber_KEM_Encryptor>(*this, params);
    throw Provider_Not_Found(algo_name(), provider);

src/lib/pubkey/kyber/kyber_common/kyber.h

@@ -100,7 +100,7 @@ class BOTAN_PUBLIC_API(3, 0) Kyber_PublicKey : public virtual Public_Key
          return (op == PublicKeyOperation::KeyEncapsulation);
          }
 
-      std::unique_ptr<PK_Ops::KEM_Encryption> create_kem_encryption_op(RandomNumberGenerator& rng,
+      std::unique_ptr<PK_Ops::KEM_Encryption> create_kem_encryption_op(
             const std::string& params,
             const std::string& provider) const override;
 

src/lib/pubkey/mce/mceliece.h

@@ -62,8 +62,7 @@ class BOTAN_PUBLIC_API(2,0) McEliece_PublicKey : public virtual Public_Key
          }
 
       std::unique_ptr<PK_Ops::KEM_Encryption>
-         create_kem_encryption_op(RandomNumberGenerator& rng,
-                                  const std::string& params,
+         create_kem_encryption_op(const std::string& params,
                                   const std::string& provider) const override;
 
    protected:

src/lib/pubkey/mce/mceliece_key.cpp

@@ -372,8 +372,7 @@ class MCE_KEM_Decryptor final : public PK_Ops::KEM_Decryption_with_KDF
 }
 
 std::unique_ptr<PK_Ops::KEM_Encryption>
-McEliece_PublicKey::create_kem_encryption_op(RandomNumberGenerator& /*rng*/,
-                                             const std::string& params,
+McEliece_PublicKey::create_kem_encryption_op(const std::string& params,
                                              const std::string& provider) const
    {
    if(provider == "base" || provider.empty())

src/lib/pubkey/pk_keys.cpp

@@ -101,8 +101,7 @@ Public_Key::create_encryption_op(RandomNumberGenerator& /*rng*/,
    }
 
 std::unique_ptr<PK_Ops::KEM_Encryption>
-Public_Key::create_kem_encryption_op(RandomNumberGenerator& /*rng*/,
-                                     const std::string& /*params*/,
+Public_Key::create_kem_encryption_op(const std::string& /*params*/,
                                      const std::string& /*provider*/) const
    {
    throw Lookup_Error(algo_name() + " does not support KEM encryption");

src/lib/pubkey/pk_keys.h

@@ -207,15 +207,11 @@ class BOTAN_PUBLIC_API(2,0) Public_Key : public virtual Asymmetric_Key
       *
       * Return a KEM encryption operation for this key/params or throw
       *
-      * @param rng a random number generator. The PK_Op may maintain a
-      * reference to the RNG and use it many times. The rng must outlive
-      * any operations which reference it.
       * @param params additional parameters
       * @param provider the provider to use
       */
       virtual std::unique_ptr<PK_Ops::KEM_Encryption>
-         create_kem_encryption_op(RandomNumberGenerator& rng,
-                                  const std::string& params,
+         create_kem_encryption_op(const std::string& params,
                                   const std::string& provider) const;
 
       /**

src/lib/pubkey/pubkey.cpp

@@ -138,11 +138,10 @@ secure_vector<uint8_t> PK_Decryptor_EME::do_decrypt(uint8_t& valid_mask,
    }
 
 PK_KEM_Encryptor::PK_KEM_Encryptor(const Public_Key& key,
-                                   RandomNumberGenerator& rng,
                                    const std::string& param,
                                    const std::string& provider)
    {
-   m_op = key.create_kem_encryption_op(rng, param, provider);
+   m_op = key.create_kem_encryption_op(param, provider);
    if(!m_op)
       throw Invalid_Argument("Key type " + key.algo_name() + " does not support KEM encryption");
    }

src/lib/pubkey/pubkey.h

@@ -612,15 +612,30 @@ class BOTAN_PUBLIC_API(2,0) PK_KEM_Encryptor final
    public:
       /**
       * Construct an instance.
-      * @param key the key to use inside the encryptor
+      * @param key the key to encrypt to
+      * @param kem_param additional KEM parameters
+      * @param provider the provider to use
+      */
+      PK_KEM_Encryptor(const Public_Key& key,
+                       const std::string& kem_param = "",
+                       const std::string& provider = "");
+
+      /**
+      * Construct an instance.
+      * @param key the key to encrypt to
       * @param rng the RNG to use
       * @param kem_param additional KEM parameters
       * @param provider the provider to use
       */
+      BOTAN_DEPRECATED("Use constructor that does not take RNG")
       PK_KEM_Encryptor(const Public_Key& key,
                        RandomNumberGenerator& rng,
                        const std::string& kem_param = "",
-                       const std::string& provider = "");
+                       const std::string& provider = "") :
+         PK_KEM_Encryptor(key, kem_param, provider)
+         {
+         BOTAN_UNUSED(rng);
+         }
 
       ~PK_KEM_Encryptor();
 

src/lib/pubkey/rsa/rsa.cpp

@@ -737,8 +737,7 @@ RSA_PublicKey::create_encryption_op(RandomNumberGenerator& /*rng*/,
    }
 
 std::unique_ptr<PK_Ops::KEM_Encryption>
-RSA_PublicKey::create_kem_encryption_op(RandomNumberGenerator& /*rng*/,
-                                        const std::string& params,
+RSA_PublicKey::create_kem_encryption_op(const std::string& params,
                                         const std::string& provider) const
    {
    if(provider == "base" || provider.empty())

src/lib/pubkey/rsa/rsa.h

@@ -74,8 +74,7 @@ class BOTAN_PUBLIC_API(2,0) RSA_PublicKey : public virtual Public_Key
                               const std::string& provider) const override;
 
       std::unique_ptr<PK_Ops::KEM_Encryption>
-         create_kem_encryption_op(RandomNumberGenerator& rng,
-                                  const std::string& params,
+         create_kem_encryption_op(const std::string& params,
                                   const std::string& provider) const override;
 
       std::unique_ptr<PK_Ops::Verification>

src/tests/test_kyber.cpp

@@ -58,7 +58,7 @@ class KYBER_Tests final : public Test
 
          auto roundtrip = [&] (const auto& pkey, const auto& skey, const std::string& context, const std::string& kdf)
             {
-            auto e = Botan::PK_KEM_Encryptor(*pkey, Test::rng(), kdf, "base");
+            auto e = Botan::PK_KEM_Encryptor(*pkey, kdf, "base");
             Botan::secure_vector<uint8_t> ct, shared_key;
             e.encrypt(ct, shared_key, 64, Test::rng());
 
@@ -113,7 +113,7 @@ class KYBER_Tests final : public Test
 
          // Bob (reading from serialized public key)
          Botan::Kyber_PublicKey alice_pub_key(pub_key_bits, mode, Botan::KyberKeyEncoding::Full);
-         auto enc = Botan::PK_KEM_Encryptor(alice_pub_key, Test::rng(), "Raw", "base");
+         auto enc = Botan::PK_KEM_Encryptor(alice_pub_key, "Raw", "base");
          Botan::secure_vector<uint8_t> cipher_text, key_bob;
          enc.encrypt(cipher_text, key_bob, 0 /* no KDF */, Test::rng());
 
@@ -195,7 +195,7 @@ Test::Result run_kyber_test(const char* test_name, const VarMap& vars, Botan::Ky
    result.test_eq("Secret Key Output", priv_key.private_key_bits(), sk_in);
 
    // Bob
-   auto enc = Botan::PK_KEM_Encryptor(*pub_key, ctr_drbg, "Raw", "base");
+   auto enc = Botan::PK_KEM_Encryptor(*pub_key, "Raw", "base");
    Botan::secure_vector<uint8_t> cipher_text, key_bob;
    enc.encrypt(cipher_text, key_bob, 0 /* no KDF */, ctr_drbg);
    result.test_eq("Cipher-Text Output", cipher_text, ct_in);

src/tests/test_mceliece.cpp

@@ -70,7 +70,7 @@ class McEliece_Keygen_Encrypt_Test final : public Text_Based_Test
 
          try
             {
-            Botan::PK_KEM_Encryptor kem_enc(mce_priv, Test::rng(), "KDF1(SHA-512)");
+            Botan::PK_KEM_Encryptor kem_enc(mce_priv, "KDF1(SHA-512)");
             Botan::PK_KEM_Decryptor kem_dec(mce_priv, Test::rng(), "KDF1(SHA-512)");
 
             Botan::secure_vector<uint8_t> encap_key, prod_shared_key;
@@ -204,7 +204,7 @@ class McEliece_Tests final : public Test
          Test::Result result("McEliece KEM");
          result.start_timer();
 
-         Botan::PK_KEM_Encryptor enc_op(pk, Test::rng(), "KDF2(SHA-256)");
+         Botan::PK_KEM_Encryptor enc_op(pk, "KDF2(SHA-256)");
          Botan::PK_KEM_Decryptor dec_op(sk, Test::rng(), "KDF2(SHA-256)");
 
          const size_t trials = (Test::run_long_tests() ? 30 : 10);

src/tests/test_pubkey.cpp

@@ -537,7 +537,7 @@ Test::Result PK_KEM_Test::run_one_test(const std::string& /*header*/, const VarM
    std::unique_ptr<Botan::PK_KEM_Encryptor> enc;
    try
       {
-      enc = std::make_unique<Botan::PK_KEM_Encryptor>(pubkey, Test::rng(), kdf);
+      enc = std::make_unique<Botan::PK_KEM_Encryptor>(pubkey, kdf);
       }
    catch(Botan::Lookup_Error&)
       {