1 files changed, 11 insertions, 15 deletions

diff --git a/src/lib/libcrypto/mlkem/mlkem.h b/src/lib/libcrypto/mlkem/mlkem.h
index a5645facc6..a2c5d7fed0 100644
--- a/src/lib/libcrypto/mlkem/mlkem.h
+++ b/src/lib/libcrypto/mlkem/mlkem.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: mlkem.h,v 1.4 2024/12/19 23:52:26 tb Exp $ */
+/*      $OpenBSD: mlkem.h,v 1.6 2025/05/19 06:47:40 beck Exp $ */
 /*
  * Copyright (c) 2024, Google Inc.
  *
@@ -25,10 +25,6 @@
 extern "C" {
 #endif
 
-/* Hack for now */
-struct cbs_st;
-struct cbb_st;
-
 /*
  * ML-KEM-768
  *
@@ -78,10 +74,10 @@ struct MLKEM768_private_key {
 /*
  * MLKEM_generate_key generates a random public/private key pair, writes the
  * encoded public key to |out_encoded_public_key| and sets |out_private_key| to
- * the private key. If |optional_out_seed| us not NULL then te seed used to
- * generate te private key is written to it.
+ * the private key. If |optional_out_seed| is not NULL then the seed used to
+ * generate the private key is written to it.
  */
-void MLKEM768_generate_key(
+int MLKEM768_generate_key(
     uint8_t out_encoded_public_key[MLKEM768_PUBLIC_KEY_BYTES],
     uint8_t optional_out_seed[MLKEM_SEED_BYTES],
     struct MLKEM768_private_key *out_private_key);
@@ -137,7 +133,7 @@ int MLKEM768_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
  * format for ML-KEM public keys. It returns one on success or zero on allocation
  * error.
  */
-int MLKEM768_marshal_public_key(struct cbb_st *out,
+int MLKEM768_marshal_public_key(uint8_t **output, size_t *output_len,
     const struct MLKEM768_public_key *public_key);
 
 /*
@@ -147,7 +143,7 @@ int MLKEM768_marshal_public_key(struct cbb_st *out,
  * there are trailing bytes in |in|.
  */
 int MLKEM768_parse_public_key(struct MLKEM768_public_key *out_public_key,
-    struct cbs_st *in);
+    const uint8_t *input, size_t input_len);
 
 /*
  * MLKEM_parse_private_key parses a private key, in the format generated by
@@ -157,7 +153,7 @@ int MLKEM768_parse_public_key(struct MLKEM768_public_key *out_public_key,
  * Private keys should be stored as seeds and parsed using |MLKEM768_private_key_from_seed|.
  */
 int MLKEM768_parse_private_key(struct MLKEM768_private_key *out_private_key,
-    struct cbs_st *in);
+    const uint8_t *input, size_t input_len);
 
 /*
  * ML-KEM-1024
@@ -200,7 +196,7 @@ struct MLKEM1024_private_key {
  * the private key. If |optional_out_seed| is not NULL then the seed used to
  * generate the private key is written to it.
  */
-void MLKEM1024_generate_key(
+int MLKEM1024_generate_key(
     uint8_t out_encoded_public_key[MLKEM1024_PUBLIC_KEY_BYTES],
     uint8_t optional_out_seed[MLKEM_SEED_BYTES],
     struct MLKEM1024_private_key *out_private_key);
@@ -256,7 +252,7 @@ int MLKEM1024_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
  * format for ML-KEM-1024 public keys. It returns one on success or zero on
  * allocation error.
  */
-int MLKEM1024_marshal_public_key(struct cbb_st *out,
+int MLKEM1024_marshal_public_key(uint8_t **output, size_t *output_len,
     const struct MLKEM1024_public_key *public_key);
 
 /*
@@ -266,7 +262,7 @@ int MLKEM1024_marshal_public_key(struct cbb_st *out,
  * there are trailing bytes in |in|.
  */
 int MLKEM1024_parse_public_key(struct MLKEM1024_public_key *out_public_key,
-    struct cbs_st *in);
+    const uint8_t *input, size_t input_len);
 
 /*
  * MLKEM1024_parse_private_key parses a private key, in NIST's format for
@@ -276,7 +272,7 @@ int MLKEM1024_parse_public_key(struct MLKEM1024_public_key *out_public_key,
  * stored as seeds and parsed using |MLKEM1024_private_key_from_seed|.
  */
 int MLKEM1024_parse_private_key(struct MLKEM1024_private_key *out_private_key,
-    struct cbs_st *in);
+    const uint8_t *input, size_t input_len);
 
 #if defined(__cplusplus)
 }