diff options
Diffstat (limited to 'src/lib/libcrypto/mlkem/mlkem_internal.h')
| -rw-r--r-- | src/lib/libcrypto/mlkem/mlkem_internal.h | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/src/lib/libcrypto/mlkem/mlkem_internal.h b/src/lib/libcrypto/mlkem/mlkem_internal.h new file mode 100644 index 0000000000..3ef877f6d1 --- /dev/null +++ b/src/lib/libcrypto/mlkem/mlkem_internal.h | |||
| @@ -0,0 +1,78 @@ | |||
| 1 | /* Copyright (c) 2023, Google Inc. | ||
| 2 | * | ||
| 3 | * Permission to use, copy, modify, and/or distribute this software for any | ||
| 4 | * purpose with or without fee is hereby granted, provided that the above | ||
| 5 | * copyright notice and this permission notice appear in all copies. | ||
| 6 | * | ||
| 7 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 8 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 9 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | ||
| 10 | * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 11 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION | ||
| 12 | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN | ||
| 13 | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ | ||
| 14 | |||
| 15 | #ifndef OPENSSL_HEADER_CRYPTO_MLKEM_INTERNAL_H | ||
| 16 | #define OPENSSL_HEADER_CRYPTO_MLKEM_INTERNAL_H | ||
| 17 | |||
| 18 | #include <openssl/mlkem.h> | ||
| 19 | |||
| 20 | #if defined(__cplusplus) | ||
| 21 | extern "C" { | ||
| 22 | #endif | ||
| 23 | |||
| 24 | __BEGIN_HIDDEN_DECLS | ||
| 25 | |||
| 26 | /* | ||
| 27 | * MLKEM_ENCAP_ENTROPY is the number of bytes of uniformly random entropy | ||
| 28 | * necessary to encapsulate a secret. The entropy will be leaked to the | ||
| 29 | * decapsulating party. | ||
| 30 | */ | ||
| 31 | #define MLKEM_ENCAP_ENTROPY 32 | ||
| 32 | |||
| 33 | /* | ||
| 34 | * MLKEM768_generate_key_external_entropy is a deterministic function to create a | ||
| 35 | * pair of ML-KEM 768 keys, using the supplied entropy. The entropy needs to be | ||
| 36 | * uniformly random generated. This function is should only be used for tests, | ||
| 37 | * regular callers should use the non-deterministic |MLKEM_generate_key| | ||
| 38 | * directly. | ||
| 39 | */ | ||
| 40 | void MLKEM768_generate_key_external_entropy( | ||
| 41 | uint8_t out_encoded_public_key[MLKEM768_PUBLIC_KEY_BYTES], | ||
| 42 | struct MLKEM768_private_key *out_private_key, | ||
| 43 | const uint8_t entropy[MLKEM_SEED_BYTES]); | ||
| 44 | |||
| 45 | /* | ||
| 46 | * MLKEM768_PRIVATE_KEY_BYTES is the length of the data produced by | ||
| 47 | * |MLKEM768_marshal_private_key|. | ||
| 48 | */ | ||
| 49 | #define MLKEM768_PRIVATE_KEY_BYTES 2400 | ||
| 50 | |||
| 51 | /* | ||
| 52 | * MLKEM768_marshal_private_key serializes |private_key| to |out| in the standard | ||
| 53 | * format for ML-KEM private keys. It returns one on success or zero on | ||
| 54 | * allocation error. | ||
| 55 | */ | ||
| 56 | int MLKEM768_marshal_private_key(CBB *out, | ||
| 57 | const struct MLKEM768_private_key *private_key); | ||
| 58 | |||
| 59 | /* | ||
| 60 | * MLKEM_encap_external_entropy behaves like |MLKEM_encap|, but uses | ||
| 61 | * |MLKEM_ENCAP_ENTROPY| bytes of |entropy| for randomization. The decapsulating | ||
| 62 | * side will be able to recover |entropy| in full. This function should only be | ||
| 63 | * used for tests, regular callers should use the non-deterministic | ||
| 64 | * |MLKEM_encap| directly. | ||
| 65 | */ | ||
| 66 | void MLKEM768_encap_external_entropy( | ||
| 67 | uint8_t out_ciphertext[MLKEM768_CIPHERTEXT_BYTES], | ||
| 68 | uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], | ||
| 69 | const struct MLKEM768_public_key *public_key, | ||
| 70 | const uint8_t entropy[MLKEM_ENCAP_ENTROPY]); | ||
| 71 | |||
| 72 | __END_HIDDEN_DECLS | ||
| 73 | |||
| 74 | #if defined(__cplusplus) | ||
| 75 | } | ||
| 76 | #endif | ||
| 77 | |||
| 78 | #endif /* OPENSSL_HEADER_CRYPTO_MLKEM_INTERNAL_H */ | ||