1 files changed, 39 insertions, 0 deletions
diff --git a/src/lib/libcrypto/mlkem/mlkem_internal.h b/src/lib/libcrypto/mlkem/mlkem_internal.h
index 3ef877f6d1..3141160ac2 100644
--- a/src/lib/libcrypto/mlkem/mlkem_internal.h
+++ b/src/lib/libcrypto/mlkem/mlkem_internal.h
@@ -69,6 +69,45 @@ void MLKEM768_encap_external_entropy(
    const struct MLKEM768_public_key *public_key,
    const uint8_t entropy[MLKEM_ENCAP_ENTROPY]);
+/*
+ * MLKEM1024_generate_key_external_entropy is a deterministic function to create a
+ * pair of ML-KEM 1024 keys, using the supplied entropy. The entropy needs to be
+ * uniformly random generated. This function is should only be used for tests,
+ * regular callers should use the non-deterministic |MLKEM_generate_key|
+ * directly.
+ */
+void MLKEM1024_generate_key_external_entropy(
+    uint8_t out_encoded_public_key[MLKEM1024_PUBLIC_KEY_BYTES],
+    struct MLKEM1024_private_key *out_private_key,
+    const uint8_t entropy[MLKEM_SEED_BYTES]);
+/*
+ * MLKEM1024_PRIVATE_KEY_BYTES is the length of the data produced by
+ * |MLKEM1024_marshal_private_key|.
+ */
+#define MLKEM1024_PRIVATE_KEY_BYTES 3168
+/*
+ * MLKEM1024_marshal_private_key serializes |private_key| to |out| in the
+ * standard format for ML-KEM private keys. It returns one on success or zero on
+ * allocation error.
+ */
+int MLKEM1024_marshal_private_key(CBB *out,
+    const struct MLKEM1024_private_key *private_key);
+/*
+ * MLKEM_encap_external_entropy behaves like |MLKEM_encap|, but uses
+ * |MLKEM_ENCAP_ENTROPY| bytes of |entropy| for randomization. The decapsulating
+ * side will be able to recover |entropy| in full. This function should only be
+ * used for tests, regular callers should use the non-deterministic
+ * |MLKEM_encap| directly.
+ */
+void MLKEM1024_encap_external_entropy(
+    uint8_t out_ciphertext[MLKEM1024_CIPHERTEXT_BYTES],
+    uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
+    const struct MLKEM1024_public_key *public_key,
+    const uint8_t entropy[MLKEM_ENCAP_ENTROPY]);
 __END_HIDDEN_DECLS
 #if defined(__cplusplus)

diff --git a/src/lib/libcrypto/mlkem/mlkem_internal.h b/src/lib/libcrypto/mlkem/mlkem_internal.h index 3ef877f6d1..3141160ac2 100644 --- a/src/lib/libcrypto/mlkem/mlkem_internal.h +++ b/src/lib/libcrypto/mlkem/mlkem_internal.h
@@ -69,6 +69,45 @@ void MLKEM768_encap_external_entropy(
69	const struct MLKEM768_public_key *public_key,	69	const struct MLKEM768_public_key *public_key,
70	const uint8_t entropy[MLKEM_ENCAP_ENTROPY]);	70	const uint8_t entropy[MLKEM_ENCAP_ENTROPY]);
71		71
		72	/*
		73	* MLKEM1024_generate_key_external_entropy is a deterministic function to create a
		74	* pair of ML-KEM 1024 keys, using the supplied entropy. The entropy needs to be
		75	* uniformly random generated. This function is should only be used for tests,
		76	* regular callers should use the non-deterministic \|MLKEM_generate_key\|
		77	* directly.
		78	*/
		79	void MLKEM1024_generate_key_external_entropy(
		80	uint8_t out_encoded_public_key[MLKEM1024_PUBLIC_KEY_BYTES],
		81	struct MLKEM1024_private_key *out_private_key,
		82	const uint8_t entropy[MLKEM_SEED_BYTES]);
		83
		84	/*
		85	* MLKEM1024_PRIVATE_KEY_BYTES is the length of the data produced by
		86	* \|MLKEM1024_marshal_private_key\|.
		87	*/
		88	#define MLKEM1024_PRIVATE_KEY_BYTES 3168
		89
		90	/*
		91	* MLKEM1024_marshal_private_key serializes \|private_key\| to \|out\| in the
		92	* standard format for ML-KEM private keys. It returns one on success or zero on
		93	* allocation error.
		94	*/
		95	int MLKEM1024_marshal_private_key(CBB *out,
		96	const struct MLKEM1024_private_key *private_key);
		97
		98	/*
		99	* MLKEM_encap_external_entropy behaves like \|MLKEM_encap\|, but uses
		100	* \|MLKEM_ENCAP_ENTROPY\| bytes of \|entropy\| for randomization. The decapsulating
		101	* side will be able to recover \|entropy\| in full. This function should only be
		102	* used for tests, regular callers should use the non-deterministic
		103	* \|MLKEM_encap\| directly.
		104	*/
		105	void MLKEM1024_encap_external_entropy(
		106	uint8_t out_ciphertext[MLKEM1024_CIPHERTEXT_BYTES],
		107	uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
		108	const struct MLKEM1024_public_key *public_key,
		109	const uint8_t entropy[MLKEM_ENCAP_ENTROPY]);
		110
72	__END_HIDDEN_DECLS	111	__END_HIDDEN_DECLS
73		112
74	#if defined(__cplusplus)	113	#if defined(__cplusplus)