Skip to main content

MLKEMPrivateKeyTrait

bouncycastle_mlkem_lowmemory

Trait MLKEMPrivateKeyTrait 

Source 
pub trait MLKEMPrivateKeyTrait<const k: usize, const SK_LEN: usize, const FULL_SK_LEN: usize, const PK_LEN: usize, const T_PACKED_LEN: usize>: KEMPrivateKey<SK_LEN> {
    // Required methods
    fn from_keymaterial(seed: &KeyMaterial<64>) -> Result<Self, KEMError>;
    fn seed(&self) -> Option<KeyMaterial<64>>;
    fn pk(&self) -> MLKEMPublicKey<k, PK_LEN, T_PACKED_LEN>;
    fn pk_hash(&mut self) -> &[u8; 32];
    fn encode_full_sk(&self) -> [u8; FULL_SK_LEN];
    fn full_sk_encode_out(&self, out: &mut [u8; FULL_SK_LEN]) -> usize;
    fn sk_decode(sk: &[u8; SK_LEN]) -> Self;
}
Expand description

General trait for all ML-KEM private keys types.

Required Methods§

Source

fn from_keymaterial(seed: &KeyMaterial<64>) -> Result<Self, KEMError>

New from KeyMaterial. Can throw a KEMError if the KeyMaterial does not contain sufficient entropy.

Source

fn seed(&self) -> Option<KeyMaterial<64>>

Get a ref to the seed, which there always will be for a MLKEMSeedPrivateKey In this implementation, we always have a seed, so will always return Some.

Source

fn pk(&self) -> MLKEMPublicKey<k, PK_LEN, T_PACKED_LEN>

Runs essentially a full keygen according to Algorithm 13.

Source

fn pk_hash(&mut self) -> &[u8; 32]

Get a ref to the stored public key hash. Since in this implementation, this requires running the full keygen, this is a lazy evaluation and will only be computationally heavy the first time it is called for a given key. This requires a mutable copy. If you don’t have then, then you can compute the full public key via MLKEMPrivateKeyTrait::pk and then get the hash of that.

Source

fn encode_full_sk(&self) -> [u8; FULL_SK_LEN]

This produces the full private key in the encoding specified in FIPS 203 so that it is compatible with other implementations.

Note that since this encoding does not include the seed, this is a one-way operation; after exporting in this encoding, it will be impossible to re-import it into a MLKEMSeedPrivateKey.

As described on Algorithm 16 line 3: dk ← (dkPKE ‖ ek ‖ H(ek) ‖ 𝑧)

Source

fn full_sk_encode_out(&self, out: &mut [u8; FULL_SK_LEN]) -> usize

This produces the full private key in the encoding specified in FIPS 203 so that it is compatible with other implementations.

Note that since this encoding does not include the seed, this is a one-way operation; after exporting in this encoding, it will be impossible to re-import it into a MLKEMSeedPrivateKey.

As described on Algorithm 16 line 3: dk ← (dkPKE ‖ ek ‖ H(ek) ‖ 𝑧)

Source

fn sk_decode(sk: &[u8; SK_LEN]) -> Self

Decode the private key.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementors§

Source§

impl<const k: usize, const eta1: i16, const LAMBDA: i16, const SK_LEN: usize, const FULL_SK_LEN: usize, const PK_LEN: usize, const T_PACKED_LEN: usize> MLKEMPrivateKeyTrait<k, SK_LEN, FULL_SK_LEN, PK_LEN, T_PACKED_LEN> for MLKEMSeedPrivateKey<k, eta1, LAMBDA, SK_LEN, FULL_SK_LEN, PK_LEN, T_PACKED_LEN>