mirror of
https://github.com/rosenpass/rosenpass.git
synced 2026-02-27 22:13:12 -08:00
114 lines
5.2 KiB
Rust
114 lines
5.2 KiB
Rust
//! Generic helpers for declaring bindings to liboqs kems
|
|
|
|
/// Generate bindings to a liboqs-provided KEM
|
|
macro_rules! oqs_kem {
|
|
($name:ident) => { ::paste::paste!{
|
|
#[doc = "Bindings for ::oqs_sys::kem::" [<"OQS_KEM" _ $name:snake>] "_*"]
|
|
mod [< $name:snake >] {
|
|
use rosenpass_cipher_traits::Kem;
|
|
use rosenpass_util::result::Guaranteed;
|
|
|
|
#[doc = "Bindings for ::oqs_sys::kem::" [<"OQS_KEM" _ $name:snake>] "_*"]
|
|
#[doc = ""]
|
|
#[doc = "# Examples"]
|
|
#[doc = ""]
|
|
#[doc = "```rust"]
|
|
#[doc = "use std::borrow::{Borrow, BorrowMut};"]
|
|
#[doc = "use rosenpass_cipher_traits::Kem;"]
|
|
#[doc = "use rosenpass_oqs::" $name:camel " as MyKem;"]
|
|
#[doc = "use rosenpass_secret_memory::{Secret, Public};"]
|
|
#[doc = ""]
|
|
#[doc = "rosenpass_secret_memory::secret_policy_try_use_memfd_secrets();"]
|
|
#[doc = ""]
|
|
#[doc = "// Recipient generates secret key, transfers pk to sender"]
|
|
#[doc = "let mut sk = Secret::<{ MyKem::SK_LEN }>::zero();"]
|
|
#[doc = "let mut pk = Public::<{ MyKem::PK_LEN }>::zero();"]
|
|
#[doc = "MyKem::keygen(sk.secret_mut(), pk.borrow_mut());"]
|
|
#[doc = ""]
|
|
#[doc = "// Sender generates ciphertext and local shared key, sends ciphertext to recipient"]
|
|
#[doc = "let mut shk_enc = Secret::<{ MyKem::SHK_LEN }>::zero();"]
|
|
#[doc = "let mut ct = Public::<{ MyKem::CT_LEN }>::zero();"]
|
|
#[doc = "MyKem::encaps(shk_enc.secret_mut(), ct.borrow_mut(), pk.borrow());"]
|
|
#[doc = ""]
|
|
#[doc = "// Recipient decapsulates ciphertext"]
|
|
#[doc = "let mut shk_dec = Secret::<{ MyKem::SHK_LEN }>::zero();"]
|
|
#[doc = "MyKem::decaps(shk_dec.secret_mut(), sk.secret(), ct.borrow());"]
|
|
#[doc = ""]
|
|
#[doc = "// Both parties end up with the same shared key"]
|
|
#[doc = "assert!(rosenpass_constant_time::compare(shk_enc.secret_mut(), shk_dec.secret_mut()) == 0);"]
|
|
#[doc = "```"]
|
|
pub enum [< $name:camel >] {}
|
|
|
|
/// # Panic & Safety
|
|
///
|
|
/// This Trait impl calls unsafe [oqs_sys] functions, that write to byte
|
|
/// slices only identified using raw pointers. It must be ensured that the raw
|
|
/// pointers point into byte slices of sufficient length, to avoid UB through
|
|
/// overwriting of arbitrary data. This is ensured through assertions in the
|
|
/// implementation.
|
|
///
|
|
/// __Note__: This requirement is stricter than necessary, it would suffice
|
|
/// to only check that the buffers are big enough, allowing them to be even
|
|
/// bigger. However, from a correctness point of view it does not make sense to
|
|
/// allow bigger buffers.
|
|
impl Kem for [< $name:camel >] {
|
|
type Error = ::std::convert::Infallible;
|
|
|
|
const SK_LEN: usize = ::oqs_sys::kem::[<OQS_KEM _ $name:snake _ length_secret_key >] as usize;
|
|
const PK_LEN: usize = ::oqs_sys::kem::[<OQS_KEM _ $name:snake _ length_public_key >] as usize;
|
|
const CT_LEN: usize = ::oqs_sys::kem::[<OQS_KEM _ $name:snake _ length_ciphertext >] as usize;
|
|
const SHK_LEN: usize = ::oqs_sys::kem::[<OQS_KEM _ $name:snake _ length_shared_secret >] as usize;
|
|
|
|
fn keygen(sk: &mut [u8], pk: &mut [u8]) -> Guaranteed<()> {
|
|
assert_eq!(sk.len(), Self::SK_LEN);
|
|
assert_eq!(pk.len(), Self::PK_LEN);
|
|
unsafe {
|
|
oqs_call!(
|
|
::oqs_sys::kem::[< OQS_KEM _ $name:snake _ keypair >],
|
|
pk.as_mut_ptr(),
|
|
sk.as_mut_ptr()
|
|
);
|
|
}
|
|
|
|
Ok(())
|
|
}
|
|
|
|
fn encaps(shk: &mut [u8], ct: &mut [u8], pk: &[u8]) -> Guaranteed<()> {
|
|
assert_eq!(shk.len(), Self::SHK_LEN);
|
|
assert_eq!(ct.len(), Self::CT_LEN);
|
|
assert_eq!(pk.len(), Self::PK_LEN);
|
|
unsafe {
|
|
oqs_call!(
|
|
::oqs_sys::kem::[< OQS_KEM _ $name:snake _ encaps >],
|
|
ct.as_mut_ptr(),
|
|
shk.as_mut_ptr(),
|
|
pk.as_ptr()
|
|
);
|
|
}
|
|
|
|
Ok(())
|
|
}
|
|
|
|
fn decaps(shk: &mut [u8], sk: &[u8], ct: &[u8]) -> Guaranteed<()> {
|
|
assert_eq!(shk.len(), Self::SHK_LEN);
|
|
assert_eq!(sk.len(), Self::SK_LEN);
|
|
assert_eq!(ct.len(), Self::CT_LEN);
|
|
unsafe {
|
|
oqs_call!(
|
|
::oqs_sys::kem::[< OQS_KEM _ $name:snake _ decaps >],
|
|
shk.as_mut_ptr(),
|
|
ct.as_ptr(),
|
|
sk.as_ptr()
|
|
);
|
|
}
|
|
|
|
Ok(())
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
pub use [< $name:snake >] :: [< $name:camel >];
|
|
}}
|
|
}
|