/src/boringssl/crypto/mlkem/mlkem.cc
Line | Count | Source (jump to first uncovered line) |
1 | | // Copyright 2024 The BoringSSL Authors |
2 | | // |
3 | | // Licensed under the Apache License, Version 2.0 (the "License"); |
4 | | // you may not use this file except in compliance with the License. |
5 | | // You may obtain a copy of the License at |
6 | | // |
7 | | // https://www.apache.org/licenses/LICENSE-2.0 |
8 | | // |
9 | | // Unless required by applicable law or agreed to in writing, software |
10 | | // distributed under the License is distributed on an "AS IS" BASIS, |
11 | | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
12 | | // See the License for the specific language governing permissions and |
13 | | // limitations under the License. |
14 | | |
15 | | #include <openssl/mlkem.h> |
16 | | |
17 | | #include "../fipsmodule/bcm_interface.h" |
18 | | |
19 | | |
20 | | static_assert(sizeof(BCM_mlkem768_private_key) <= sizeof(MLKEM768_private_key)); |
21 | | static_assert(alignof(BCM_mlkem768_private_key) <= |
22 | | alignof(MLKEM768_private_key)); |
23 | | static_assert(sizeof(BCM_mlkem768_public_key) <= sizeof(MLKEM768_public_key)); |
24 | | static_assert(alignof(BCM_mlkem768_public_key) <= alignof(MLKEM768_public_key)); |
25 | | static_assert(MLKEM768_PUBLIC_KEY_BYTES == BCM_MLKEM768_PUBLIC_KEY_BYTES); |
26 | | static_assert(MLKEM_SEED_BYTES == BCM_MLKEM_SEED_BYTES); |
27 | | static_assert(MLKEM768_CIPHERTEXT_BYTES == BCM_MLKEM768_CIPHERTEXT_BYTES); |
28 | | static_assert(MLKEM_SHARED_SECRET_BYTES == BCM_MLKEM_SHARED_SECRET_BYTES); |
29 | | static_assert(MLKEM1024_PUBLIC_KEY_BYTES == BCM_MLKEM1024_PUBLIC_KEY_BYTES); |
30 | | static_assert(MLKEM1024_CIPHERTEXT_BYTES == BCM_MLKEM1024_CIPHERTEXT_BYTES); |
31 | | |
32 | | void MLKEM768_generate_key( |
33 | | uint8_t out_encoded_public_key[MLKEM768_PUBLIC_KEY_BYTES], |
34 | | uint8_t optional_out_seed[MLKEM_SEED_BYTES], |
35 | 56.3k | struct MLKEM768_private_key *out_private_key) { |
36 | 56.3k | BCM_mlkem768_generate_key( |
37 | 56.3k | out_encoded_public_key, optional_out_seed, |
38 | 56.3k | reinterpret_cast<BCM_mlkem768_private_key *>(out_private_key)); |
39 | 56.3k | } |
40 | | |
41 | | int MLKEM768_private_key_from_seed(struct MLKEM768_private_key *out_private_key, |
42 | 0 | const uint8_t *seed, size_t seed_len) { |
43 | 0 | return bcm_success(BCM_mlkem768_private_key_from_seed( |
44 | 0 | reinterpret_cast<BCM_mlkem768_private_key *>(out_private_key), seed, |
45 | 0 | seed_len)); |
46 | 0 | } |
47 | | |
48 | | void MLKEM768_public_from_private( |
49 | | struct MLKEM768_public_key *out_public_key, |
50 | 0 | const struct MLKEM768_private_key *private_key) { |
51 | 0 | (void)BCM_mlkem768_public_from_private( |
52 | 0 | reinterpret_cast<BCM_mlkem768_public_key *>(out_public_key), |
53 | 0 | reinterpret_cast<const BCM_mlkem768_private_key *>(private_key)); |
54 | 0 | } |
55 | | |
56 | | void MLKEM768_encap(uint8_t out_ciphertext[MLKEM768_CIPHERTEXT_BYTES], |
57 | | uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], |
58 | 0 | const struct MLKEM768_public_key *public_key) { |
59 | 0 | (void)BCM_mlkem768_encap( |
60 | 0 | out_ciphertext, out_shared_secret, |
61 | 0 | reinterpret_cast<const BCM_mlkem768_public_key *>(public_key)); |
62 | 0 | } |
63 | | |
64 | | int MLKEM768_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], |
65 | | const uint8_t *ciphertext, size_t ciphertext_len, |
66 | 0 | const struct MLKEM768_private_key *private_key) { |
67 | 0 | return bcm_success(BCM_mlkem768_decap( |
68 | 0 | out_shared_secret, ciphertext, ciphertext_len, |
69 | 0 | reinterpret_cast<const BCM_mlkem768_private_key *>(private_key))); |
70 | 0 | } |
71 | | |
72 | | int MLKEM768_marshal_public_key(CBB *out, |
73 | 0 | const struct MLKEM768_public_key *public_key) { |
74 | 0 | return bcm_success(BCM_mlkem768_marshal_public_key( |
75 | 0 | out, reinterpret_cast<const BCM_mlkem768_public_key *>(public_key))); |
76 | 0 | } |
77 | | |
78 | | int MLKEM768_parse_public_key(struct MLKEM768_public_key *out_public_key, |
79 | 0 | CBS *in) { |
80 | 0 | return bcm_success(BCM_mlkem768_parse_public_key( |
81 | 0 | reinterpret_cast<BCM_mlkem768_public_key *>(out_public_key), in)); |
82 | 0 | } |
83 | | |
84 | | |
85 | | static_assert(sizeof(BCM_mlkem1024_private_key) <= |
86 | | sizeof(MLKEM1024_private_key)); |
87 | | static_assert(alignof(BCM_mlkem1024_private_key) <= |
88 | | alignof(MLKEM1024_private_key)); |
89 | | static_assert(sizeof(BCM_mlkem1024_public_key) <= sizeof(MLKEM1024_public_key)); |
90 | | static_assert(alignof(BCM_mlkem1024_public_key) <= |
91 | | alignof(MLKEM1024_public_key)); |
92 | | |
93 | | void MLKEM1024_generate_key( |
94 | | uint8_t out_encoded_public_key[MLKEM1024_PUBLIC_KEY_BYTES], |
95 | | uint8_t optional_out_seed[MLKEM_SEED_BYTES], |
96 | 0 | struct MLKEM1024_private_key *out_private_key) { |
97 | 0 | (void)BCM_mlkem1024_generate_key( |
98 | 0 | out_encoded_public_key, optional_out_seed, |
99 | 0 | reinterpret_cast<BCM_mlkem1024_private_key *>(out_private_key)); |
100 | 0 | } |
101 | | |
102 | | int MLKEM1024_private_key_from_seed( |
103 | | struct MLKEM1024_private_key *out_private_key, const uint8_t *seed, |
104 | 0 | size_t seed_len) { |
105 | 0 | return bcm_success(BCM_mlkem1024_private_key_from_seed( |
106 | 0 | reinterpret_cast<BCM_mlkem1024_private_key *>(out_private_key), seed, |
107 | 0 | seed_len)); |
108 | 0 | } |
109 | | |
110 | | void MLKEM1024_public_from_private( |
111 | | struct MLKEM1024_public_key *out_public_key, |
112 | 0 | const struct MLKEM1024_private_key *private_key) { |
113 | 0 | (void)BCM_mlkem1024_public_from_private( |
114 | 0 | reinterpret_cast<BCM_mlkem1024_public_key *>(out_public_key), |
115 | 0 | reinterpret_cast<const BCM_mlkem1024_private_key *>(private_key)); |
116 | 0 | } |
117 | | |
118 | | void MLKEM1024_encap(uint8_t out_ciphertext[MLKEM1024_CIPHERTEXT_BYTES], |
119 | | uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], |
120 | 0 | const struct MLKEM1024_public_key *public_key) { |
121 | 0 | (void)BCM_mlkem1024_encap( |
122 | 0 | out_ciphertext, out_shared_secret, |
123 | 0 | reinterpret_cast<const BCM_mlkem1024_public_key *>(public_key)); |
124 | 0 | } |
125 | | |
126 | | int MLKEM1024_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], |
127 | | const uint8_t *ciphertext, size_t ciphertext_len, |
128 | 0 | const struct MLKEM1024_private_key *private_key) { |
129 | 0 | return bcm_success(BCM_mlkem1024_decap( |
130 | 0 | out_shared_secret, ciphertext, ciphertext_len, |
131 | 0 | reinterpret_cast<const BCM_mlkem1024_private_key *>(private_key))); |
132 | 0 | } |
133 | | |
134 | | int MLKEM1024_marshal_public_key( |
135 | 0 | CBB *out, const struct MLKEM1024_public_key *public_key) { |
136 | 0 | return bcm_success(BCM_mlkem1024_marshal_public_key( |
137 | 0 | out, reinterpret_cast<const BCM_mlkem1024_public_key *>(public_key))); |
138 | 0 | } |
139 | | |
140 | | int MLKEM1024_parse_public_key(struct MLKEM1024_public_key *out_public_key, |
141 | 0 | CBS *in) { |
142 | 0 | return bcm_success(BCM_mlkem1024_parse_public_key( |
143 | 0 | reinterpret_cast<BCM_mlkem1024_public_key *>(out_public_key), in)); |
144 | 0 | } |