1 /* Copyright (c) 2023, Google Inc. 2 * 3 * Permission to use, copy, modify, and/or distribute this software for any 4 * purpose with or without fee is hereby granted, provided that the above 5 * copyright notice and this permission notice appear in all copies. 6 * 7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 14 15 #ifndef OPENSSL_HEADER_CRYPTO_KYBER_INTERNAL_H 16 #define OPENSSL_HEADER_CRYPTO_KYBER_INTERNAL_H 17 18 #include <openssl/base.h> 19 #include <openssl/experimental/kyber.h> 20 21 #if defined(__cplusplus) 22 extern "C" { 23 #endif 24 25 26 // KYBER_ENCAP_ENTROPY is the number of bytes of uniformly random entropy 27 // necessary to encapsulate a secret. The entropy will be leaked to the 28 // decapsulating party. 29 #define KYBER_ENCAP_ENTROPY 32 30 31 // KYBER_GENERATE_KEY_ENTROPY is the number of bytes of uniformly random entropy 32 // necessary to generate a key. 33 #define KYBER_GENERATE_KEY_ENTROPY 64 34 35 // KYBER_generate_key_external_entropy is a deterministic function to create a 36 // pair of Kyber768 keys, using the supplied entropy. The entropy needs to be 37 // uniformly random generated. This function is should only be used for tests, 38 // regular callers should use the non-deterministic |KYBER_generate_key| 39 // directly. 40 OPENSSL_EXPORT void KYBER_generate_key_external_entropy( 41 uint8_t out_encoded_public_key[KYBER_PUBLIC_KEY_BYTES], 42 struct KYBER_private_key *out_private_key, 43 const uint8_t entropy[KYBER_GENERATE_KEY_ENTROPY]); 44 45 // KYBER_encap_external_entropy behaves like |KYBER_encap|, but uses 46 // |KYBER_ENCAP_ENTROPY| bytes of |entropy| for randomization. The decapsulating 47 // side will be able to recover |entropy| in full. This function should only be 48 // used for tests, regular callers should use the non-deterministic 49 // |KYBER_encap| directly. 50 OPENSSL_EXPORT void KYBER_encap_external_entropy( 51 uint8_t out_ciphertext[KYBER_CIPHERTEXT_BYTES], 52 uint8_t out_shared_secret[KYBER_SHARED_SECRET_BYTES], 53 const struct KYBER_public_key *public_key, 54 const uint8_t entropy[KYBER_ENCAP_ENTROPY]); 55 56 #if defined(__cplusplus) 57 } 58 #endif 59 60 #endif // OPENSSL_HEADER_CRYPTO_KYBER_INTERNAL_H 61