EncapsulationScheme

Enum EncapsulationScheme

pub enum EncapsulationScheme {
    X25519,
    MLKEM512,
    MLKEM768,
    MLKEM1024,
}

Expand description

Supported key encapsulation mechanisms.

Key Encapsulation Mechanisms (KEMs) are cryptographic algorithms designed to securely establish a shared secret between parties in public-key cryptography. They are often used to encapsulate (wrap) symmetric keys for secure key exchange.

This enum represents the various KEM schemes supported in this crate:

X25519: A Diffie-Hellman key exchange mechanism using the Curve25519 elliptic curve
ML-KEM (Module Lattice-based Key Encapsulation Mechanism): Post-quantum secure KEM at different security levels (512, 768, 1024)

Variants§

X25519

X25519 key agreement (default)

MLKEM512

ML-KEM512 post-quantum key encapsulation (NIST level 1)

MLKEM768

ML-KEM768 post-quantum key encapsulation (NIST level 3)

MLKEM1024

ML-KEM1024 post-quantum key encapsulation (NIST level 5)

Implementations§

impl EncapsulationScheme

pub fn keypair(self) -> (EncapsulationPrivateKey, EncapsulationPublicKey)

Generates a new random key pair for the specified encapsulation scheme.

§Returns

A tuple containing the private key and public key for the selected encapsulation scheme.

§Example

use bc_components::EncapsulationScheme;

// Generate a key pair using X25519 (default)
let (private_key, public_key) = EncapsulationScheme::default().keypair();

// Generate a key pair using ML-KEM768
let (private_key, public_key) = EncapsulationScheme::MLKEM768.keypair();

pub fn keypair_using( self, rng: &mut impl RandomNumberGenerator, ) -> Result<(EncapsulationPrivateKey, EncapsulationPublicKey)>

Generates a deterministic key pair using the provided random number generator.

§Parameters

rng - A mutable reference to a random number generator

§Returns

A Result containing a tuple with the private key and public key if successful, or an error if deterministic key generation is not supported for the selected scheme.

§Errors

Returns an error if deterministic key generation is not supported for the selected encapsulation scheme (currently only X25519 supports this).

§Example

use bc_components::EncapsulationScheme;
use bc_rand::SecureRandomNumberGenerator;

let mut rng = SecureRandomNumberGenerator;
let result = EncapsulationScheme::X25519.keypair_using(&mut rng);
assert!(result.is_ok());

// ML-KEM schemes don't support deterministic key generation
let result = EncapsulationScheme::MLKEM512.keypair_using(&mut rng);
assert!(result.is_err());

Trait Implementations§

impl Clone for EncapsulationScheme

fn clone(&self) -> EncapsulationScheme

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for EncapsulationScheme

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl Default for EncapsulationScheme

fn default() -> EncapsulationScheme

Returns the “default value” for a type. Read more

impl PartialEq for EncapsulationScheme

fn eq(&self, other: &EncapsulationScheme) -> bool

Tests for self and other values to be equal, and is used by ==.

1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Copy for EncapsulationScheme

impl StructuralPartialEq for EncapsulationScheme

Auto Trait Implementations§

impl Freeze for EncapsulationScheme

impl RefUnwindSafe for EncapsulationScheme

impl Send for EncapsulationScheme

impl Sync for EncapsulationScheme

impl Unpin for EncapsulationScheme

impl UnwindSafe for EncapsulationScheme

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> ErasedDestructor for T
where T: 'static,