MLKEMPublicKey

bc_components

Enum MLKEMPublicKey 

Source 
pub enum MLKEMPublicKey {
    MLKEM512(Box<PublicKey>),
    MLKEM768(Box<PublicKey>),
    MLKEM1024(Box<PublicKey>),
}
Expand description

A public key for the ML-KEM post-quantum key encapsulation mechanism.

MLKEMPublicKey represents a public key that can be used to encapsulate shared secrets using the ML-KEM (Module Lattice-based Key Encapsulation Mechanism) post-quantum algorithm. It supports multiple security levels through the variants:

  • MLKEM512: NIST security level 1 (roughly equivalent to AES-128), 800 bytes
  • MLKEM768: NIST security level 3 (roughly equivalent to AES-192), 1184 bytes
  • MLKEM1024: NIST security level 5 (roughly equivalent to AES-256), 1568 bytes

§Examples

use bc_components::MLKEM;

// Generate a keypair
let (private_key, public_key) = MLKEM::MLKEM512.keypair();

// Encapsulate a shared secret using the public key
let (shared_secret, ciphertext) =
    public_key.encapsulate_new_shared_secret();

Variants§

§

MLKEM512(Box<PublicKey>)

An ML-KEM-512 public key (NIST security level 1)

§

MLKEM768(Box<PublicKey>)

An ML-KEM-768 public key (NIST security level 3)

§

MLKEM1024(Box<PublicKey>)

An ML-KEM-1024 public key (NIST security level 5)

Implementations§

Source§

impl MLKEMPublicKey

Source

pub fn level(&self) -> MLKEM

Returns the security level of this ML-KEM public key.

Source

pub fn size(&self) -> usize

Returns the size of this ML-KEM public key in bytes.

Source

pub fn as_bytes(&self) -> &[u8]

Returns the raw bytes of this ML-KEM public key.

Source

pub fn from_bytes(level: MLKEM, bytes: &[u8]) -> Result<Self>

Creates an ML-KEM public key from raw bytes and a security level.

§Parameters
  • level - The security level of the key.
  • bytes - The raw bytes of the key.
§Returns

An MLKEMPublicKey if the bytes represent a valid key for the given level, or an error otherwise.

§Errors

Returns an error if the bytes do not represent a valid ML-KEM public key for the specified security level.

Source

pub fn encapsulate_new_shared_secret(&self) -> (SymmetricKey, MLKEMCiphertext)

Encapsulates a new shared secret using this public key.

This method generates a random shared secret and encapsulates it using this public key, producing a ciphertext that can only be decapsulated by the corresponding private key.

§Returns

A tuple containing:

  • A SymmetricKey with the shared secret (32 bytes)
  • An MLKEMCiphertext with the encapsulated shared secret
§Examples
use bc_components::MLKEM;

// Generate a keypair
let (private_key, public_key) = MLKEM::MLKEM512.keypair();

// Encapsulate a shared secret
let (shared_secret, ciphertext) =
    public_key.encapsulate_new_shared_secret();

// The private key holder can decapsulate the same shared secret
let decapsulated_secret =
    private_key.decapsulate_shared_secret(&ciphertext).unwrap();
assert_eq!(shared_secret, decapsulated_secret);

Trait Implementations§

Source§

impl AsRef<[u8]> for MLKEMPublicKey

Source§

fn as_ref(&self) -> &[u8]

Returns the raw bytes of the public key.

Source§

impl CBORTagged for MLKEMPublicKey

Defines CBOR tags for ML-KEM public keys.

Source§

fn cbor_tags() -> Vec<Tag>

Returns the CBOR tag for ML-KEM public keys.

Source§

impl CBORTaggedDecodable for MLKEMPublicKey

Implements CBOR decoding for ML-KEM public keys.

Source§

fn from_untagged_cbor(untagged_cbor: CBOR) -> Result<Self>

Creates an MLKEMPublicKey from untagged CBOR.

§Errors

Returns an error if the CBOR value doesn’t represent a valid ML-KEM public key.

Source§

fn from_tagged_cbor(cbor: CBOR) -> Result<Self, Error>
where Self: Sized,

Creates an instance of this type by decoding it from tagged CBOR. Read more
Source§

fn from_tagged_cbor_data(data: impl AsRef<[u8]>) -> Result<Self, Error>
where Self: Sized,

Creates an instance of this type by decoding it from binary encoded tagged CBOR. Read more
Source§

fn from_untagged_cbor_data(data: impl AsRef<[u8]>) -> Result<Self, Error>
where Self: Sized,

Creates an instance of this type by decoding it from binary encoded untagged CBOR. Read more
Source§

impl CBORTaggedEncodable for MLKEMPublicKey

Implements CBOR encoding for ML-KEM public keys.

Source§

fn untagged_cbor(&self) -> CBOR

Creates the untagged CBOR representation as an array with level and key bytes.

Source§

fn tagged_cbor(&self) -> CBOR

Returns the tagged CBOR encoding of this instance. Read more
Source§

fn tagged_cbor_data(&self) -> Vec<u8>

Returns the tagged value in CBOR binary representation. Read more
Source§

impl Clone for MLKEMPublicKey

Source§

fn clone(&self) -> MLKEMPublicKey

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for MLKEMPublicKey

Provides debug formatting for ML-KEM public keys.

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the public key as a string for debugging purposes.

Source§

impl From<MLKEMPublicKey> for CBOR

Converts an MLKEMPublicKey to CBOR.

Source§

fn from(value: MLKEMPublicKey) -> Self

Converts to tagged CBOR.

Source§

impl Hash for MLKEMPublicKey

Implements hashing for ML-KEM public keys.

Source§

fn hash<H: Hasher>(&self, state: &mut H)

Hashes both the security level and the raw bytes of the public key.

1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl PartialEq for MLKEMPublicKey

Implements equality comparison for ML-KEM public keys.

Source§

fn eq(&self, other: &Self) -> bool

Compares two ML-KEM public keys for equality.

Two ML-KEM public keys are equal if they have the same security level and the same raw byte representation.

1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl TryFrom<CBOR> for MLKEMPublicKey

Attempts to convert CBOR to an MLKEMPublicKey.

Source§

fn try_from(cbor: CBOR) -> Result<Self>

Converts from tagged CBOR.

Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

impl Eq for MLKEMPublicKey

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CBORDecodable for T
where T: TryFrom<CBOR, Error = Error>,

Source§

fn try_from_cbor(cbor: &CBOR) -> Result<Self, Error>

Source§

impl<T> CBOREncodable for T
where T: Into<CBOR> + Clone,

Source§

fn to_cbor(&self) -> CBOR

Converts this value to a CBOR object. Read more
Source§

fn to_cbor_data(&self) -> Vec<u8>

Converts this value directly to binary CBOR data. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToHex for T
where T: AsRef<[u8]>,

Source§

fn encode_hex<U>(&self) -> U
where U: FromIterator<char>,

Encode the hex strict representing self into the result. Lower case letters are used (e.g. f9b4ca)
Source§

fn encode_hex_upper<U>(&self) -> U
where U: FromIterator<char>,

Encode the hex strict representing self into the result. Upper case letters are used (e.g. F9B4CA)
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> URDecodable for T
where T: CBORTaggedDecodable,

Source§

fn from_ur(ur: impl AsRef<UR>) -> Result<Self, Error>
where Self: Sized,

Source§

fn from_ur_string(ur_string: impl Into<String>) -> Result<Self, Error>
where Self: Sized,

Source§

impl<T> UREncodable for T
where T: CBORTaggedEncodable,

Source§

fn ur(&self) -> UR

Returns the UR representation of the object.
Source§

fn ur_string(&self) -> String

Returns the UR string representation of the object.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> CBORCodable for T
where T: CBORDecodable + CBOREncodable,

Source§

impl<T> CBORTaggedCodable for T
where T: CBORTaggedEncodable + CBORTaggedDecodable,

Source§

impl<T> ErasedDestructor for T
where T: 'static,

Source§

impl<T> URCodable for T
where T: UREncodable + URDecodable,