1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#[cfg(feature = "kv1")]
#[cfg_attr(docsrs, doc(cfg(feature = "kv1")))]
pub mod kiltz_vahlis_one;
#[cfg(feature = "cgwfo")]
#[cfg_attr(docsrs, doc(cfg(feature = "cgwfo")))]
pub mod cgw_fo;
#[cfg(feature = "cgwkv")]
#[cfg_attr(docsrs, doc(cfg(feature = "cgwkv")))]
pub mod cgw_kv;
#[cfg(feature = "mkem")]
#[cfg_attr(docsrs, doc(cfg(feature = "mkem")))]
pub mod mkem;
use crate::util::*;
use crate::{Compress, Derive};
use core::ops::BitXorAssign;
use pg_curve::Gt;
use rand::{CryptoRng, Rng};
pub const SS_BYTES: usize = 32;
#[derive(Clone, Copy, Debug, PartialEq)]
pub struct SharedSecret(pub [u8; SS_BYTES]);
impl From<&Gt> for SharedSecret {
fn from(el: &Gt) -> Self {
SharedSecret(shake256::<SS_BYTES>(&el.to_compressed()))
}
}
impl BitXorAssign for SharedSecret {
fn bitxor_assign(&mut self, rhs: Self) {
for i in 0..SS_BYTES {
self.0[i] ^= rhs.0[i];
}
}
}
#[derive(Debug)]
pub struct Error;
pub trait IBKEM: Clone {
const IDENTIFIER: &'static str;
type Pk: Compress;
type Sk: Compress;
type Usk: Compress;
type Ct: Compress + Default;
type Id: Copy + Default + Derive;
const PK_BYTES: usize;
const SK_BYTES: usize;
const USK_BYTES: usize;
const CT_BYTES: usize;
fn setup<R: Rng + CryptoRng>(rng: &mut R) -> (Self::Pk, Self::Sk);
fn extract_usk<R: Rng + CryptoRng>(
pk: Option<&Self::Pk>,
sk: &Self::Sk,
id: &Self::Id,
rng: &mut R,
) -> Self::Usk;
fn encaps<R: Rng + CryptoRng>(
pk: &Self::Pk,
id: &Self::Id,
rng: &mut R,
) -> (Self::Ct, SharedSecret);
fn decaps(
mpk: Option<&Self::Pk>,
usk: &Self::Usk,
ct: &Self::Ct,
) -> Result<SharedSecret, Error>;
}