1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
//! Friendly bindings to liboqs
//!
//! See the [`kem::Kem`](crate::kem::Kem) and [`sig::Sig`](crate::sig::Sig) structs for how to use this crate.
//!
//! # Example: Some signed KEX
//!
//! This protocol has no replay protection!
//! ```
//! use oqs::*;
//! # #[cfg(all(feature = "ml_dsa", feature = "ml_kem"))]
//! fn main() -> Result<()> {
//! oqs::init(); // Important: initialize liboqs
//! let sigalg = sig::Sig::new(sig::Algorithm::MlDsa44)?;
//! let kemalg = kem::Kem::new(kem::Algorithm::MlKem512)?;
//! // A's long-term secrets
//! let (a_sig_pk, a_sig_sk) = sigalg.keypair()?;
//! // B's long-term secrets
//! let (b_sig_pk, b_sig_sk) = sigalg.keypair()?;
//!
//! // assumption: A has (a_sig_sk, a_sig_pk, b_sig_pk)
//! // assumption: B has (b_sig_sk, b_sig_pk, a_sig_pk)
//!
//! // A -> B: kem_pk, signature
//! let (kem_pk, kem_sk) = kemalg.keypair()?;
//! let signature = sigalg.sign(kem_pk.as_ref(), &a_sig_sk)?;
//!
//! // B -> A: kem_ct, signature
//! sigalg.verify(kem_pk.as_ref(), &signature, &a_sig_pk)?;
//! let (kem_ct, b_kem_ss) = kemalg.encapsulate(&kem_pk)?;
//! let signature = sigalg.sign(kem_ct.as_ref(), &b_sig_sk)?;
//!
//! // A verifies, decapsulates, now both have kem_ss
//! sigalg.verify(kem_ct.as_ref(), &signature, &b_sig_pk)?;
//! let a_kem_ss = kemalg.decapsulate(&kem_sk, &kem_ct)?;
//! assert_eq!(a_kem_ss, b_kem_ss);
//!
//! Ok(())
//! }
//! # #[cfg(not(all(feature = "ml_dsa", feature = "ml_kem")))]
//! # fn main() {}
//! ```
// needs to be imported to be made available
extern crate alloc;
use OQS_STATUS;
/// Access the OQS ffi through this crate.
pub use oqs_sys as ffi;
/// Initialize liboqs
///
/// Make sure to call this before you use any of the functions.
///
/// When the ``std`` feature is enabled, this method is thread-safe
/// and can be called more than once.
/// Initialize liboqs
///
/// Needs to be called before you use any of the functions.
///
/// This ``no_std`` variant is not thread-safe.
/// Possible errors
/// Result type for operations that may fail
pub type Result<T> = Result;
/// Convert an OQS_STATUS to the Result type.