rustls/crypto/aws_lc_rs/pq/
mod.rs

1use aws_lc_rs::kem;
2
3use crate::crypto::SupportedKxGroup;
4use crate::crypto::aws_lc_rs::kx_group;
5use crate::crypto::aws_lc_rs::pq::mlkem::MlKem;
6use crate::{Error, NamedGroup, PeerMisbehaved};
7
8mod hybrid;
9mod mlkem;
10
11/// This is the [X25519MLKEM768] key exchange.
12///
13/// [X25519MLKEM768]: <https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/>
14pub static X25519MLKEM768: &dyn SupportedKxGroup = &hybrid::Hybrid {
15    classical: kx_group::X25519,
16    post_quantum: MLKEM768,
17    name: NamedGroup::X25519MLKEM768,
18    layout: hybrid::Layout {
19        classical_share_len: X25519_LEN,
20        post_quantum_client_share_len: MLKEM768_ENCAP_LEN,
21        post_quantum_server_share_len: MLKEM768_CIPHERTEXT_LEN,
22        post_quantum_first: true,
23    },
24};
25
26/// This is the [SECP256R1MLKEM768] key exchange.
27///
28/// [SECP256R1MLKEM768]: <https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/>
29pub static SECP256R1MLKEM768: &dyn SupportedKxGroup = &hybrid::Hybrid {
30    classical: kx_group::SECP256R1,
31    post_quantum: MLKEM768,
32    name: NamedGroup::secp256r1MLKEM768,
33    layout: hybrid::Layout {
34        classical_share_len: SECP256R1_LEN,
35        post_quantum_client_share_len: MLKEM768_ENCAP_LEN,
36        post_quantum_server_share_len: MLKEM768_CIPHERTEXT_LEN,
37        post_quantum_first: false,
38    },
39};
40
41/// This is the [MLKEM] key encapsulation mechanism in NIST with security category 3.
42///
43/// [MLKEM]: https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem
44pub static MLKEM768: &dyn SupportedKxGroup = &MlKem {
45    alg: &kem::ML_KEM_768,
46    group: NamedGroup::MLKEM768,
47};
48
49/// This is the [MLKEM] key encapsulation mechanism in NIST with security category 5.
50///
51/// [MLKEM]: https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem
52pub static MLKEM1024: &dyn SupportedKxGroup = &MlKem {
53    alg: &kem::ML_KEM_1024,
54    group: NamedGroup::MLKEM1024,
55};
56
57const INVALID_KEY_SHARE: Error = Error::PeerMisbehaved(PeerMisbehaved::InvalidKeyShare);
58
59const X25519_LEN: usize = 32;
60const SECP256R1_LEN: usize = 65;
61const MLKEM768_CIPHERTEXT_LEN: usize = 1088;
62const MLKEM768_ENCAP_LEN: usize = 1184;
rustls/crypto/aws_lc_rs/pq/mod.rs

rustls/crypto/aws_lc_rs/pq/
mod.rs
