1
1
mirror of https://github.com/henrydcase/pqc.git synced 2024-12-04 13:24:04 +00:00
pqcrypto/crypto_kem/papabear-ephem/clean/threebears.h
2020-01-15 10:43:50 +01:00

61 lines
2.0 KiB
C

#ifndef __THREE_BEARS_PAPABEAREPHEM_H__
#define __THREE_BEARS_PAPABEAREPHEM_H__
#include <stddef.h> /* for size_t */
#include <stdint.h>
#define PAPABEAREPHEM_KEYGEN_SEED_BYTES 40
#define PAPABEAREPHEM_PRIVATE_KEY_BYTES PAPABEAREPHEM_KEYGEN_SEED_BYTES
#define PAPABEAREPHEM_SHARED_SECRET_BYTES 32
#define PAPABEAREPHEM_ENC_SEED_AND_IV_BYTES 32
#define PAPABEAREPHEM_PUBLIC_KEY_BYTES 1584
#define PAPABEAREPHEM_CAPSULE_BYTES 1697
/**
* Expand a secret seed to a public/private keypair.
*
* @param[out] pk The public key.
* @param[in] sk The private key, which must be uniformly random.
*/
void PQCLEAN_PAPABEAREPHEM_CLEAN_get_pubkey (
uint8_t pk[PAPABEAREPHEM_PUBLIC_KEY_BYTES],
const uint8_t sk[PAPABEAREPHEM_PRIVATE_KEY_BYTES]
);
/**
* Create a shared secret using a random seed and another party's public key.
*
* Input and output parameters may not alias.
*
* @param[out] shared_secret The shared secret key.
* @param[out] capsule A ciphertext to send to the other party.
* @param[in] pk The other party's public key.
* @param[in] seed A random seed.
*/
void PQCLEAN_PAPABEAREPHEM_CLEAN_encapsulate (
uint8_t shared_secret[PAPABEAREPHEM_SHARED_SECRET_BYTES],
uint8_t capsule[PAPABEAREPHEM_CAPSULE_BYTES],
const uint8_t pk[PAPABEAREPHEM_PUBLIC_KEY_BYTES],
const uint8_t seed[PAPABEAREPHEM_ENC_SEED_AND_IV_BYTES]
);
/**
* Extract the shared secret from a capsule using the private key.
* Has a negligible but nonzero probability of failure.
*
* Input and output parameters may not alias.
*
* @param[out] shared_secret The shared secret.
* @param[in] capsule The capsule produced by encapsulate_cca2.
* @param[in] sk The private key.
* @return -1 on failure, 0 on success.
* @warning The value of shared_secret must not be used on failure
*/
void PQCLEAN_PAPABEAREPHEM_CLEAN_decapsulate (
uint8_t shared_secret[PAPABEAREPHEM_SHARED_SECRET_BYTES],
const uint8_t capsule[PAPABEAREPHEM_CAPSULE_BYTES],
const uint8_t sk[PAPABEAREPHEM_PRIVATE_KEY_BYTES]
);
#endif