internal/mlkemtest/mlkemtest_fips140v1.0.go

//go:build !go1.26 && fips140v1.0

package mlkemtest

import (
	"crypto/mlkem"
	"errors"
	"unsafe"
)

// Reach ungracefully into the internals of crypto/internal/fips140/mlkem to
// perform derandomized encapsulation, which will be exposed in Go 1.26.

func Encapsulate768(ek *mlkem.EncapsulationKey768, rand []byte) (sharedKey, ciphertext []byte, err error) {
	if len(rand) != 32 {
		return nil, nil, errors.New("invalid ML-KEM-768 randomness size")
	}
	key := (*mlkem768EncapsulationKey)(unsafe.Pointer(ek))
	sharedKey, ciphertext = mlkem768EncapsulateInternal(key.key, (*[32]byte)(rand))
	return sharedKey, ciphertext, nil
}

type mlkem768EncapsulationKey struct {
	key unsafe.Pointer // *crypto/internal/fips140/v1.0.0-c2097c7c/mlkem.EncapsulationKey768
}

//go:linkname mlkem768EncapsulateInternal crypto/internal/fips140/v1.0.0-c2097c7c/mlkem.(*EncapsulationKey768).EncapsulateInternal
func mlkem768EncapsulateInternal(ek unsafe.Pointer, m *[32]byte) (sharedKey, ciphertext []byte)

func Encapsulate1024(ek *mlkem.EncapsulationKey1024, rand []byte) (sharedKey, ciphertext []byte, err error) {
	if len(rand) != 32 {
		return nil, nil, errors.New("invalid ML-KEM-1024 randomness size")
	}
	key := (*mlkem1024EncapsulationKey)(unsafe.Pointer(ek))
	sharedKey, ciphertext = mlkem1024EncapsulateInternal(key.key, (*[32]byte)(rand))
	return sharedKey, ciphertext, nil
}

type mlkem1024EncapsulationKey struct {
	key unsafe.Pointer // *crypto/internal/fips140/v1.0.0-c2097c7c/mlkem.EncapsulationKey1024
}

//go:linkname mlkem1024EncapsulateInternal crypto/internal/fips140/v1.0.0-c2097c7c/mlkem.(*EncapsulationKey1024).EncapsulateInternal
func mlkem1024EncapsulateInternal(ek unsafe.Pointer, m *[32]byte) (sharedKey, ciphertext []byte)
Add existing HPKE project files 2026-03-06 23:52:07 +00:00			`//go:build !go1.26 && fips140v1.0`

			`package mlkemtest`

			`import (`
			`"crypto/mlkem"`
			`"errors"`
			`"unsafe"`
			`)`

			`// Reach ungracefully into the internals of crypto/internal/fips140/mlkem to`
			`// perform derandomized encapsulation, which will be exposed in Go 1.26.`

			`func Encapsulate768(ek *mlkem.EncapsulationKey768, rand []byte) (sharedKey, ciphertext []byte, err error) {`
			`if len(rand) != 32 {`
			`return nil, nil, errors.New("invalid ML-KEM-768 randomness size")`
			`}`
			`key := (*mlkem768EncapsulationKey)(unsafe.Pointer(ek))`
			`sharedKey, ciphertext = mlkem768EncapsulateInternal(key.key, (*[32]byte)(rand))`
			`return sharedKey, ciphertext, nil`
			`}`

			`type mlkem768EncapsulationKey struct {`
			`key unsafe.Pointer // *crypto/internal/fips140/v1.0.0-c2097c7c/mlkem.EncapsulationKey768`
			`}`

			`//go:linkname mlkem768EncapsulateInternal crypto/internal/fips140/v1.0.0-c2097c7c/mlkem.(*EncapsulationKey768).EncapsulateInternal`
			`func mlkem768EncapsulateInternal(ek unsafe.Pointer, m *[32]byte) (sharedKey, ciphertext []byte)`

			`func Encapsulate1024(ek *mlkem.EncapsulationKey1024, rand []byte) (sharedKey, ciphertext []byte, err error) {`
			`if len(rand) != 32 {`
			`return nil, nil, errors.New("invalid ML-KEM-1024 randomness size")`
			`}`
			`key := (*mlkem1024EncapsulationKey)(unsafe.Pointer(ek))`
			`sharedKey, ciphertext = mlkem1024EncapsulateInternal(key.key, (*[32]byte)(rand))`
			`return sharedKey, ciphertext, nil`
			`}`

			`type mlkem1024EncapsulationKey struct {`
			`key unsafe.Pointer // *crypto/internal/fips140/v1.0.0-c2097c7c/mlkem.EncapsulationKey1024`
			`}`

			`//go:linkname mlkem1024EncapsulateInternal crypto/internal/fips140/v1.0.0-c2097c7c/mlkem.(*EncapsulationKey1024).EncapsulateInternal`
			`func mlkem1024EncapsulateInternal(ek unsafe.Pointer, m *[32]byte) (sharedKey, ciphertext []byte)`