|
8 | 8 | #![forbid(unsafe_code)] |
9 | 9 | #![warn(missing_docs, unused_qualifications, missing_debug_implementations)] |
10 | 10 |
|
| 11 | +//! # Usage |
| 12 | +//! |
| 13 | +//! There are two roles in a KEM: |
| 14 | +//! |
| 15 | +//! - Encapsulator: the holder of the public key (a.k.a. encapsulation key), which provides an |
| 16 | +//! operation that simultaneously generates both the plaintext and ciphertext of a random |
| 17 | +//! "shared key" whose ciphertext (a.k.a. encapsulation) can be sent to the party with the |
| 18 | +//! decapsulator key. |
| 19 | +//! - Decapsulator: holder secret/private key (a.k.a. decapsulation key), which can be used to |
| 20 | +//! decrypt the encrypted (a.k.a. encapsulated) "shared key" which was randomly generated by |
| 21 | +//! the encapsulator. |
| 22 | +//! |
| 23 | +//! The following example illustrates the workflow of using this crate's traits with a hypothetical |
| 24 | +//! KEM named `K` : |
| 25 | +//! |
| 26 | +#![cfg_attr(feature = "getrandom", doc = "```")] |
| 27 | +#![cfg_attr(not(feature = "getrandom"), doc = "```ignore")] |
| 28 | +//! // NOTE: requires the `getrandom` feature is enabled |
| 29 | +//! |
| 30 | +//! use kem::{Decapsulate, Encapsulate, Kem}; |
| 31 | +//! |
| 32 | +//! # pub fn kem_workflow_example<K: Kem<DecapsulationKey: Decapsulate>>() { |
| 33 | +//! // Generate a decapsulation/encapsulation keypair. The first one is the secret one. |
| 34 | +//! let (dk, ek) = K::generate_keypair(); |
| 35 | +//! |
| 36 | +//! // Encapsulator: |
| 37 | +//! // |
| 38 | +//! // Randomly generates and encapsulates/encrypts a shared key which can be decrypted by the |
| 39 | +//! // holder of the decapsulation key, obtaining the ciphertext and plaintext of the shared key. |
| 40 | +//! let (ct, k_send) = ek.encapsulate(); |
| 41 | +//! |
| 42 | +//! // Decapsulator: |
| 43 | +//! // |
| 44 | +//! // Decapsulates the encrypted/encapsulated shared key, obtaining its plaintext. |
| 45 | +//! let k_recv = dk.decapsulate(&ct); |
| 46 | +//! |
| 47 | +//! // We've now established a shared key. |
| 48 | +//! assert_eq!(k_send, k_recv); |
| 49 | +//! # } |
| 50 | +//! ``` |
| 51 | +//! |
| 52 | +//! [RFC 9180]: https://www.rfc-editor.org/info/rfc9180 |
| 53 | +
|
11 | 54 | pub use common::{ |
12 | 55 | self, Generate, InvalidKey, Key, KeyExport, KeyInit, KeySizeUser, TryKeyInit, typenum::consts, |
13 | 56 | }; |
|
0 commit comments