From 1230ca1bc1e6cc17476d62a573b4df7f3b28fd4e Mon Sep 17 00:00:00 2001 From: supinie <86788874+supinie@users.noreply.github.com> Date: Mon, 6 Jan 2025 18:12:57 +0000 Subject: [PATCH 1/3] adds feature flag to use key or seed begin refactor adds feature flag to use key or seed minor fixes to no-default disables acvp tests for seed adds missing conditional reset actions properly handle tests properly negate tests to stop clippy warnings --- ml-kem/Cargo.toml | 3 +- ml-kem/src/kem.rs | 276 ++++++++++++++++++++++++++++++++++-- ml-kem/src/param.rs | 8 ++ ml-kem/tests/encap-decap.rs | 1 + ml-kem/tests/key-gen.rs | 1 + 5 files changed, 278 insertions(+), 11 deletions(-) diff --git a/ml-kem/Cargo.toml b/ml-kem/Cargo.toml index cff7ccc..8b7da2f 100644 --- a/ml-kem/Cargo.toml +++ b/ml-kem/Cargo.toml @@ -16,10 +16,11 @@ keywords = ["crypto", "kyber", "lattice", "post-quantum"] exclude = ["tests/key-gen.rs", "tests/key-gen.json", "tests/encap-decap.rs", "tests/encap-decap.json"] [features] -default = ["std"] +default = ["std", "decap_seed"] std = ["sha3/std"] deterministic = [] # Expose deterministic generation and encapsulation functions zeroize = ["dep:zeroize"] +decap_seed = [] # Use seed for decapsulation key (default behaviour). If not set, will use standard decapsulation key. [dependencies] kem = "0.3.0-pre.0" diff --git a/ml-kem/src/kem.rs b/ml-kem/src/kem.rs index 4abc52a..96839df 100644 --- a/ml-kem/src/kem.rs +++ b/ml-kem/src/kem.rs @@ -1,6 +1,8 @@ use core::convert::Infallible; use core::marker::PhantomData; use hybrid_array::typenum::U32; +#[cfg(feature = "decap_seed")] +use hybrid_array::typenum::U64; use rand_core::CryptoRngCore; use crate::crypto::{rand, G, H, J}; @@ -18,10 +20,19 @@ pub use ::kem::{Decapsulate, Encapsulate}; /// A shared key resulting from an ML-KEM transaction pub(crate) type SharedKey = B32; -/// A `DecapsulationKey` provides the ability to generate a new key pair, and decapsulate an -/// encapsulated shared key. +#[cfg(feature = "decap_seed")] #[derive(Clone, Debug, PartialEq)] -pub struct DecapsulationKey

+struct DecapsulationSeed

+where + P: KemParams, +{ + d: B32, + z: B32, + _phantom: PhantomData

, +} + +#[derive(Clone, Debug, PartialEq)] +struct DecapsulationKeyInner

where P: KemParams, { @@ -30,8 +41,29 @@ where z: B32, } +/// A `DecapsulationKey` provides the ability to generate a new key pair, and decapsulate an +/// encapsulated shared key. +#[cfg(not(feature = "decap_seed"))] +#[derive(Clone, Debug, PartialEq)] +pub struct DecapsulationKey

+where + P: KemParams, +{ + key: DecapsulationKeyInner

, +} +/// A `DecapsulationKey` provides the ability to generate a new key pair, and decapsulate an +/// encapsulated shared key. +#[cfg(feature = "decap_seed")] +#[derive(Clone, Debug, PartialEq)] +pub struct DecapsulationKey

+where + P: KemParams, +{ + key: DecapsulationSeed

, +} + #[cfg(feature = "zeroize")] -impl

Drop for DecapsulationKey

+impl

Drop for DecapsulationKeyInner

where P: KemParams, { @@ -41,10 +73,59 @@ where } } +#[cfg(all(feature = "zeroize", feature = "decap_seed"))] +impl

Drop for DecapsulationSeed

+where + P: KemParams, +{ + fn drop(&mut self) { + self.d.zeroize(); + self.z.zeroize(); + } +} + +#[cfg(feature = "zeroize")] +impl

Zeroize for DecapsulationKeyInner

+where + P: KemParams, +{ + fn zeroize(&mut self) { + self.dk_pke.zeroize(); + self.z.zeroize(); + } +} + +#[cfg(all(feature = "zeroize", feature = "decap_seed"))] +impl

Zeroize for DecapsulationSeed

+where + P: KemParams, +{ + fn zeroize(&mut self) { + self.d.zeroize(); + self.z.zeroize(); + } +} + +#[cfg(feature = "zeroize")] +impl

Drop for DecapsulationKey

+where + P: KemParams, +{ + fn drop(&mut self) { + self.key.zeroize(); + } +} + +#[cfg(feature = "zeroize")] +impl

ZeroizeOnDrop for DecapsulationKeyInner

where P: KemParams {} + +#[cfg(all(feature = "zeroize", feature = "decap_seed"))] +impl

ZeroizeOnDrop for DecapsulationSeed

where P: KemParams {} + #[cfg(feature = "zeroize")] impl

ZeroizeOnDrop for DecapsulationKey

where P: KemParams {} -impl

EncodedSizeUser for DecapsulationKey

+impl

EncodedSizeUser for DecapsulationKeyInner

where P: KemParams, { @@ -75,6 +156,59 @@ where } } +#[cfg(feature = "decap_seed")] +impl

EncodedSizeUser for DecapsulationSeed

+where + P: KemParams, +{ + type EncodedSize = U64; + + #[allow(clippy::similar_names)] // allow dk_pke, ek_pke, following the spec + fn from_bytes(enc: &Encoded) -> Self { + let (d, z) = P::split_seed(enc); + + Self { + d: d.clone(), + z: z.clone(), + _phantom: PhantomData, + } + } + + fn as_bytes(&self) -> Encoded { + self.d.clone().concat(self.z.clone()) + } +} + +impl

EncodedSizeUser for DecapsulationKey

+where + P: KemParams, +{ + #[cfg(not(feature = "decap_seed"))] + type EncodedSize = DecapsulationKeySize

; + #[cfg(feature = "decap_seed")] + type EncodedSize = U64; + + #[allow(clippy::similar_names)] // allow dk_pke, ek_pke, following the spec + fn from_bytes(enc: &Encoded) -> Self { + #[cfg(not(feature = "decap_seed"))] + { + Self { + key: DecapsulationKeyInner::

::from_bytes(enc), + } + } + #[cfg(feature = "decap_seed")] + { + Self { + key: DecapsulationSeed::

::from_bytes(enc), + } + } + } + + fn as_bytes(&self) -> Encoded { + self.key.as_bytes() + } +} + // 0xff if x == y, 0x00 otherwise fn constant_time_eq(x: u8, y: u8) -> u8 { let diff = x ^ y; @@ -82,7 +216,7 @@ fn constant_time_eq(x: u8, y: u8) -> u8 { 0u8.wrapping_sub(is_zero >> 7) } -impl

::kem::Decapsulate, SharedKey> for DecapsulationKey

+impl

::kem::Decapsulate, SharedKey> for DecapsulationKeyInner

where P: KemParams, { @@ -117,15 +251,46 @@ where } } -impl

DecapsulationKey

+#[cfg(feature = "decap_seed")] +impl

::kem::Decapsulate, SharedKey> for DecapsulationSeed

where P: KemParams, { - /// Get the [`EncapsulationKey`] which corresponds to this [`DecapsulationKey`]. - pub fn encapsulation_key(&self) -> &EncapsulationKey

{ - &self.ek + type Error = Infallible; + + fn decapsulate( + &self, + encapsulated_key: &EncodedCiphertext

, + ) -> Result { + DecapsulationKeyInner::

::generate_deterministic(&self.d, &self.z) + .decapsulate(encapsulated_key) } +} +impl

::kem::Decapsulate, SharedKey> for DecapsulationKey

+where + P: KemParams, +{ + type Error = Infallible; + + fn decapsulate( + &self, + encapsulated_key: &EncodedCiphertext

, + ) -> Result { + self.key.decapsulate(encapsulated_key) + } +} + +impl

DecapsulationKeyInner

+where + P: KemParams, +{ + /// Get the [`EncapsulationKey`] which corresponds to this [`DecapsulationKeyInner`]. + pub fn encapsulation_key(&self) -> EncapsulationKey

{ + self.ek.clone() + } + + #[cfg(not(feature = "decap_seed"))] pub(crate) fn generate(rng: &mut impl CryptoRngCore) -> Self { let d: B32 = rand(rng); let z: B32 = rand(rng); @@ -142,6 +307,85 @@ where } } +#[cfg(feature = "decap_seed")] +impl

DecapsulationSeed

+where + P: KemParams, +{ + /// Get the [`EncapsulationKey`] which corresponds to this [`DecapsulationSeed`]. + #[must_use] + pub fn encapsulation_key(&self) -> EncapsulationKey

{ + DecapsulationKeyInner::

::generate_deterministic(&self.d, &self.z) + .encapsulation_key() + .clone() + } + + pub(crate) fn generate(rng: &mut impl CryptoRngCore) -> Self { + let d: B32 = rand(rng); + let z: B32 = rand(rng); + Self { + d, + z, + _phantom: PhantomData, + } + } + + #[must_use] + #[allow(clippy::similar_names)] // allow dk_pke, ek_pke, following the spec + #[cfg(feature = "deterministic")] + pub(crate) fn generate_deterministic(d: &B32, z: &B32) -> Self { + Self { + d: *d, + z: *z, + _phantom: PhantomData, + } + } +} + +impl

DecapsulationKey

+where + P: KemParams, +{ + /// Get the [`EncapsulationKey`] which corresponds to this [`DecapsulationKey`]. + #[must_use] + pub fn encapsulation_key(&self) -> EncapsulationKey

{ + self.key.encapsulation_key() + } + + pub(crate) fn generate(rng: &mut impl CryptoRngCore) -> Self { + #[cfg(feature = "decap_seed")] + { + DecapsulationKey { + key: DecapsulationSeed::

::generate(rng), + } + } + #[cfg(not(feature = "decap_seed"))] + { + DecapsulationKey { + key: DecapsulationKeyInner::

::generate(rng), + } + } + } + + #[must_use] + #[allow(clippy::similar_names)] // allow dk_pke, ek_pke, following the spec + #[cfg(feature = "deterministic")] + pub(crate) fn generate_deterministic(d: &B32, z: &B32) -> Self { + #[cfg(feature = "decap_seed")] + { + DecapsulationKey { + key: DecapsulationSeed::

::generate_deterministic(d, z), + } + } + #[cfg(not(feature = "decap_seed"))] + { + DecapsulationKey { + key: DecapsulationKeyInner::

::generate_deterministic(d, z), + } + } + } +} + /// An `EncapsulationKey` provides the ability to encapsulate a shared key so that it can only be /// decapsulated by the holder of the corresponding decapsulation key. #[derive(Clone, Debug, PartialEq)] @@ -262,6 +506,10 @@ mod test { { let mut rng = rand::thread_rng(); + // #[cfg(not(feature = "decap_seed"))] + // let dk = DecapsulationKey::

::generate(&mut rng); + // #[cfg(feature = "decap_seed")] + // let dk = DecapsulationSeed::

::generate(&mut rng); let dk = DecapsulationKey::

::generate(&mut rng); let ek = dk.encapsulation_key(); @@ -282,10 +530,18 @@ mod test { P: KemParams, { let mut rng = rand::thread_rng(); + // #[cfg(not(feature = "decap_seed"))] + // let dk_original = DecapsulationKeyInner::

::generate(&mut rng); + // #[cfg(feature = "decap_seed")] + // let dk_original = DecapsulationSeed::

::generate(&mut rng); let dk_original = DecapsulationKey::

::generate(&mut rng); let ek_original = dk_original.encapsulation_key().clone(); let dk_encoded = dk_original.as_bytes(); + // #[cfg(not(feature = "decap_seed"))] + // let dk_decoded = DecapsulationKeyInner::from_bytes(&dk_encoded); + // #[cfg(feature = "decap_seed")] + // let dk_decoded = DecapsulationSeed::from_bytes(&dk_encoded); let dk_decoded = DecapsulationKey::from_bytes(&dk_encoded); assert_eq!(dk_original, dk_decoded); diff --git a/ml-kem/src/param.rs b/ml-kem/src/param.rs index 2a9497c..6fb2a58 100644 --- a/ml-kem/src/param.rs +++ b/ml-kem/src/param.rs @@ -251,12 +251,15 @@ pub trait KemParams: PkeParams { &B32, &B32, ); + + fn split_seed(enc: &EncodedDecapsulationSeed) -> (&B32, &B32); } pub type DecapsulationKeySize

=

::DecapsulationKeySize; pub type EncapsulationKeySize

=

::EncryptionKeySize; pub type EncodedDecapsulationKey

= Array::DecapsulationKeySize>; +pub type EncodedDecapsulationSeed = Array; impl

KemParams for P where @@ -295,4 +298,9 @@ where let (dk_pke, ek_pke) = enc.split_ref(); (dk_pke, ek_pke, h, z) } + + fn split_seed(enc: &EncodedDecapsulationSeed) -> (&B32, &B32) { + let (d, z) = enc.split_ref(); + (d, z) + } } diff --git a/ml-kem/tests/encap-decap.rs b/ml-kem/tests/encap-decap.rs index 64d0247..21058f3 100644 --- a/ml-kem/tests/encap-decap.rs +++ b/ml-kem/tests/encap-decap.rs @@ -1,4 +1,5 @@ #![cfg(feature = "deterministic")] +#![cfg(not(feature = "decap_seed"))] use ml_kem::*; diff --git a/ml-kem/tests/key-gen.rs b/ml-kem/tests/key-gen.rs index 3c855fd..c1382aa 100644 --- a/ml-kem/tests/key-gen.rs +++ b/ml-kem/tests/key-gen.rs @@ -1,4 +1,5 @@ #![cfg(feature = "deterministic")] +#![cfg(not(feature = "decap_seed"))] use ml_kem::*; From 49044390e929cadb112ac5698f53988b970d9ff8 Mon Sep 17 00:00:00 2001 From: supinie <86788874+supinie@users.noreply.github.com> Date: Tue, 7 Jan 2025 15:36:02 +0000 Subject: [PATCH 2/3] swaps feature flags default --- ml-kem/Cargo.toml | 4 +-- ml-kem/src/kem.rs | 50 ++++++++++++++++++------------------- ml-kem/tests/encap-decap.rs | 2 +- ml-kem/tests/key-gen.rs | 2 +- 4 files changed, 29 insertions(+), 29 deletions(-) diff --git a/ml-kem/Cargo.toml b/ml-kem/Cargo.toml index 8b7da2f..a346650 100644 --- a/ml-kem/Cargo.toml +++ b/ml-kem/Cargo.toml @@ -16,11 +16,11 @@ keywords = ["crypto", "kyber", "lattice", "post-quantum"] exclude = ["tests/key-gen.rs", "tests/key-gen.json", "tests/encap-decap.rs", "tests/encap-decap.json"] [features] -default = ["std", "decap_seed"] +default = ["std"] std = ["sha3/std"] deterministic = [] # Expose deterministic generation and encapsulation functions zeroize = ["dep:zeroize"] -decap_seed = [] # Use seed for decapsulation key (default behaviour). If not set, will use standard decapsulation key. +decap_key = [] # Use seed for decapsulation key (default behaviour) or not. If set, will use standard decapsulation key. [dependencies] kem = "0.3.0-pre.0" diff --git a/ml-kem/src/kem.rs b/ml-kem/src/kem.rs index 96839df..78e9ed3 100644 --- a/ml-kem/src/kem.rs +++ b/ml-kem/src/kem.rs @@ -1,7 +1,7 @@ use core::convert::Infallible; use core::marker::PhantomData; use hybrid_array::typenum::U32; -#[cfg(feature = "decap_seed")] +#[cfg(not(feature = "decap_key"))] use hybrid_array::typenum::U64; use rand_core::CryptoRngCore; @@ -20,7 +20,7 @@ pub use ::kem::{Decapsulate, Encapsulate}; /// A shared key resulting from an ML-KEM transaction pub(crate) type SharedKey = B32; -#[cfg(feature = "decap_seed")] +#[cfg(not(feature = "decap_key"))] #[derive(Clone, Debug, PartialEq)] struct DecapsulationSeed

where @@ -43,7 +43,7 @@ where /// A `DecapsulationKey` provides the ability to generate a new key pair, and decapsulate an /// encapsulated shared key. -#[cfg(not(feature = "decap_seed"))] +#[cfg(feature = "decap_key")] #[derive(Clone, Debug, PartialEq)] pub struct DecapsulationKey

where @@ -53,7 +53,7 @@ where } /// A `DecapsulationKey` provides the ability to generate a new key pair, and decapsulate an /// encapsulated shared key. -#[cfg(feature = "decap_seed")] +#[cfg(not(feature = "decap_key"))] #[derive(Clone, Debug, PartialEq)] pub struct DecapsulationKey

where @@ -73,7 +73,7 @@ where } } -#[cfg(all(feature = "zeroize", feature = "decap_seed"))] +#[cfg(all(feature = "zeroize", not(feature = "decap_key")))] impl

Drop for DecapsulationSeed

where P: KemParams, @@ -95,7 +95,7 @@ where } } -#[cfg(all(feature = "zeroize", feature = "decap_seed"))] +#[cfg(all(feature = "zeroize", not(feature = "decap_key")))] impl

Zeroize for DecapsulationSeed

where P: KemParams, @@ -119,7 +119,7 @@ where #[cfg(feature = "zeroize")] impl

ZeroizeOnDrop for DecapsulationKeyInner

where P: KemParams {} -#[cfg(all(feature = "zeroize", feature = "decap_seed"))] +#[cfg(all(feature = "zeroize", not(feature = "decap_key")))] impl

ZeroizeOnDrop for DecapsulationSeed

where P: KemParams {} #[cfg(feature = "zeroize")] @@ -156,7 +156,7 @@ where } } -#[cfg(feature = "decap_seed")] +#[cfg(not(feature = "decap_key"))] impl

EncodedSizeUser for DecapsulationSeed

where P: KemParams, @@ -183,20 +183,20 @@ impl

EncodedSizeUser for DecapsulationKey

where P: KemParams, { - #[cfg(not(feature = "decap_seed"))] + #[cfg(not(not(feature = "decap_key")))] type EncodedSize = DecapsulationKeySize

; - #[cfg(feature = "decap_seed")] + #[cfg(not(feature = "decap_key"))] type EncodedSize = U64; #[allow(clippy::similar_names)] // allow dk_pke, ek_pke, following the spec fn from_bytes(enc: &Encoded) -> Self { - #[cfg(not(feature = "decap_seed"))] + #[cfg(not(not(feature = "decap_key")))] { Self { key: DecapsulationKeyInner::

::from_bytes(enc), } } - #[cfg(feature = "decap_seed")] + #[cfg(not(feature = "decap_key"))] { Self { key: DecapsulationSeed::

::from_bytes(enc), @@ -251,7 +251,7 @@ where } } -#[cfg(feature = "decap_seed")] +#[cfg(not(feature = "decap_key"))] impl

::kem::Decapsulate, SharedKey> for DecapsulationSeed

where P: KemParams, @@ -290,7 +290,7 @@ where self.ek.clone() } - #[cfg(not(feature = "decap_seed"))] + #[cfg(not(not(feature = "decap_key")))] pub(crate) fn generate(rng: &mut impl CryptoRngCore) -> Self { let d: B32 = rand(rng); let z: B32 = rand(rng); @@ -307,7 +307,7 @@ where } } -#[cfg(feature = "decap_seed")] +#[cfg(not(feature = "decap_key"))] impl

DecapsulationSeed

where P: KemParams, @@ -353,13 +353,13 @@ where } pub(crate) fn generate(rng: &mut impl CryptoRngCore) -> Self { - #[cfg(feature = "decap_seed")] + #[cfg(not(feature = "decap_key"))] { DecapsulationKey { key: DecapsulationSeed::

::generate(rng), } } - #[cfg(not(feature = "decap_seed"))] + #[cfg(not(not(feature = "decap_key")))] { DecapsulationKey { key: DecapsulationKeyInner::

::generate(rng), @@ -371,13 +371,13 @@ where #[allow(clippy::similar_names)] // allow dk_pke, ek_pke, following the spec #[cfg(feature = "deterministic")] pub(crate) fn generate_deterministic(d: &B32, z: &B32) -> Self { - #[cfg(feature = "decap_seed")] + #[cfg(not(feature = "decap_key"))] { DecapsulationKey { key: DecapsulationSeed::

::generate_deterministic(d, z), } } - #[cfg(not(feature = "decap_seed"))] + #[cfg(not(not(feature = "decap_key")))] { DecapsulationKey { key: DecapsulationKeyInner::

::generate_deterministic(d, z), @@ -506,9 +506,9 @@ mod test { { let mut rng = rand::thread_rng(); - // #[cfg(not(feature = "decap_seed"))] + // #[cfg(not(not(feature = "decap_key")))] // let dk = DecapsulationKey::

::generate(&mut rng); - // #[cfg(feature = "decap_seed")] + // #[cfg(not(feature = "decap_key"))] // let dk = DecapsulationSeed::

::generate(&mut rng); let dk = DecapsulationKey::

::generate(&mut rng); let ek = dk.encapsulation_key(); @@ -530,17 +530,17 @@ mod test { P: KemParams, { let mut rng = rand::thread_rng(); - // #[cfg(not(feature = "decap_seed"))] + // #[cfg(not(not(feature = "decap_key")))] // let dk_original = DecapsulationKeyInner::

::generate(&mut rng); - // #[cfg(feature = "decap_seed")] + // #[cfg(not(feature = "decap_key"))] // let dk_original = DecapsulationSeed::

::generate(&mut rng); let dk_original = DecapsulationKey::

::generate(&mut rng); let ek_original = dk_original.encapsulation_key().clone(); let dk_encoded = dk_original.as_bytes(); - // #[cfg(not(feature = "decap_seed"))] + // #[cfg(not(not(feature = "decap_key")))] // let dk_decoded = DecapsulationKeyInner::from_bytes(&dk_encoded); - // #[cfg(feature = "decap_seed")] + // #[cfg(not(feature = "decap_key"))] // let dk_decoded = DecapsulationSeed::from_bytes(&dk_encoded); let dk_decoded = DecapsulationKey::from_bytes(&dk_encoded); assert_eq!(dk_original, dk_decoded); diff --git a/ml-kem/tests/encap-decap.rs b/ml-kem/tests/encap-decap.rs index 21058f3..26cab67 100644 --- a/ml-kem/tests/encap-decap.rs +++ b/ml-kem/tests/encap-decap.rs @@ -1,5 +1,5 @@ #![cfg(feature = "deterministic")] -#![cfg(not(feature = "decap_seed"))] +#![cfg(feature = "decap_key")] use ml_kem::*; diff --git a/ml-kem/tests/key-gen.rs b/ml-kem/tests/key-gen.rs index c1382aa..fdf7834 100644 --- a/ml-kem/tests/key-gen.rs +++ b/ml-kem/tests/key-gen.rs @@ -1,5 +1,5 @@ #![cfg(feature = "deterministic")] -#![cfg(not(feature = "decap_seed"))] +#![cfg(feature = "decap_key")] use ml_kem::*; From cfd051887879f14358bfd18a6dd809be01abb6b2 Mon Sep 17 00:00:00 2001 From: supinie <86788874+supinie@users.noreply.github.com> Date: Fri, 10 Jan 2025 10:19:59 +0000 Subject: [PATCH 3/3] tidy --- ml-kem/src/kem.rs | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/ml-kem/src/kem.rs b/ml-kem/src/kem.rs index 78e9ed3..0408b39 100644 --- a/ml-kem/src/kem.rs +++ b/ml-kem/src/kem.rs @@ -183,14 +183,14 @@ impl

EncodedSizeUser for DecapsulationKey

where P: KemParams, { - #[cfg(not(not(feature = "decap_key")))] + #[cfg(feature = "decap_key")] type EncodedSize = DecapsulationKeySize

; #[cfg(not(feature = "decap_key"))] type EncodedSize = U64; #[allow(clippy::similar_names)] // allow dk_pke, ek_pke, following the spec fn from_bytes(enc: &Encoded) -> Self { - #[cfg(not(not(feature = "decap_key")))] + #[cfg(feature = "decap_key")] { Self { key: DecapsulationKeyInner::

::from_bytes(enc), @@ -290,7 +290,7 @@ where self.ek.clone() } - #[cfg(not(not(feature = "decap_key")))] + #[cfg(feature = "decap_key")] pub(crate) fn generate(rng: &mut impl CryptoRngCore) -> Self { let d: B32 = rand(rng); let z: B32 = rand(rng); @@ -359,7 +359,7 @@ where key: DecapsulationSeed::

::generate(rng), } } - #[cfg(not(not(feature = "decap_key")))] + #[cfg(feature = "decap_key")] { DecapsulationKey { key: DecapsulationKeyInner::

::generate(rng), @@ -377,7 +377,7 @@ where key: DecapsulationSeed::

::generate_deterministic(d, z), } } - #[cfg(not(not(feature = "decap_key")))] + #[cfg(feature = "decap_key")] { DecapsulationKey { key: DecapsulationKeyInner::

::generate_deterministic(d, z), @@ -506,10 +506,6 @@ mod test { { let mut rng = rand::thread_rng(); - // #[cfg(not(not(feature = "decap_key")))] - // let dk = DecapsulationKey::

::generate(&mut rng); - // #[cfg(not(feature = "decap_key"))] - // let dk = DecapsulationSeed::

::generate(&mut rng); let dk = DecapsulationKey::

::generate(&mut rng); let ek = dk.encapsulation_key(); @@ -530,18 +526,10 @@ mod test { P: KemParams, { let mut rng = rand::thread_rng(); - // #[cfg(not(not(feature = "decap_key")))] - // let dk_original = DecapsulationKeyInner::

::generate(&mut rng); - // #[cfg(not(feature = "decap_key"))] - // let dk_original = DecapsulationSeed::

::generate(&mut rng); let dk_original = DecapsulationKey::

::generate(&mut rng); let ek_original = dk_original.encapsulation_key().clone(); let dk_encoded = dk_original.as_bytes(); - // #[cfg(not(not(feature = "decap_key")))] - // let dk_decoded = DecapsulationKeyInner::from_bytes(&dk_encoded); - // #[cfg(not(feature = "decap_key"))] - // let dk_decoded = DecapsulationSeed::from_bytes(&dk_encoded); let dk_decoded = DecapsulationKey::from_bytes(&dk_encoded); assert_eq!(dk_original, dk_decoded);