38 lines
1.2 KiB
Rust
38 lines
1.2 KiB
Rust
use mt_crypto::{
|
|
keypair_from_seed_mlkem, mlkem_decapsulate, mlkem_encapsulate, MLKEM_CIPHERTEXT_SIZE,
|
|
MLKEM_SHARED_SECRET_SIZE,
|
|
};
|
|
|
|
#[test]
|
|
fn mlkem_encap_decap_roundtrip() {
|
|
let seed = [0x42u8; mt_crypto::MLKEM_SEED_SIZE];
|
|
let (pk, sk) = keypair_from_seed_mlkem(&seed).unwrap();
|
|
|
|
let (ct, ss_sender) = mlkem_encapsulate(&pk).unwrap();
|
|
assert_eq!(ct.as_bytes().len(), MLKEM_CIPHERTEXT_SIZE);
|
|
|
|
let ss_receiver = mlkem_decapsulate(&sk, &ct).unwrap();
|
|
assert_eq!(ss_receiver.as_bytes().len(), MLKEM_SHARED_SECRET_SIZE);
|
|
assert_eq!(ss_sender.as_bytes(), ss_receiver.as_bytes());
|
|
}
|
|
|
|
#[test]
|
|
fn mlkem_encap_produces_distinct_ciphertexts() {
|
|
let seed = [0x33u8; mt_crypto::MLKEM_SEED_SIZE];
|
|
let (pk, sk) = keypair_from_seed_mlkem(&seed).unwrap();
|
|
let (ct1, _ss1) = mlkem_encapsulate(&pk).unwrap();
|
|
let (ct2, _ss2) = mlkem_encapsulate(&pk).unwrap();
|
|
assert_ne!(
|
|
ct1.as_bytes(),
|
|
ct2.as_bytes(),
|
|
"encap must use fresh OS randomness per FIPS 203"
|
|
);
|
|
let ss1 = mlkem_decapsulate(&sk, &ct1).unwrap();
|
|
let ss2 = mlkem_decapsulate(&sk, &ct2).unwrap();
|
|
assert_ne!(
|
|
ss1.as_bytes(),
|
|
ss2.as_bytes(),
|
|
"distinct ciphertexts → distinct shared secrets"
|
|
);
|
|
}
|