ml-kem: Adds feature flag to use key or seed #83
Conversation
begin refactor adds feature flag to use key or seed minor fixes to no-default disables acvp tests for seed adds missing conditional reset actions properly handle tests properly negate tests to stop clippy warnings
|
Really seeds should be the "default" API, not something that's enabled by a feature. I think it's OK to make breaking changes towards that end. |
I can easily swap this around - will put together a new commit now. |
|
I just thought, since we now have two feature flags, is it also worth adding a short section on the docs homepage about them? |
supinie
changed the title
|
@supinie I would prefer a PR like this be purely additive, as opposed to changing things depending on if the feature is enabled by using |
|
@tarcieri in that case, would we rather that the DecapsulationKey object is the seed, and we then generate the "inner" key before use, or keep the |
|
That's a good question. In As things are currently implemented, the seed is always expanded prior to use, and the expanded form is not cached but instead always computed on demand. I think something similar could work here? |
|
I've refactored it to fit this style, but am unable to get the KATs working ( I have pushed these changes to https://github.com/supinie/KEMs/tree/additive so you can take a look if you'd like. |
Resolves #53
I saw that @bifurcation mentioned that the test vectors should work, but they appeared to be in the wrong format. For now I have disabled them in the same way that
deterministicdoes.I have tried to write it in such a way that the user always deals with a
DecapsulationKeytype no matter whether this is a true key or seed to maximise backwards compatibility.