-r--r--r-- 9842 libmceliece-20260622/doc/html/api.html raw
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<style type="text/css">
html{overflow-y:scroll;background-color:#196069}
body{font-family:"Noto Sans","Droid Sans","DejaVu Sans","Arial",sans-serif;line-height:1.5}
tt,code{background-color:#f0f0f0;font-family:Consolas,Monaco,"Noto Sans Mono","DejaVu Sans Mono",monospace,sans-serif;font-size:1em;}
pre{margin-left:3em}
p,ul,ol,blockquote,pre{font-size:1.0em;line-height:1.6}
li p{font-size:1.0em}
blockquote p{font-size:1.0em}
h1{font-size:1.5em}
h2{font-size:1.3em}
h3{font-size:1.0em}
h1 a{text-decoration:none}
table{border-collapse:collapse}
th,td{border:1px solid black}
table a{text-decoration:none}
table tr{font-size:1.0em;line-height:1.6em}
table tr{font-size:1.0em;line-height:1.5}
tbody tr:nth-child(20n+1){background-color:#f0ffff}
tbody tr:nth-child(20n+2){background-color:#f0ffff}
tbody tr:nth-child(20n+3){background-color:#f0ffff}
tbody tr:nth-child(20n+4){background-color:#f0ffff}
tbody tr:nth-child(20n+5){background-color:#f0ffff}
tbody tr:nth-child(20n+6){background-color:#f0ffff}
tbody tr:nth-child(20n+7){background-color:#f0ffff}
tbody tr:nth-child(20n+8){background-color:#f0ffff}
tbody tr:nth-child(20n+9){background-color:#f0ffff}
tbody tr:nth-child(20n+10){background-color:#f0ffff}
tbody tr:nth-child(20n+11){background-color:#fffff0}
tbody tr:nth-child(20n+12){background-color:#fffff0}
tbody tr:nth-child(20n+13){background-color:#fffff0}
tbody tr:nth-child(20n+14){background-color:#fffff0}
tbody tr:nth-child(20n+15){background-color:#fffff0}
tbody tr:nth-child(20n+16){background-color:#fffff0}
tbody tr:nth-child(20n+17){background-color:#fffff0}
tbody tr:nth-child(20n+18){background-color:#fffff0}
tbody tr:nth-child(20n+19){background-color:#fffff0}
tbody tr:nth-child(20n+20){background-color:#fffff0}
#headline{display:block;margin:0;padding:0;color:#ffffff;background-color:#196069}
#headline .text{font-weight:bold;font-size:1.0em}
#headline input{display:none}
#nav ul{margin:0;padding:0}
#nav li{list-style-type:none;margin:0;padding:0}
.navtop{padding-bottom:0.5em;font-weight:bold;font-size:1.0em}
.navtop{background-color:#196069;color:#ffffff}
#nav .here{background-color:#196069;color:#ffffff}
#nav .away{background-color:#196069;color:#ffffff}
#nav .away a{text-decoration:none;display:block;color:#ffffff}
#nav .away a:hover,.away a:active{text-decoration:underline}
#hidemenu{visibility:hidden;display:none;overflow:hidden;position:fixed;top:0;left:0;height:100%;width:100%}
.main{padding:5px}
.main{background-color:#ffffff}
.pagetitle{font-size:1.4em;font-weight:bold}
@media only screen and (min-width:512px) {
.navtop{padding-top:5px}
#headline{top:0;margin:0;width:160px;height:100%;position:fixed;overflow:auto}
#headline .noselect{display:none}
#headline #nav{visibility:visible;display:block;width:auto;height:auto}
.main{margin-left:170px}
#headline #hidemenu{visibility:hidden}
}
@media not screen and (min-width:512px) {
#headline .noselect{-webkit-user-select:none;-ms-user-select:none;user-select:none;}
#headline #nav #navbot{visibility:hidden;position:fixed;top:0;left:-70%;z-index:2;transition:0.2s;margin:0;padding:0}
#headline input:checked ~ #nav #navbot{height:100%;position:fixed;top:0;left:0;visibility:visible;display:block;box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box;vertical-align:center;font-size:1.0em;width:70%;overflow:auto}
#headline input:checked ~ #hidemenu{visibility:visible;display:block;background:black;opacity:0.3;z-index:1}
}
</style>
<title>
libmceliece: API</title>
</head>
<body>
<label id=headline>
<input type=checkbox />
<nav id=nav>
<div class=navtop>
<span class=noselect>≡</span>
libmceliece</div>
<ul id=navbot>
<li class=away><a href=index.html>Intro</a>
</li><li class=away><a href=download.html>Download</a>
</li><li class=away><a href=install.html>Install</a>
</li><li class=away><a href=test.html>Test</a>
</li><li class=here>API
</li><li class=away><a href=cli.html>CLI</a>
</li><li class=away><a href=security.html>Security</a>
</li><li class=away><a href=verification.html>Verification</a>
</li><li class=away><a href=speed.html>Speed</a>
</li><li class=away><a href=internals.html>Internals</a>
</li><li class=away><a href=people.html>People</a>
</li><li class=away><a href=license.html>License</a>
</li></ul></nav>
<div id=hidemenu></div>
</label>
<div class=main>
<div class=pagetitle>libmceliece: API</div>
<h3>NAME</h3>
<p>mceliece - C API for the libmceliece implementation of the Classic McEliece cryptosystem</p>
<h3>SYNOPSIS</h3>
<p>Using libmceliece:</p>
<pre><code>#include <mceliece.h>
</code></pre>
<p>Link with <code>-lmceliece</code>.</p>
<p>Key generation (for, e.g., <code>mceliece6960119</code>):</p>
<pre><code>unsigned char pk[mceliece6960119_PUBLICKEYBYTES];
unsigned char sk[mceliece6960119_SECRETKEYBYTES];
mceliece6960119_keypair(pk,sk);
</code></pre>
<p>Encapsulation (for, e.g., <code>mceliece6960119</code>):</p>
<pre><code>unsigned char ct[mceliece6960119_CIPHERTEXTBYTES];
unsigned char k[mceliece6960119_BYTES];
const unsigned char pk[mceliece6960119_PUBLICKEYBYTES];
int ret;
ret = mceliece6960119_enc(ct,k,pk);
</code></pre>
<p>Decapsulation (for, e.g., <code>mceliece6960119</code>):</p>
<pre><code>unsigned char k[mceliece6960119_BYTES];
const unsigned char ct[mceliece6960119_CIPHERTEXTBYTES];
const unsigned char sk[mceliece6960119_SECRETKEYBYTES];
int ret;
ret = mceliece6960119_dec(k,ct,sk);
</code></pre>
<h3>DESCRIPTION</h3>
<p>libmceliece is an implementation
of the <a href="https://classic.mceliece.org">Classic McEliece</a> cryptosystem.
The C API for libmceliece
provides the following functions:</p>
<pre><code>mceliece{6960119,6688128,8192128,460896,348864}_keypair
mceliece{6960119,6688128,8192128,460896,348864}_enc
mceliece{6960119,6688128,8192128,460896,348864}_dec
mceliece{6960119,6688128,8192128,460896,348864}f_keypair
mceliece{6960119,6688128,8192128,460896,348864}f_enc
mceliece{6960119,6688128,8192128,460896,348864}f_dec
</code></pre>
<p>All of these functions follow the
<a href="https://bench.cr.yp.to/call-kem.html">SUPERCOP API for KEMs</a>
except that</p>
<ul>
<li>the function names are libmceliece-specific instead of <code>crypto_kem_*</code>,</li>
<li>message lengths are <code>long long</code> instead of <code>unsigned long long</code>, and</li>
<li>the <code>keypair</code> functions return <code>void</code> instead of <code>int</code>.</li>
</ul>
<p>The details below use <code>mceliece6960119</code> as an example.</p>
<h3>KEY GENERATION</h3>
<p>The <code>mceliece6960119_keypair</code> function randomly generates
Alice's secret key
<code>sk[0]</code>, <code>sk[1]</code>, ..., <code>sk[mceliece6960119_SECRETKEYBYTES-1]</code>
and
Alice's corresponding public key
<code>pk[0]</code>, <code>pk[1]</code>, ..., <code>pk[mceliece6960119_PUBLICKEYBYTES-1]</code>.</p>
<h3>ENCAPSULATION</h3>
<p>The <code>mceliece6960119_enc</code> function randomly generates
a ciphertext <code>ct[0]</code>, <code>ct[1]</code>, ..., <code>ct[mceliece6960119_CIPHERTEXTBYTES-1]</code>
and the corresponding session key
<code>k[0]</code>, <code>k[1]</code>, ..., <code>k[mceliece6960119_BYTES-1]</code>
given Alice's public key
<code>pk[0]</code>, <code>pk[1]</code>, ..., <code>pk[mceliece6960119_PUBLICKEYBYTES-1]</code>.
This function then returns <code>0</code>.</p>
<p>Exception:
If the input public key is not "narrowly decodable"
(i.e., if bits at particular positions in <code>pk</code> are set),
this function returns <code>-1</code>.
Currently the function also handles such public keys
by clearing <code>ct</code> and <code>k</code>,
but callers should not rely on this.</p>
<p>For <code>{6688128,8192128,460896,348864}{,f}</code>,
all byte strings of the correct length are narrowly decodable,
and the return value is always <code>0</code>.
For <code>6960119{,f}</code>, the return value can be <code>-1</code>.</p>
<h3>DECAPSULATION</h3>
<p>The <code>mceliece6960119_dec</code> function,
given Alice's secret key
<code>sk[0]</code>, <code>sk[1]</code>, ..., <code>sk[mceliece6960119_SECRETKEYBYTES-1]</code>,
computes the session key
<code>k[0]</code>, <code>k[1]</code>, ..., <code>k[mceliece6960119_BYTES-1]</code>
corresponding to a ciphertext
<code>ct[0]</code>, <code>ct[1]</code>, ..., <code>ct[mceliece6960119_CIPHERTEXTBYTES-1]</code>
that was encapsulated to Alice.
This function then returns <code>0</code>.</p>
<p>Exception:
If the input ciphertext is not "narrowly decodable"
(i.e., if bits at particular positions in <code>ct</code> are set),
this function returns <code>-1</code>.
Currently this function also handles such ciphertexts
by setting all bytes of <code>k</code> to <code>255</code>,
but callers should not rely on this.</p>
<p>For <code>{6688128,8192128,460896,348864}{,f}</code>,
all byte strings of the correct length are narrowly decodable,
and the return value is always <code>0</code>.
For <code>6960119{,f}</code>, the return value can be <code>-1</code>.</p>
<h3>THE f VARIANTS</h3>
<p>The <code>f</code> variants are internally more complicated than the non-<code>f</code> variants
but provide faster key generation.
The <code>f</code> variants are interoperable with the non-<code>f</code> variants:
for example, a key generated with <code>mceliece6960119f_keypair</code>
can decapsulate ciphertexts that were encapsulated with <code>mceliece6960119_enc</code>.
The secret-key sizes (and formats) are the same,
the <code>enc</code> functions are the same, and
the <code>dec</code> functions are the same.</p>
<h3>SEE ALSO</h3>
<p><strong>mceliece</strong>(1), <strong>randombytes</strong>(3)</p><hr><font size=1><b>Version:</b>
This is version 2024.05.02 of the "API" web page.
</font>
</div>
</body>
</html>