feat: add generate_ml_kem_768, pending implement ML-KEM later

src/main.rs

@@ -84,6 +84,7 @@ mod sshutil;
 mod util;
 mod yubikeyutil;
 mod cmd_yubikey;
+mod mlkemutil;
 
 pub struct DefaultCommandImpl;
 

src/mlkemutil.rs

@@ -0,0 +1,40 @@
+use crate::util::base64_encode;
+use ml_kem::kem::{Decapsulate, Encapsulate};
+use ml_kem::{EncodedSizeUser, KemCore, MlKem768};
+use rust_util::XResult;
+use std::convert::TryInto;
+
+// #[test]
+pub fn generate_ml_kem_768() -> XResult<()> {
+    let mut rng = rand::thread_rng();
+    let (dk, ek) = <MlKem768 as KemCore>::generate(&mut rng);
+    println!("dk: {}", base64_encode(&dk.as_bytes().0.to_vec()));
+    println!("ek: {}", base64_encode(ek.as_bytes().0.to_vec()));
+
+    let ek_bytes = dk.as_bytes().0.to_vec();
+    let dk = <MlKem768 as KemCore>::DecapsulationKey::from_bytes(&opt_result!(
+        ek_bytes.as_slice().try_into(),
+        "Parse decapsulation key failed: {}"
+    ));
+
+    let (encoded_ciphertext, shared_key) = opt_result!(
+        ek.encapsulate(&mut rng),
+        "Encapsulation key encapsulate failed: {:?}"
+    );
+    println!(
+        "encoded_ciphertext: {}",
+        base64_encode(&encoded_ciphertext.0.to_vec())
+    );
+    println!("shared_key: {}", base64_encode(&shared_key.0.to_vec()));
+
+    let k_bytes = encoded_ciphertext.0.to_vec();
+    let shared_key_2 = opt_result!(
+        dk.decapsulate(opt_result!(
+            &k_bytes.as_slice().try_into(),
+            "Parse encoded ciphertext failed: {}"
+        )),
+        "Decapsulation key decapsulate failed: {:?}"
+    );
+    println!("shared_key2: {}", base64_encode(&shared_key_2.0.to_vec()));
+    Ok(())
+}