One of the goals in Rosenpass was to allow using custom allocators for secret memory. Right now we are using sodium_malloc/sodium_free for instance.
Due to the reliance on a C library (libsodium) this is not a perfect choice, but allowing user-managed memory is still useful to comprehensively support features like zeroization.
In Rosenpass we opt for a low-level solution, passing all memory as slices:
pub trait KEM {
const SK_LEN: usize;
const PK_LEN: usize;
const CT_LEN: usize;
const SHK_LEN: usize;
fn keygen(sk: &mut [u8], pk: &mut [u8]) -> Result<(), RosenpassError>;
fn encaps(shk: &mut [u8], ct: &mut [u8], pk: &[u8]) -> Result<(), RosenpassError>;
fn decaps(shk: &mut [u8], sk: &[u8], ct: &[u8]) -> Result<(), RosenpassError>;
}A more comprehensive solution might involve the use of a custom allocation.
We should figure out a way to enable user-controlled secret allocation in HPKE!
One of the goals in Rosenpass was to allow using custom allocators for secret memory. Right now we are using sodium_malloc/sodium_free for instance.
Due to the reliance on a C library (libsodium) this is not a perfect choice, but allowing user-managed memory is still useful to comprehensively support features like zeroization.
In Rosenpass we opt for a low-level solution, passing all memory as slices:
A more comprehensive solution might involve the use of a custom allocation.
We should figure out a way to enable user-controlled secret allocation in HPKE!