From 1b8bcb44bcb5056139600c7a5354864bff9b4d03 Mon Sep 17 00:00:00 2001
From: Justin Smith <justsmth@amazon.com>
Date: Thu, 12 Dec 2024 14:10:30 -0500
Subject: [PATCH] Drop support for Kyber Round 3

---
 aws-lc-rs/src/kem.rs          | 146 ----------------------------------
 aws-lc-rs/src/unstable/kem.rs |  84 ++-----------------
 2 files changed, 6 insertions(+), 224 deletions(-)

diff --git a/aws-lc-rs/src/kem.rs b/aws-lc-rs/src/kem.rs
index 933203a8d31..125a8969cb6 100644
--- a/aws-lc-rs/src/kem.rs
+++ b/aws-lc-rs/src/kem.rs
@@ -634,149 +634,3 @@ mod tests {
         );
     }
 }
-
-#[allow(deprecated)]
-#[cfg(all(test, feature = "unstable"))]
-mod unstable_tests {
-    use crate::{
-        error::KeyRejected,
-        kem::{DecapsulationKey, EncapsulationKey},
-    };
-
-    use crate::unstable::kem::{get_algorithm, AlgorithmId};
-
-    #[test]
-    fn test_kem_serialize() {
-        for algorithm_id in [
-            AlgorithmId::Kyber512_R3,
-            AlgorithmId::Kyber768_R3,
-            AlgorithmId::Kyber1024_R3,
-        ] {
-            let algorithm = get_algorithm(algorithm_id).unwrap();
-            let priv_key = DecapsulationKey::generate(algorithm).unwrap();
-            assert_eq!(priv_key.algorithm(), algorithm);
-
-            let pub_key = priv_key.encapsulation_key().unwrap();
-            let pubkey_raw_bytes = pub_key.key_bytes().unwrap();
-            let pub_key_from_bytes =
-                EncapsulationKey::new(algorithm, pubkey_raw_bytes.as_ref()).unwrap();
-
-            assert_eq!(
-                pub_key.key_bytes().unwrap().as_ref(),
-                pub_key_from_bytes.key_bytes().unwrap().as_ref()
-            );
-            assert_eq!(pub_key.algorithm(), pub_key_from_bytes.algorithm());
-        }
-    }
-
-    #[test]
-    fn test_kem_wrong_sizes() {
-        for algorithm_id in [
-            AlgorithmId::Kyber512_R3,
-            AlgorithmId::Kyber768_R3,
-            AlgorithmId::Kyber1024_R3,
-        ] {
-            let algorithm = get_algorithm(algorithm_id).unwrap();
-            let too_long_bytes = vec![0u8; algorithm.encapsulate_key_size() + 1];
-            let long_pub_key_from_bytes = EncapsulationKey::new(algorithm, &too_long_bytes);
-            assert_eq!(
-                long_pub_key_from_bytes.err(),
-                Some(KeyRejected::too_large())
-            );
-
-            let too_short_bytes = vec![0u8; algorithm.encapsulate_key_size() - 1];
-            let short_pub_key_from_bytes = EncapsulationKey::new(algorithm, &too_short_bytes);
-            assert_eq!(
-                short_pub_key_from_bytes.err(),
-                Some(KeyRejected::too_small())
-            );
-        }
-    }
-
-    #[test]
-    fn test_kem_e2e() {
-        for algorithm_id in [
-            AlgorithmId::Kyber512_R3,
-            AlgorithmId::Kyber768_R3,
-            AlgorithmId::Kyber1024_R3,
-        ] {
-            let algorithm = get_algorithm(algorithm_id).unwrap();
-            let priv_key = DecapsulationKey::generate(algorithm).unwrap();
-            assert_eq!(priv_key.algorithm(), algorithm);
-
-            let pub_key = priv_key.encapsulation_key().unwrap();
-
-            let (alice_ciphertext, alice_secret) =
-                pub_key.encapsulate().expect("encapsulate successful");
-
-            let bob_secret = priv_key
-                .decapsulate(alice_ciphertext)
-                .expect("decapsulate successful");
-
-            assert_eq!(alice_secret.as_ref(), bob_secret.as_ref());
-        }
-    }
-
-    #[test]
-    fn test_serialized_kem_e2e() {
-        for algorithm_id in [
-            AlgorithmId::Kyber512_R3,
-            AlgorithmId::Kyber768_R3,
-            AlgorithmId::Kyber1024_R3,
-        ] {
-            let algorithm = get_algorithm(algorithm_id).unwrap();
-            let priv_key = DecapsulationKey::generate(algorithm).unwrap();
-            assert_eq!(priv_key.algorithm(), algorithm);
-
-            let pub_key = priv_key.encapsulation_key().unwrap();
-
-            // Generate public key bytes to send to bob
-            let pub_key_bytes = pub_key.key_bytes().unwrap();
-
-            // Test that priv_key's EVP_PKEY isn't entirely freed since we remove this pub_key's reference.
-            drop(pub_key);
-
-            let retrieved_pub_key =
-                EncapsulationKey::new(algorithm, pub_key_bytes.as_ref()).unwrap();
-            let (ciphertext, bob_secret) = retrieved_pub_key
-                .encapsulate()
-                .expect("encapsulate successful");
-
-            let alice_secret = priv_key
-                .decapsulate(ciphertext)
-                .expect("encapsulate successful");
-
-            assert_eq!(alice_secret.as_ref(), bob_secret.as_ref());
-        }
-    }
-
-    #[test]
-    fn test_get_algorithm() {
-        for id in [
-            AlgorithmId::Kyber512_R3,
-            AlgorithmId::Kyber768_R3,
-            AlgorithmId::Kyber1024_R3,
-        ] {
-            let alg = get_algorithm(id).expect("algorithm retrievable");
-            assert_eq!(alg.id(), id);
-        }
-    }
-
-    #[test]
-    #[allow(deprecated)]
-    fn test_debug_fmt() {
-        let alg = get_algorithm(AlgorithmId::Kyber512_R3).expect("algorithm retrievable");
-        let private = DecapsulationKey::generate(alg).expect("successful generation");
-        assert_eq!(
-            format!("{private:?}"),
-            "DecapsulationKey { algorithm: Kyber512_R3, .. }"
-        );
-        assert_eq!(
-            format!(
-                "{:?}",
-                private.encapsulation_key().expect("public key retrievable")
-            ),
-            "EncapsulationKey { algorithm: Kyber512_R3, .. }"
-        );
-    }
-}
diff --git a/aws-lc-rs/src/unstable/kem.rs b/aws-lc-rs/src/unstable/kem.rs
index 24153105819..2facb2888d2 100644
--- a/aws-lc-rs/src/unstable/kem.rs
+++ b/aws-lc-rs/src/unstable/kem.rs
@@ -1,90 +1,21 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0 OR ISC
 
-#![allow(deprecated)]
 use core::fmt::Debug;
 
 use crate::kem::Algorithm;
-use aws_lc::{NID_KYBER1024_R3, NID_KYBER512_R3, NID_KYBER768_R3};
 
 #[deprecated(note = "use aws_lc_rs::kem::{ML_KEM_512, ML_KEM_768, ML_KEM_1024}")]
 pub use crate::kem::{ML_KEM_1024, ML_KEM_512, ML_KEM_768};
 
-// Key lengths defined as stated on the CRYSTALS website:
-// https://pq-crystals.org/kyber/
-
-const KYBER512_R3_SECRET_KEY_LENGTH: usize = 1632;
-const KYBER512_R3_CIPHERTEXT_LENGTH: usize = 768;
-const KYBER512_R3_PUBLIC_KEY_LENGTH: usize = 800;
-const KYBER512_R3_SHARED_SECRET_LENGTH: usize = 32;
-
-const KYBER768_R3_SECRET_KEY_LENGTH: usize = 2400;
-const KYBER768_R3_CIPHERTEXT_LENGTH: usize = 1088;
-const KYBER768_R3_PUBLIC_KEY_LENGTH: usize = 1184;
-const KYBER768_R3_SHARED_SECRET_LENGTH: usize = 32;
-
-const KYBER1024_R3_SECRET_KEY_LENGTH: usize = 3168;
-const KYBER1024_R3_CIPHERTEXT_LENGTH: usize = 1568;
-const KYBER1024_R3_PUBLIC_KEY_LENGTH: usize = 1568;
-const KYBER1024_R3_SHARED_SECRET_LENGTH: usize = 32;
-
-/// NIST Round 3 submission of the Kyber-512 algorithm.
-#[allow(deprecated)]
-const KYBER512_R3: Algorithm<AlgorithmId> = Algorithm {
-    id: AlgorithmId::Kyber512_R3,
-    decapsulate_key_size: KYBER512_R3_SECRET_KEY_LENGTH,
-    encapsulate_key_size: KYBER512_R3_PUBLIC_KEY_LENGTH,
-    ciphertext_size: KYBER512_R3_CIPHERTEXT_LENGTH,
-    shared_secret_size: KYBER512_R3_SHARED_SECRET_LENGTH,
-};
-
-/// NIST Round 3 submission of the Kyber-768 algorithm.
-#[allow(deprecated)]
-const KYBER768_R3: Algorithm<AlgorithmId> = Algorithm {
-    id: AlgorithmId::Kyber768_R3,
-    decapsulate_key_size: KYBER768_R3_SECRET_KEY_LENGTH,
-    encapsulate_key_size: KYBER768_R3_PUBLIC_KEY_LENGTH,
-    ciphertext_size: KYBER768_R3_CIPHERTEXT_LENGTH,
-    shared_secret_size: KYBER768_R3_SHARED_SECRET_LENGTH,
-};
-
-/// NIST Round 3 submission of the Kyber-1024 algorithm.
-#[allow(deprecated)]
-const KYBER1024_R3: Algorithm<AlgorithmId> = Algorithm {
-    id: AlgorithmId::Kyber1024_R3,
-    decapsulate_key_size: KYBER1024_R3_SECRET_KEY_LENGTH,
-    encapsulate_key_size: KYBER1024_R3_PUBLIC_KEY_LENGTH,
-    ciphertext_size: KYBER1024_R3_CIPHERTEXT_LENGTH,
-    shared_secret_size: KYBER1024_R3_SHARED_SECRET_LENGTH,
-};
-
-/// Identifier for an unstable KEM algorithm.
-#[allow(non_camel_case_types)]
 #[non_exhaustive]
 #[derive(Clone, Copy, Debug, PartialEq)]
-pub enum AlgorithmId {
-    /// NIST Round 3 submission of the Kyber-512 algorithm.
-    #[deprecated(note = "use aws_lc_rs:kem::ML_KEM_512")]
-    Kyber512_R3,
-
-    /// NIST Round 3 submission of the Kyber-768 algorithm.
-    #[deprecated(note = "use aws_lc_rs:kem::ML_KEM_768")]
-    Kyber768_R3,
-
-    /// NIST Round 3 submission of the Kyber-1024 algorithm.
-    #[deprecated(note = "use aws_lc_rs:kem::ML_KEM_1024")]
-    Kyber1024_R3,
-}
+pub enum AlgorithmId {}
 
 impl crate::kem::AlgorithmIdentifier for AlgorithmId {
     #[inline]
     fn nid(self) -> i32 {
-        #[allow(deprecated)]
-        match self {
-            AlgorithmId::Kyber512_R3 => NID_KYBER512_R3,
-            AlgorithmId::Kyber768_R3 => NID_KYBER768_R3,
-            AlgorithmId::Kyber1024_R3 => NID_KYBER1024_R3,
-        }
+        unreachable!("There are no AlgorithmIds")
     }
 }
 
@@ -92,12 +23,9 @@ impl crate::sealed::Sealed for AlgorithmId {}
 
 /// Retrieve an unstable KEM [`Algorithm`] using the [`AlgorithmId`] specified by `id`.
 /// May return [`None`] if support for the algorithm has been removed from the unstable module.
+/// # ⚠️ Warning
+/// This function currently only returns [`None`].
 #[must_use]
-pub const fn get_algorithm(id: AlgorithmId) -> Option<&'static Algorithm<AlgorithmId>> {
-    #[allow(deprecated)]
-    match id {
-        AlgorithmId::Kyber512_R3 => Some(&KYBER512_R3),
-        AlgorithmId::Kyber768_R3 => Some(&KYBER768_R3),
-        AlgorithmId::Kyber1024_R3 => Some(&KYBER1024_R3),
-    }
+pub const fn get_algorithm(_id: AlgorithmId) -> Option<&'static Algorithm<AlgorithmId>> {
+    None
 }