Add ML-KEM mechanisms, keys, attributes

Signed-off-by: Jakub Jelen <jjelen@redhat.com>

Author: Jakuje

cryptoki/src/mechanism/mod.rs

@@ -326,6 +326,14 @@ impl MechanismType {
     /// HKDF-DATA mechanism
     pub const HKDF_DATA: MechanismType = MechanismType { val: CKM_HKDF_DATA };
 
+    // ML-KEM
+    /// ML-KEM key pair generation mechanism
+    pub const ML_KEM_KEY_PAIR_GEN: MechanismType = MechanismType {
+        val: CKM_ML_KEM_KEY_PAIR_GEN,
+    };
+    /// ML-KEM encapsulation and decapsulation mechanism
+    pub const ML_KEM: MechanismType = MechanismType { val: CKM_ML_KEM };
+
     /// Create vendor defined mechanism
     ///
     /// # Arguments
@@ -715,6 +723,8 @@ impl MechanismType {
             CKM_HKDF_KEY_GEN => String::from(stringify!(CKM_HKDF_KEY_GEN)),
             CKM_HKDF_DERIVE => String::from(stringify!(CKM_HKDF_DERIVE)),
             CKM_HKDF_DATA => String::from(stringify!(CKM_HKDF_DATA)),
+            CKM_ML_KEM_KEY_PAIR_GEN => String::from(stringify!(CKM_ML_KEM_KEY_PAIR_GEN)),
+            CKM_ML_KEM => String::from(stringify!(CKM_ML_KEM)),
             _ => format!("unknown {mech:08x}"),
         }
     }
@@ -799,6 +809,8 @@ impl TryFrom<CK_MECHANISM_TYPE> for MechanismType {
             CKM_HKDF_KEY_GEN => Ok(MechanismType::HKDF_KEY_GEN),
             CKM_HKDF_DERIVE => Ok(MechanismType::HKDF_DERIVE),
             CKM_HKDF_DATA => Ok(MechanismType::HKDF_DATA),
+            CKM_ML_KEM_KEY_PAIR_GEN => Ok(MechanismType::ML_KEM_KEY_PAIR_GEN),
+            CKM_ML_KEM => Ok(MechanismType::ML_KEM),
             other => {
                 error!("Mechanism type {} is not supported.", other);
                 Err(Error::NotSupported)
@@ -1021,6 +1033,12 @@ pub enum Mechanism<'a> {
     /// HKDF-DATA mechanism
     HkdfData(hkdf::HkdfParams<'a>),
 
+    // ML-KEM
+    /// ML-KEM key pair generation mechanism
+    MlKemKeyPairGen,
+    /// ML-KEM key encacpsulation/decapsulation mechanism
+    MlKem,
+
     /// Vendor defined mechanism
     VendorDefined(VendorDefinedMechanism<'a>),
 }
@@ -1102,6 +1120,9 @@ impl Mechanism<'_> {
             Mechanism::HkdfDerive(_) => MechanismType::HKDF_DERIVE,
             Mechanism::HkdfData(_) => MechanismType::HKDF_DATA,
 
+            Mechanism::MlKemKeyPairGen => MechanismType::ML_KEM_KEY_PAIR_GEN,
+            Mechanism::MlKem => MechanismType::ML_KEM,
+
             Mechanism::VendorDefined(vm) => MechanismType {
                 val: vm.inner.mechanism,
             },
@@ -1198,7 +1219,9 @@ impl From<&Mechanism<'_>> for CK_MECHANISM {
             | Mechanism::Sha384KeyGen
             | Mechanism::Sha512KeyGen
             | Mechanism::GenericSecretKeyGen
-            | Mechanism::HkdfKeyGen => CK_MECHANISM {
+            | Mechanism::HkdfKeyGen
+            | Mechanism::MlKemKeyPairGen
+            | Mechanism::MlKem => CK_MECHANISM {
                 mechanism,
                 pParameter: null_mut(),
                 ulParameterLen: 0,