mlkem_ecdh

package

v1.1.3-proton.2 Latest Latest Go to latest Published: Dec 5, 2024 License: BSD-3-Clause Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package mlkem_ecdh implements hybrid ML-KEM + ECDH encryption, suitable for OpenPGP, experimental. It follows the spec https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html#name-composite-kem-schemes

Index ¶

Constants
func DecodeFields(r io.Reader, lenEcc, lenMlkem int, v6 bool) (encryptedMPI1, encryptedMPI2, encryptedMPI3 encoding.Field, ...)
func Decrypt(priv *PrivateKey, kEphemeral, ecEphemeral, ciphertext []byte) (msg []byte, err error)
func EncodeFields(w io.Writer, ec, ml, encryptedSessionKey []byte, cipherFunction byte, v6 bool) (err error)
func Encrypt(rand io.Reader, pub *PublicKey, msg []byte) (kEphemeral, ecEphemeral, ciphertext []byte, err error)
func Validate(priv *PrivateKey) (err error)
type PrivateKey
- func GenerateKey(rand io.Reader, algId uint8, c ecc.ECDHCurve, k kem.Scheme) (priv *PrivateKey, err error)
- func (priv *PrivateKey) DeriveMlKemKeys(seed []byte, overridePublicKey bool) (err error)
type PublicKey

Constants ¶

View Source

const (
	MlKemSeedLen = 64
)

Variables ¶

This section is empty.

Functions ¶

func DecodeFields ¶

func DecodeFields(r io.Reader, lenEcc, lenMlkem int, v6 bool) (encryptedMPI1, encryptedMPI2, encryptedMPI3 encoding.Field, cipherFunction byte, err error)

DecodeFields decodes an ML-KEM + ECDH session key encryption fields as ephemeral ECDH public key | ML-KEM ciphertext | follow byte length | cipherFunction (v3 only) | encryptedSessionKey.

func Decrypt ¶

func Decrypt(priv *PrivateKey, kEphemeral, ecEphemeral, ciphertext []byte) (msg []byte, err error)

Decrypt implements ML-KEM + ECC decryption as specified in https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html#name-decryption-procedure

func EncodeFields ¶

func EncodeFields(w io.Writer, ec, ml, encryptedSessionKey []byte, cipherFunction byte, v6 bool) (err error)

EncodeFields encodes an ML-KEM + ECDH session key encryption fields as ephemeral ECDH public key | ML-KEM ciphertext | follow byte length | cipherFunction (v3 only) | encryptedSessionKey and writes it to writer.

func Encrypt ¶

func Encrypt(rand io.Reader, pub *PublicKey, msg []byte) (kEphemeral, ecEphemeral, ciphertext []byte, err error)

Encrypt implements ML-KEM + ECC encryption as specified in https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html#name-encryption-procedure

func Validate ¶

func Validate(priv *PrivateKey) (err error)

Validate checks that the public key corresponds to the private key

Types ¶

type PrivateKey ¶

type PrivateKey struct {
	PublicKey
	SecretEc        []byte
	SecretMlkem     kem.PrivateKey
	SecretMlkemSeed []byte
}

func GenerateKey ¶

func GenerateKey(rand io.Reader, algId uint8, c ecc.ECDHCurve, k kem.Scheme) (priv *PrivateKey, err error)

GenerateKey implements ML-KEM + ECC key generation as specified in https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html#name-key-generation-procedure

func (*PrivateKey) DeriveMlKemKeys ¶

func (priv *PrivateKey) DeriveMlKemKeys(seed []byte, overridePublicKey bool) (err error)

DeriveMlKemKeys derives the ML-KEM keys from the provided seed and stores them inside priv.

type PublicKey ¶

type PublicKey struct {
	AlgId       uint8
	Curve       ecc.ECDHCurve
	Mlkem       kem.Scheme
	PublicMlkem kem.PublicKey
	PublicPoint []byte
}

Source Files ¶

View all Source files

mlkem_ecdh.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL