Documentation ¶
Overview ¶
Package kem provides Key Encapsulation Mechanism used to derive a shared secret from asymmetric materials.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrDeserialization is raised when the given material can't be decoded as // the expected key type. ErrDeserialization = errors.New("unable to deserialize key content") // ErrEncap is raised when an error occurred during shared secret encapsulation. ErrEncap = errors.New("unable to encapsulate the shared secret") // ErrDecap is raised when an error occurred during shared secret decapsulation. ErrDecap = errors.New("unable to decapsulate the shared secret") )
Functions ¶
This section is empty.
Types ¶
type KEM ¶
type KEM uint16
KEM represent iana-registered KEM identifier. https://www.iana.org/assignments/hpke/hpke.xhtml
type Scheme ¶
type Scheme interface { SuiteID() []byte GenerateKeyPair() (*ecdh.PublicKey, *ecdh.PrivateKey, error) DeriveKeyPair(seed []byte) (*ecdh.PublicKey, *ecdh.PrivateKey, error) SerializePublicKey(pkX *ecdh.PublicKey) []byte DeserializePublicKey(pkXxm []byte) (*ecdh.PublicKey, error) SerializePrivateKey(sk *ecdh.PrivateKey) []byte DeserializePrivateKey(skRaw []byte) (*ecdh.PrivateKey, error) Encapsulate(pkR *ecdh.PublicKey) (ss, enc []byte, err error) EncapsulateDeterministically(seed []byte, pkR *ecdh.PublicKey) (ss, enc []byte, err error) Decapsulate(enc []byte, skR *ecdh.PrivateKey) ([]byte, error) AuthEncapsulate(pkR *ecdh.PublicKey, skS *ecdh.PrivateKey) (ss, enc []byte, err error) AuthEncapsulateDeterministically(seed []byte, pkR *ecdh.PublicKey, skS *ecdh.PrivateKey) (ss, enc []byte, err error) AuthDecapsulate(enc []byte, skR *ecdh.PrivateKey, pkS *ecdh.PublicKey) ([]byte, error) EncapsulationSize() uint16 PublicKeySize() uint16 PrivateKeySize() uint16 SecretSize() uint16 }
Scheme defines the default KEM suite contract.
func DHKEMCP256HKDFSHA256 ¶
func DHKEMCP256HKDFSHA256() Scheme
DHKEMCP256HKDFSHA256 defines a KEM Suite based on compact P-256 curve with HKDF-SHA256 for shared secret derivation.
func DHKEMCP384HKDFSHA384 ¶
func DHKEMCP384HKDFSHA384() Scheme
DHKEMCP384HKDFSHA384 defines a KEM Suite based on compact P-384 curve with HKDF-SHA384 for shared secret derivation.
func DHKEMCP521HKDFSHA512 ¶
func DHKEMCP521HKDFSHA512() Scheme
DHKEMCP521HKDFSHA512 defines a KEM Suite based on compact P-521 curve with HKDF-SHA512 for shared secret derivation.
func DHKEMP256HKDFSHA256 ¶
func DHKEMP256HKDFSHA256() Scheme
DHKEMP256HKDFSHA256 defines a KEM Suite based on P-256 curve with HKDF-SHA256 for shared secret derivation.
func DHKEMP384HKDFSHA384 ¶
func DHKEMP384HKDFSHA384() Scheme
DHKEMP384HKDFSHA384 defines a KEM Suite based on P-384 curve with HKDF-SHA384 for shared secret derivation.
func DHKEMP521HKDFSHA512 ¶
func DHKEMP521HKDFSHA512() Scheme
DHKEMP521HKDFSHA512 defines a KEM Suite based on P-521 curve with HKDF-SHA512 for shared secret derivation.
func DHKEMX25519HKDFSHA256 ¶
func DHKEMX25519HKDFSHA256() Scheme
DHKEMX25519HKDFSHA256 defines a KEM Suite based on Curve25519 curve with HKDF-SHA256 for shared secret derivation.