kem

package
v0.0.0-...-a03f3f8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package kem provides Key Encapsulation Mechanism used to derive a shared secret from asymmetric materials.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrDeserialization is raised when the given material can't be decoded as
	// the expected key type.
	ErrDeserialization = errors.New("unable to deserialize key content")
	// ErrEncap is raised when an error occurred during shared secret encapsulation.
	ErrEncap = errors.New("unable to encapsulate the shared secret")
	// ErrDecap is raised when an error occurred during shared secret decapsulation.
	ErrDecap = errors.New("unable to decapsulate the shared secret")
)

Functions

This section is empty.

Types

type KEM 

type KEM uint16

KEM represent iana-registered KEM identifier. https://www.iana.org/assignments/hpke/hpke.xhtml 

const (
	DHKEM_P256_HDKF_SHA256   KEM = 0x0010
	DHKEM_P384_HDKF_SHA384   KEM = 0x0011
	DHKEM_P521_HDKF_SHA512   KEM = 0x0012
	DHKEM_CP256_HDKF_SHA256  KEM = 0x0013
	DHKEM_CP384_HDKF_SHA384  KEM = 0x0014
	DHKEM_CP521_HDKF_SHA512  KEM = 0x0015
	DHKEM_X25519_HDKF_SHA256 KEM = 0x0020
)

func (KEM) IsValid 

func (k KEM) IsValid() bool

IsValid checks if the given KEM is supported.

func (KEM) Scheme 

func (k KEM) Scheme() Scheme

Scheme returns an initialized KEM scheme instance.

type Scheme 

type Scheme interface {
	SuiteID() []byte
	GenerateKeyPair() (*ecdh.PublicKey, *ecdh.PrivateKey, error)
	DeriveKeyPair(seed []byte) (*ecdh.PublicKey, *ecdh.PrivateKey, error)
	SerializePublicKey(pkX *ecdh.PublicKey) []byte
	DeserializePublicKey(pkXxm []byte) (*ecdh.PublicKey, error)
	SerializePrivateKey(sk *ecdh.PrivateKey) []byte
	DeserializePrivateKey(skRaw []byte) (*ecdh.PrivateKey, error)
	Encapsulate(pkR *ecdh.PublicKey) (ss, enc []byte, err error)
	EncapsulateDeterministically(seed []byte, pkR *ecdh.PublicKey) (ss, enc []byte, err error)
	Decapsulate(enc []byte, skR *ecdh.PrivateKey) ([]byte, error)
	AuthEncapsulate(pkR *ecdh.PublicKey, skS *ecdh.PrivateKey) (ss, enc []byte, err error)
	AuthEncapsulateDeterministically(seed []byte, pkR *ecdh.PublicKey, skS *ecdh.PrivateKey) (ss, enc []byte, err error)
	AuthDecapsulate(enc []byte, skR *ecdh.PrivateKey, pkS *ecdh.PublicKey) ([]byte, error)
	EncapsulationSize() uint16
	PublicKeySize() uint16
	PrivateKeySize() uint16
	SecretSize() uint16
}

Scheme defines the default KEM suite contract.

func DHKEMCP256HKDFSHA256 

func DHKEMCP256HKDFSHA256() Scheme

DHKEMCP256HKDFSHA256 defines a KEM Suite based on compact P-256 curve with HKDF-SHA256 for shared secret derivation.

func DHKEMCP384HKDFSHA384 

func DHKEMCP384HKDFSHA384() Scheme

DHKEMCP384HKDFSHA384 defines a KEM Suite based on compact P-384 curve with HKDF-SHA384 for shared secret derivation.

func DHKEMCP521HKDFSHA512 

func DHKEMCP521HKDFSHA512() Scheme

DHKEMCP521HKDFSHA512 defines a KEM Suite based on compact P-521 curve with HKDF-SHA512 for shared secret derivation.

func DHKEMP256HKDFSHA256 

func DHKEMP256HKDFSHA256() Scheme

DHKEMP256HKDFSHA256 defines a KEM Suite based on P-256 curve with HKDF-SHA256 for shared secret derivation.

func DHKEMP384HKDFSHA384 

func DHKEMP384HKDFSHA384() Scheme

DHKEMP384HKDFSHA384 defines a KEM Suite based on P-384 curve with HKDF-SHA384 for shared secret derivation.

func DHKEMP521HKDFSHA512 

func DHKEMP521HKDFSHA512() Scheme

DHKEMP521HKDFSHA512 defines a KEM Suite based on P-521 curve with HKDF-SHA512 for shared secret derivation.

func DHKEMX25519HKDFSHA256 

func DHKEMX25519HKDFSHA256() Scheme

DHKEMX25519HKDFSHA256 defines a KEM Suite based on Curve25519 curve with HKDF-SHA256 for shared secret derivation.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.