package mlkem_ecdh
import "github.com/ProtonMail/go-crypto/openpgp/mlkem_ecdh"
Package mlkem_ecdh implements hybrid ML-KEM + ECDH encryption, suitable for OpenPGP, experimental. It follows the spec https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html#name-composite-kem-schemes
Index ¶
- Constants
- func DecodeFields(r io.Reader, lenEcc, lenMlkem int, v6 bool) (encryptedMPI1, encryptedMPI2, encryptedMPI3 encoding.Field, cipherFunction byte, err error)
- func Decrypt(priv *PrivateKey, kEphemeral, ecEphemeral, ciphertext []byte) (msg []byte, err error)
- func EncodeFields(w io.Writer, ec, ml, encryptedSessionKey []byte, cipherFunction byte, v6 bool) (err error)
- func Encrypt(rand io.Reader, pub *PublicKey, msg []byte) (kEphemeral, ecEphemeral, ciphertext []byte, err error)
- func Validate(priv *PrivateKey) (err error)
- type PrivateKey
- func GenerateKey(rand io.Reader, algId uint8, c ecc.ECDHCurve, k kem.Scheme) (priv *PrivateKey, err error)
- func (priv *PrivateKey) DeriveMlKemKeys(seed []byte, overridePublicKey bool) (err error)
- type PublicKey
Constants ¶
const (
MlKemSeedLen = 64
)
Functions ¶
func DecodeFields ¶
func DecodeFields(r io.Reader, lenEcc, lenMlkem int, v6 bool) (encryptedMPI1, encryptedMPI2, encryptedMPI3 encoding.Field, cipherFunction byte, err error)
DecodeFields decodes an ML-KEM + ECDH session key encryption fields as ephemeral ECDH public key | ML-KEM ciphertext | follow byte length | cipherFunction (v3 only) | encryptedSessionKey.
func Decrypt ¶
func Decrypt(priv *PrivateKey, kEphemeral, ecEphemeral, ciphertext []byte) (msg []byte, err error)
Decrypt implements ML-KEM + ECC decryption as specified in https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html#name-decryption-procedure
func EncodeFields ¶
func EncodeFields(w io.Writer, ec, ml, encryptedSessionKey []byte, cipherFunction byte, v6 bool) (err error)
EncodeFields encodes an ML-KEM + ECDH session key encryption fields as ephemeral ECDH public key | ML-KEM ciphertext | follow byte length | cipherFunction (v3 only) | encryptedSessionKey and writes it to writer.
func Encrypt ¶
func Encrypt(rand io.Reader, pub *PublicKey, msg []byte) (kEphemeral, ecEphemeral, ciphertext []byte, err error)
Encrypt implements ML-KEM + ECC encryption as specified in https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html#name-encryption-procedure
func Validate ¶
func Validate(priv *PrivateKey) (err error)
Validate checks that the public key corresponds to the private key
Types ¶
type PrivateKey ¶
type PrivateKey struct {
PublicKey
SecretEc []byte
SecretMlkem kem.PrivateKey
SecretMlkemSeed []byte
}
func GenerateKey ¶
func GenerateKey(rand io.Reader, algId uint8, c ecc.ECDHCurve, k kem.Scheme) (priv *PrivateKey, err error)
GenerateKey implements ML-KEM + ECC key generation as specified in https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html#name-key-generation-procedure
func (*PrivateKey) DeriveMlKemKeys ¶
func (priv *PrivateKey) DeriveMlKemKeys(seed []byte, overridePublicKey bool) (err error)
DeriveMlKemKeys derives the ML-KEM keys from the provided seed and stores them inside priv.
type PublicKey ¶
type PublicKey struct {
AlgId uint8
Curve ecc.ECDHCurve
Mlkem kem.Scheme
PublicMlkem kem.PublicKey
PublicPoint []byte
}
Source Files ¶
- Version
- v1.1.3-proton
- Published
- Nov 25, 2024
- Platform
- windows/amd64
- Imports
- 9 packages
- Last checked
- 9 minutes ago –
Tools for package owners.