kem

package
v1.17.28 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 31, 2025 License: BSD-3-Clause Imports: 10 Imported by: 0

Documentation

Overview

Package kem provides post-quantum Key Encapsulation Mechanisms

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type HybridKEMImpl 

type HybridKEMImpl struct {
	// contains filtered or unexported fields
}

HybridKEMImpl implements hybrid X25519 + ML-KEM-768

func (*HybridKEMImpl) CiphertextSize 

func (h *HybridKEMImpl) CiphertextSize() int

func (*HybridKEMImpl) Decapsulate 

func (h *HybridKEMImpl) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

Decapsulate performs hybrid decapsulation

func (*HybridKEMImpl) Encapsulate 

func (h *HybridKEMImpl) Encapsulate(pk PublicKey) ([]byte, []byte, error)

Encapsulate performs hybrid encapsulation

func (*HybridKEMImpl) GenerateKeyPair 

func (h *HybridKEMImpl) GenerateKeyPair() (PublicKey, PrivateKey, error)

GenerateKeyPair generates a hybrid key pair

func (*HybridKEMImpl) PrivateKeySize 

func (h *HybridKEMImpl) PrivateKeySize() int

func (*HybridKEMImpl) PublicKeySize 

func (h *HybridKEMImpl) PublicKeySize() int

Size methods for hybrid KEM

func (*HybridKEMImpl) SharedSecretSize 

func (h *HybridKEMImpl) SharedSecretSize() int

type HybridPrivateKey 

type HybridPrivateKey struct {
	X25519SK PrivateKey
	MLKEMSK  PrivateKey
}

HybridPrivateKey contains both X25519 and ML-KEM private keys

func (*HybridPrivateKey) Bytes 

func (sk *HybridPrivateKey) Bytes() []byte

Bytes returns the concatenated private key bytes

func (*HybridPrivateKey) Equal 

func (sk *HybridPrivateKey) Equal(other PrivateKey) bool

Equal checks if two hybrid private keys are equal

func (*HybridPrivateKey) Public 

func (sk *HybridPrivateKey) Public() PublicKey

Public returns the hybrid public key

type HybridPublicKey 

type HybridPublicKey struct {
	X25519PK PublicKey
	MLKEMPK  PublicKey
}

HybridPublicKey contains both X25519 and ML-KEM public keys

func (*HybridPublicKey) Bytes 

func (pk *HybridPublicKey) Bytes() []byte

Bytes returns the concatenated public key bytes

func (*HybridPublicKey) Equal 

func (pk *HybridPublicKey) Equal(other PublicKey) bool

Equal checks if two hybrid public keys are equal

type KEM 

type KEM interface {
	// GenerateKeyPair generates a new KEM key pair
	GenerateKeyPair() (PublicKey, PrivateKey, error)

	// Encapsulate generates a shared secret and ciphertext
	Encapsulate(pk PublicKey) (ciphertext []byte, sharedSecret []byte, err error)

	// Decapsulate recovers the shared secret from ciphertext
	Decapsulate(sk PrivateKey, ciphertext []byte) (sharedSecret []byte, err error)

	// PublicKeySize returns the size of public keys
	PublicKeySize() int

	// PrivateKeySize returns the size of private keys
	PrivateKeySize() int

	// CiphertextSize returns the size of ciphertexts
	CiphertextSize() int

	// SharedSecretSize returns the size of shared secrets
	SharedSecretSize() int
}

KEM interface for key encapsulation mechanisms

func GetKEM 

func GetKEM(id KemID) (KEM, error)

GetKEM returns a KEM implementation for the given ID

func NewHybrid 

func NewHybrid() (KEM, error)

NewHybrid creates a new hybrid KEM (X25519 + ML-KEM-768)

func NewHybridKEM 

func NewHybridKEM() KEM

NewHybridKEM creates a new hybrid KEM instance

func NewMLKEM768 

func NewMLKEM768() (KEM, error)

NewMLKEM768 creates a new ML-KEM-768 instance It automatically selects CGO or pure Go implementation based on availability

func NewMLKEM768CGO 

func NewMLKEM768CGO() (KEM, error)

NewMLKEM768CGO returns an error when liboqs is not available

func NewMLKEM1024 

func NewMLKEM1024() (KEM, error)

NewMLKEM1024 creates a new ML-KEM-1024 instance It automatically selects CGO or pure Go implementation based on availability

func NewMLKEM1024CGO 

func NewMLKEM1024CGO() (KEM, error)

NewMLKEM1024CGO returns an error when liboqs is not available

func NewX25519 

func NewX25519() KEM

NewX25519 creates a new X25519 KEM instance

func NewX25519Factory 

func NewX25519Factory() (KEM, error)

NewX25519Factory creates a new X25519 instance with error handling

type KemID 

type KemID string

KemID identifies a KEM algorithm 

const (
	MLKEM768  KemID = "mlkem768"
	MLKEM1024 KemID = "mlkem1024"
	X25519    KemID = "x25519"
	HybridKEM KemID = "x25519+mlkem768"
)

type MLKEM768Impl 

type MLKEM768Impl struct {
	// contains filtered or unexported fields
}

MLKEM768 implements ML-KEM-768 (Kyber768)

func (*MLKEM768Impl) CiphertextSize 

func (m *MLKEM768Impl) CiphertextSize() int

CiphertextSize returns the size of ciphertexts

func (*MLKEM768Impl) Decapsulate 

func (m *MLKEM768Impl) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

Decapsulate recovers the shared secret from ciphertext

func (*MLKEM768Impl) Encapsulate 

func (m *MLKEM768Impl) Encapsulate(pk PublicKey) ([]byte, []byte, error)

Encapsulate generates a shared secret and ciphertext

func (*MLKEM768Impl) GenerateKeyPair 

func (m *MLKEM768Impl) GenerateKeyPair() (PublicKey, PrivateKey, error)

GenerateKeyPair generates a new ML-KEM-768 key pair

func (*MLKEM768Impl) PrivateKeySize 

func (m *MLKEM768Impl) PrivateKeySize() int

PrivateKeySize returns the size of private keys

func (*MLKEM768Impl) PublicKeySize 

func (m *MLKEM768Impl) PublicKeySize() int

PublicKeySize returns the size of public keys

func (*MLKEM768Impl) SharedSecretSize 

func (m *MLKEM768Impl) SharedSecretSize() int

SharedSecretSize returns the size of shared secrets

type MLKEM768PrivateKey 

type MLKEM768PrivateKey struct {
	// contains filtered or unexported fields
}

MLKEM768PrivateKey represents an ML-KEM-768 private key

func (*MLKEM768PrivateKey) Bytes 

func (sk *MLKEM768PrivateKey) Bytes() []byte

Bytes returns the raw bytes of the private key

func (*MLKEM768PrivateKey) Equal 

func (sk *MLKEM768PrivateKey) Equal(other PrivateKey) bool

Equal checks if two private keys are equal

func (*MLKEM768PrivateKey) Public 

func (sk *MLKEM768PrivateKey) Public() PublicKey

Public returns the public key corresponding to the private key

type MLKEM768PublicKey 

type MLKEM768PublicKey struct {
	// contains filtered or unexported fields
}

MLKEM768PublicKey represents an ML-KEM-768 public key

func (*MLKEM768PublicKey) Bytes 

func (pk *MLKEM768PublicKey) Bytes() []byte

Bytes returns the raw bytes of the public key

func (*MLKEM768PublicKey) Equal 

func (pk *MLKEM768PublicKey) Equal(other PublicKey) bool

Equal checks if two public keys are equal

type MLKEM1024Impl 

type MLKEM1024Impl struct {
	// contains filtered or unexported fields
}

MLKEM1024 implementation (similar structure, different parameters)

func (*MLKEM1024Impl) CiphertextSize 

func (m *MLKEM1024Impl) CiphertextSize() int

func (*MLKEM1024Impl) Decapsulate 

func (m *MLKEM1024Impl) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

Decapsulate for ML-KEM-1024

func (*MLKEM1024Impl) Encapsulate 

func (m *MLKEM1024Impl) Encapsulate(pk PublicKey) ([]byte, []byte, error)

Encapsulate for ML-KEM-1024

func (*MLKEM1024Impl) GenerateKeyPair 

func (m *MLKEM1024Impl) GenerateKeyPair() (PublicKey, PrivateKey, error)

GenerateKeyPair generates a new ML-KEM-1024 key pair

func (*MLKEM1024Impl) PrivateKeySize 

func (m *MLKEM1024Impl) PrivateKeySize() int

func (*MLKEM1024Impl) PublicKeySize 

func (m *MLKEM1024Impl) PublicKeySize() int

Size methods for ML-KEM-1024

func (*MLKEM1024Impl) SharedSecretSize 

func (m *MLKEM1024Impl) SharedSecretSize() int

type MLKEM1024PrivateKey 

type MLKEM1024PrivateKey struct {
	// contains filtered or unexported fields
}

MLKEM1024PrivateKey represents an ML-KEM-1024 private key

func (*MLKEM1024PrivateKey) Bytes 

func (sk *MLKEM1024PrivateKey) Bytes() []byte

Bytes returns the raw bytes of the private key

func (*MLKEM1024PrivateKey) Equal 

func (sk *MLKEM1024PrivateKey) Equal(other PrivateKey) bool

Equal checks if two private keys are equal

func (*MLKEM1024PrivateKey) Public 

func (sk *MLKEM1024PrivateKey) Public() PublicKey

Public returns the public key corresponding to the private key

type MLKEM1024PublicKey 

type MLKEM1024PublicKey struct {
	// contains filtered or unexported fields
}

MLKEM1024PublicKey represents an ML-KEM-1024 public key

func (*MLKEM1024PublicKey) Bytes 

func (pk *MLKEM1024PublicKey) Bytes() []byte

Bytes returns the raw bytes of the public key

func (*MLKEM1024PublicKey) Equal 

func (pk *MLKEM1024PublicKey) Equal(other PublicKey) bool

Equal checks if two public keys are equal

type PrivateKey 

type PrivateKey interface {
	Bytes() []byte
	Public() PublicKey
	Equal(PrivateKey) bool
}

PrivateKey represents a KEM private key

type PublicKey 

type PublicKey interface {
	Bytes() []byte
	Equal(PublicKey) bool
}

PublicKey represents a KEM public key

type X25519Impl 

type X25519Impl struct{}

X25519Impl implements X25519 as a KEM

func (*X25519Impl) CiphertextSize 

func (x *X25519Impl) CiphertextSize() int

func (*X25519Impl) Decapsulate 

func (x *X25519Impl) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

Decapsulate recovers shared secret using private key

func (*X25519Impl) Encapsulate 

func (x *X25519Impl) Encapsulate(pk PublicKey) ([]byte, []byte, error)

Encapsulate generates ephemeral key and shared secret

func (*X25519Impl) GenerateKeyPair 

func (x *X25519Impl) GenerateKeyPair() (PublicKey, PrivateKey, error)

GenerateKeyPair generates a new X25519 key pair

func (*X25519Impl) PrivateKeySize 

func (x *X25519Impl) PrivateKeySize() int

func (*X25519Impl) PublicKeySize 

func (x *X25519Impl) PublicKeySize() int

Size methods for X25519

func (*X25519Impl) SharedSecretSize 

func (x *X25519Impl) SharedSecretSize() int

type X25519PrivateKey 

type X25519PrivateKey struct {
	// contains filtered or unexported fields
}

X25519PrivateKey represents an X25519 private key

func (*X25519PrivateKey) Bytes 

func (sk *X25519PrivateKey) Bytes() []byte

Bytes returns the private key bytes

func (*X25519PrivateKey) Equal 

func (sk *X25519PrivateKey) Equal(other PrivateKey) bool

Equal checks if two private keys are equal

func (*X25519PrivateKey) Public 

func (sk *X25519PrivateKey) Public() PublicKey

Public returns the public key

type X25519PublicKey 

type X25519PublicKey struct {
	// contains filtered or unexported fields
}

X25519PublicKey represents an X25519 public key

func (*X25519PublicKey) Bytes 

func (pk *X25519PublicKey) Bytes() []byte

Bytes returns the public key bytes

func (*X25519PublicKey) Equal 

func (pk *X25519PublicKey) Equal(other PublicKey) bool

Equal checks if two public keys are equal

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.