Source File
mlkem768.go
Belonging Package
crypto/mlkem
// Copyright 2023 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Package mlkem implements the quantum-resistant key encapsulation method
// ML-KEM (formerly known as Kyber), as specified in [NIST FIPS 203].
//
// [NIST FIPS 203]: https://doi.org/10.6028/NIST.FIPS.203
package mlkem
import
const (
// SharedKeySize is the size of a shared key produced by ML-KEM.
SharedKeySize = 32
// SeedSize is the size of a seed used to generate a decapsulation key.
SeedSize = 64
// CiphertextSize768 is the size of a ciphertext produced by the 768-bit
// variant of ML-KEM.
CiphertextSize768 = 1088
// EncapsulationKeySize768 is the size of an encapsulation key for the
// 768-bit variant of ML-KEM.
EncapsulationKeySize768 = 1184
)
// DecapsulationKey768 is the secret key used to decapsulate a shared key
// from a ciphertext. It includes various precomputed values.
type DecapsulationKey768 struct {
key *mlkem.DecapsulationKey768
}
// GenerateKey768 generates a new decapsulation key, drawing random bytes from
// crypto/rand. The decapsulation key must be kept secret.
func () (*DecapsulationKey768, error) {
, := mlkem.GenerateKey768()
if != nil {
return nil,
}
return &DecapsulationKey768{}, nil
}
// NewDecapsulationKey768 parses a decapsulation key from a 64-byte seed in the
// "d || z" form. The seed must be uniformly random.
func ( []byte) (*DecapsulationKey768, error) {
, := mlkem.NewDecapsulationKey768()
if != nil {
return nil,
}
return &DecapsulationKey768{}, nil
}
// Bytes returns the decapsulation key as a 64-byte seed in the "d || z" form.
//
// The decapsulation key must be kept secret.
func ( *DecapsulationKey768) () []byte {
return .key.Bytes()
}
// Decapsulate generates a shared key from a ciphertext and a decapsulation
// key. If the ciphertext is not valid, Decapsulate returns an error.
//
// The shared key must be kept secret.
func ( *DecapsulationKey768) ( []byte) ( []byte, error) {
return .key.Decapsulate()
}
// EncapsulationKey returns the public encapsulation key necessary to produce
// ciphertexts.
func ( *DecapsulationKey768) () *EncapsulationKey768 {
return &EncapsulationKey768{.key.EncapsulationKey()}
}
// An EncapsulationKey768 is the public key used to produce ciphertexts to be
// decapsulated by the corresponding DecapsulationKey768.
type EncapsulationKey768 struct {
key *mlkem.EncapsulationKey768
}
// NewEncapsulationKey768 parses an encapsulation key from its encoded form. If
// the encapsulation key is not valid, NewEncapsulationKey768 returns an error.
func ( []byte) (*EncapsulationKey768, error) {
, := mlkem.NewEncapsulationKey768()
if != nil {
return nil,
}
return &EncapsulationKey768{}, nil
}
// Bytes returns the encapsulation key as a byte slice.
func ( *EncapsulationKey768) () []byte {
return .key.Bytes()
}
// Encapsulate generates a shared key and an associated ciphertext from an
// encapsulation key, drawing random bytes from crypto/rand.
//
// The shared key must be kept secret.
func ( *EncapsulationKey768) () (, []byte) {
return .key.Encapsulate()
}
The pages are generated with Golds v0.7.3. (GOOS=linux GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds. |