Adding new public key KEM API
Simon Josefsson
simon at josefsson.org
Tue Oct 17 16:27:42 CEST 2023
NIIBE Yutaka <gniibe at fsij.org> writes:
> gcry_error_t gcry_kem_keypair (int algo, const void *context,
> void *pubkey,
> void *seckey);
>
> gcry_error_t gcry_kem_encap (int algo, const void *context,
> const void *pubkey,
> void *ciphertext,
> void *shared_secret);
>
> gcry_error_t gcry_kem_decap (int algo, const void *context,
> const void *seckey,
> const void *ciphertext,
> void *shared_secret);
Thanks for working on this, this looks okay to me.
Is there any known algorithm that will make use of CONTEXT? If not, I
suggest to drop the variable and when/if the need arise, add a separate
API for that use-case later on.
Some future KEM's MAY also have variable-length outputs, so a 'size_t
shared_secret_length' parameter would be useful, however similar to my
comment about CONTEXT; I believe it is better to have a separate API for
that use-case, when/if that arise, instead of polluting the API for
normal use-cases with extra parameters.
/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 255 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20231017/0cecfc2f/attachment.sig>
More information about the Gcrypt-devel
mailing list