Adding new public key KEM API

Falko Strenzke falko.strenzke at
Wed Oct 18 11:00:36 CEST 2023

I also would prefer to provide the length of each encoded value in the 
function signature explicitly.

Regarding the values which will de facto be byte arrays (keys, shared 
secret), they should be passed as (const)unsigned char* in my opinion.

For the context object, as I wrote before, I think it should be a 
specific type. This would be in line with existing API functions for 
hash functions, MAC, etc. Or is there a specific reason to make the type 
obscure specifically in this case?

- Falko

Am 18.10.23 um 10:21 schrieb Werner Koch via Gcrypt-devel:
> Hi!
> On Tue, 17 Oct 2023 15:27, NIIBE Yutaka said:
>> In this API, format of the CONTEXT, PUBKEY, SECKEY, CIPHERTEXT,
>> SHARED_SECRET are defined by ALGO.  (Most of the cases, it's
>> fixed-length byte string.)
> I really would like to see a size parmater for each pointer.  This can
> help to detect eerrrors earlier, avoid problems with API/ABI mismatches,
> and makes low-level language bindings easier to write.
> Regarding the context parameter, I consider this extremely useful and it
> was a misconception that we did not add this to the other public key
> functions.  Most other subsystems in Libgcrypt follow the open-use-close
> paradigm with the public key functions beeing the major exception.
> The context parameter offers us a way to do pre-computations and keep to
> keep other kinds of state.
> Salam-Shalom,
>     Werner
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel at

Dr. Falko Strenzke
Executive System Architect

Phone: +49 6151 8000 24
E-Mail: falko.strenzke at
Web: <>


MTG AG - Dolivostr. 11 - 64293 Darmstadt, Germany
Commercial register: HRB 8901
Register Court: Amtsgericht Darmstadt
Management Board: Jürgen Ruf (CEO), Tamer Kemeröz
Chairman of the Supervisory Board: Dr. Thomas Milde

This email may contain confidential and/or privileged information. If 
you are not the correct recipient or have received this email in error,
please inform the sender immediately and delete this email. Unauthorised 
copying or distribution of this email is not permitted.

Data protection information: Privacy policy 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: Kryptografische S/MIME-Signatur
URL: <>

More information about the Gcrypt-devel mailing list