Adding new public key KEM API

Werner Koch wk at
Thu Oct 19 10:17:50 CEST 2023

On Thu, 19 Oct 2023 16:37, NIIBE Yutaka said:

> gcry_error_t gcry_kem_decap (int algo,
>                              const void *seckey,
>                              const void *ciphertext,
>                              void *shared_secret);

I still don't feel comfortable without a size argument.  And if we add 3
more args we can also add con context one which we won't use.  For the
caller it does not make a difference.  Switching to a open-use-close
scheme would mahe a large difference.

> If needed, we will be able to add another API for KEM.

Which needs to be maintained etc.  I am more in favor of preparing for
the future.  With the void pointers this is easy but a forsafety checks
we should have size args.



The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <>

More information about the Gcrypt-devel mailing list