Adding ECC KEM

NIIBE Yutaka gniibe at
Fri Mar 29 02:10:24 CET 2024


Simon Josefsson <simon at> wrote:
> Nice!  Is this intended to be compatible with HPKE ECC KEM?

Yes.  GCRY_KEM_DHKEM25519 is for DHKEM with X25519, HKDF, and SHA256
described in RFC 9180.

> Did you validate test vectors?

In my working branch of last year, I added test vectors from RFC 9180.;2f93e53f6525155b4c78419d55b35a35cde84907$349

It was tested at that time.  I plan to merge this test into master.
(Currently, tests/t-kem only has generate-encap-decap tests.)

So, the answer is: yes, I did, but not yet with master.  

More information about the Gcrypt-devel mailing list