liboqs
|
Key encapsulation mechanisms. More...
#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
#include <oqs/oqs.h>
Go to the source code of this file.
Data Structures | |
struct | OQS_KEM |
Typedefs | |
typedef struct OQS_KEM | OQS_KEM |
Functions | |
OQS_API const char * | OQS_KEM_alg_identifier (size_t i) |
OQS_API int | OQS_KEM_alg_count (void) |
OQS_API int | OQS_KEM_alg_is_enabled (const char *method_name) |
OQS_API OQS_KEM * | OQS_KEM_new (const char *method_name) |
OQS_API OQS_STATUS | OQS_KEM_keypair_derand (const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) |
OQS_API OQS_STATUS | OQS_KEM_keypair (const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key) |
OQS_API OQS_STATUS | OQS_KEM_encaps (const OQS_KEM *kem, uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) |
OQS_API OQS_STATUS | OQS_KEM_decaps (const OQS_KEM *kem, uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key) |
OQS_API void | OQS_KEM_free (OQS_KEM *kem) |
Key encapsulation mechanisms.
The file tests/example_kem.c contains two examples on using the OQS_KEM API.
The first example uses the individual scheme's algorithms directly and uses no dynamic memory allocation – all buffers are allocated on the stack, with sizes indicated using preprocessor macros. Since algorithms can be disabled at compile-time, the programmer should wrap the code in #ifdefs.
The second example uses an OQS_KEM object to use an algorithm specified at runtime. Therefore it uses dynamic memory allocation – all buffers must be malloc'ed by the programmer, with sizes indicated using the corresponding length member of the OQS_KEM object in question. Since algorithms can be disabled at compile-time, the programmer should check that the OQS_KEM object is not NULL.
SPDX-License-Identifier: MIT
#define OQS_KEM_alg_bike_l1 "BIKE-L1" |
Algorithm identifier for BIKE-L1 KEM (Round-4).
#define OQS_KEM_alg_bike_l3 "BIKE-L3" |
Algorithm identifier for BIKE-L3 KEM (Round-4).
#define OQS_KEM_alg_bike_l5 "BIKE-L5" |
Algorithm identifier for BIKE-L5 KEM (Round-4).
#define OQS_KEM_alg_classic_mceliece_348864 "Classic-McEliece-348864" |
Algorithm identifier for Classic-McEliece-348864 KEM.
#define OQS_KEM_alg_classic_mceliece_348864f "Classic-McEliece-348864f" |
Algorithm identifier for Classic-McEliece-348864f KEM.
#define OQS_KEM_alg_classic_mceliece_460896 "Classic-McEliece-460896" |
Algorithm identifier for Classic-McEliece-460896 KEM.
#define OQS_KEM_alg_classic_mceliece_460896f "Classic-McEliece-460896f" |
Algorithm identifier for Classic-McEliece-460896f KEM.
#define OQS_KEM_alg_classic_mceliece_6688128 "Classic-McEliece-6688128" |
Algorithm identifier for Classic-McEliece-6688128 KEM.
#define OQS_KEM_alg_classic_mceliece_6688128f "Classic-McEliece-6688128f" |
Algorithm identifier for Classic-McEliece-6688128f KEM.
#define OQS_KEM_alg_classic_mceliece_6960119 "Classic-McEliece-6960119" |
Algorithm identifier for Classic-McEliece-6960119 KEM.
#define OQS_KEM_alg_classic_mceliece_6960119f "Classic-McEliece-6960119f" |
Algorithm identifier for Classic-McEliece-6960119f KEM.
#define OQS_KEM_alg_classic_mceliece_8192128 "Classic-McEliece-8192128" |
Algorithm identifier for Classic-McEliece-8192128 KEM.
#define OQS_KEM_alg_classic_mceliece_8192128f "Classic-McEliece-8192128f" |
Algorithm identifier for Classic-McEliece-8192128f KEM.
#define OQS_KEM_alg_frodokem_1344_aes "FrodoKEM-1344-AES" |
Algorithm identifier for FrodoKEM-1344-AES KEM.
#define OQS_KEM_alg_frodokem_1344_shake "FrodoKEM-1344-SHAKE" |
Algorithm identifier for FrodoKEM-1344-SHAKE KEM.
#define OQS_KEM_alg_frodokem_640_aes "FrodoKEM-640-AES" |
Algorithm identifier for FrodoKEM-640-AES KEM.
#define OQS_KEM_alg_frodokem_640_shake "FrodoKEM-640-SHAKE" |
Algorithm identifier for FrodoKEM-640-SHAKE KEM.
#define OQS_KEM_alg_frodokem_976_aes "FrodoKEM-976-AES" |
Algorithm identifier for FrodoKEM-976-AES KEM.
#define OQS_KEM_alg_frodokem_976_shake "FrodoKEM-976-SHAKE" |
Algorithm identifier for FrodoKEM-976-SHAKE KEM.
#define OQS_KEM_alg_hqc_128 "HQC-128" |
Algorithm identifier for HQC-128 KEM.
#define OQS_KEM_alg_hqc_192 "HQC-192" |
Algorithm identifier for HQC-192 KEM.
#define OQS_KEM_alg_hqc_256 "HQC-256" |
Algorithm identifier for HQC-256 KEM.
#define OQS_KEM_alg_kyber_1024 "Kyber1024" |
Algorithm identifier for Kyber1024 KEM.
#define OQS_KEM_alg_kyber_512 "Kyber512" |
Algorithm identifier for Kyber512 KEM.
#define OQS_KEM_alg_kyber_768 "Kyber768" |
Algorithm identifier for Kyber768 KEM.
#define OQS_KEM_alg_ml_kem_1024 "ML-KEM-1024" |
Algorithm identifier for ML-KEM-1024 KEM.
#define OQS_KEM_alg_ml_kem_512 "ML-KEM-512" |
Algorithm identifier for ML-KEM-512 KEM.
#define OQS_KEM_alg_ml_kem_768 "ML-KEM-768" |
Algorithm identifier for ML-KEM-768 KEM.
#define OQS_KEM_alg_ntruprime_sntrup761 "sntrup761" |
Algorithm identifier for sntrup761 KEM.
#define OQS_KEM_algs_length 29 |
Number of algorithm identifiers above.
typedef struct OQS_KEM OQS_KEM |
Key encapsulation mechanism object
OQS_API int OQS_KEM_alg_count | ( | void | ) |
Returns the number of key encapsulation mechanisms in liboqs. They can be enumerated with OQS_KEM_alg_identifier.
Note that some mechanisms may be disabled at compile time.
OQS_API const char * OQS_KEM_alg_identifier | ( | size_t | i | ) |
Returns identifiers for available key encapsulation mechanisms in liboqs. Used with OQS_KEM_new.
Note that algorithm identifiers are present in this list even when the algorithm is disabled at compile time.
[in] | i | Index of the algorithm identifier to return, 0 <= i < OQS_KEM_algs_length |
OQS_API int OQS_KEM_alg_is_enabled | ( | const char * | method_name | ) |
Indicates whether the specified algorithm was enabled at compile-time or not.
[in] | method_name | Name of the desired algorithm; one of the names in OQS_KEM_algs. |
OQS_API OQS_STATUS OQS_KEM_decaps | ( | const OQS_KEM * | kem, |
uint8_t * | shared_secret, | ||
const uint8_t * | ciphertext, | ||
const uint8_t * | secret_key ) |
Decapsulation algorithm.
Caller is responsible for allocating sufficient memory for shared_secret, based on the length_* members in this object or the per-scheme compile-time macros OQS_KEM_*_length_*.
[in] | kem | The OQS_KEM object representing the KEM. |
[out] | shared_secret | The shared secret represented as a byte string. |
[in] | ciphertext | The ciphertext (encapsulation) represented as a byte string. |
[in] | secret_key | The secret key represented as a byte string. |
OQS_API OQS_STATUS OQS_KEM_encaps | ( | const OQS_KEM * | kem, |
uint8_t * | ciphertext, | ||
uint8_t * | shared_secret, | ||
const uint8_t * | public_key ) |
Encapsulation algorithm.
Caller is responsible for allocating sufficient memory for ciphertext and shared_secret, based on the length_* members in this object or the per-scheme compile-time macros OQS_KEM_*_length_*.
[in] | kem | The OQS_KEM object representing the KEM. |
[out] | ciphertext | The ciphertext (encapsulation) represented as a byte string. |
[out] | shared_secret | The shared secret represented as a byte string. |
[in] | public_key | The public key represented as a byte string. |
OQS_API OQS_STATUS OQS_KEM_keypair | ( | const OQS_KEM * | kem, |
uint8_t * | public_key, | ||
uint8_t * | secret_key ) |
Keypair generation algorithm.
Caller is responsible for allocating sufficient memory for public_key and secret_key, based on the length_* members in this object or the per-scheme compile-time macros OQS_KEM_*_length_*.
[in] | kem | The OQS_KEM object representing the KEM. |
[out] | public_key | The public key represented as a byte string. |
[out] | secret_key | The secret key represented as a byte string. |
OQS_API OQS_STATUS OQS_KEM_keypair_derand | ( | const OQS_KEM * | kem, |
uint8_t * | public_key, | ||
uint8_t * | secret_key, | ||
const uint8_t * | seed ) |
Derandomized keypair generation algorithm.
Caller is responsible for allocating sufficient memory for public_key and secret_key, based on the length_* members in this object or the per-scheme compile-time macros OQS_KEM_*_length_*.
[in] | kem | The OQS_KEM object representing the KEM. |
[out] | public_key | The public key represented as a byte string. |
[out] | secret_key | The secret key represented as a byte string. |
[in] | seed | The input randomness represented as a byte string. |
Constructs an OQS_KEM object for a particular algorithm.
Callers should always check whether the return value is NULL, which indicates either than an invalid algorithm name was provided, or that the requested algorithm was disabled at compile-time.
[in] | method_name | Name of the desired algorithm; one of the names in OQS_KEM_algs. |