oqs

package
v0.0.0-...-28b5301 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 19, 2025 License: MIT Imports: 4 Imported by: 38

Documentation

Overview

Package oqs provides a GO wrapper for the C liboqs quantum-resistant library.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func EnabledKEMs 

func EnabledKEMs() []string

EnabledKEMs returns the list of enabled KEM algorithms.

func EnabledSigs 

func EnabledSigs() []string

EnabledSigs returns the list of enabled signature algorithms.

func IsKEMEnabled 

func IsKEMEnabled(algName string) bool

IsKEMEnabled returns true if a KEM algorithm is enabled, and false otherwise.

func IsKEMSupported 

func IsKEMSupported(algName string) bool

IsKEMSupported returns true if a KEM algorithm is supported, and false otherwise.

func IsSigEnabled 

func IsSigEnabled(algName string) bool

IsSigEnabled returns true if a signature algorithm is enabled, and false otherwise.

func IsSigSupported 

func IsSigSupported(algName string) bool

IsSigSupported returns true if a signature algorithm is supported, and false otherwise.

func KEMName 

func KEMName(algID int) (string, error)

KEMName returns the KEM algorithm name from its corresponding numerical ID.

func LiboqsVersion 

func LiboqsVersion() string

LiboqsVersion retrieves the underlying liboqs version string.

func MaxNumberKEMs 

func MaxNumberKEMs() int

MaxNumberKEMs returns the maximum number of supported KEM algorithms.

func MaxNumberSigs 

func MaxNumberSigs() int

MaxNumberSigs returns the maximum number of supported signature algorithms.

func MemCleanse 

func MemCleanse(v []byte)

MemCleanse sets to zero the content of a byte slice by invoking the liboqs OQS_MEM_cleanse() function. Use it to clean "hot" memory areas, such as secret keys etc.

func RandomBytes 

func RandomBytes(bytesToRead int) []byte

RandomBytes generates bytesToRead random bytes. This implementation uses either the default RNG algorithm ("system"), or whichever algorithm has been selected by RandomBytesSwitchAlgorithm.

func RandomBytesCustomAlgorithm 

func RandomBytesCustomAlgorithm(fun func([]byte, int)) error

RandomBytesCustomAlgorithm switches RandomBytes to use the given function. This allows additional custom RNGs besides the provided ones. The provided RNG function must have the same signature as RandomBytesInPlace, i.e. func([]byte, int).

func RandomBytesInPlace 

func RandomBytesInPlace(randomArray []byte, bytesToRead int)

RandomBytesInPlace generates bytesToRead random bytes. This implementation uses either the default RNG algorithm ("system"), or whichever algorithm has been selected by RandomBytesSwitchAlgorithm. If bytesToRead exceeds the size of randomArray, only len(randomArray) bytes are read.

func RandomBytesSwitchAlgorithm 

func RandomBytesSwitchAlgorithm(algName string) error

RandomBytesSwitchAlgorithm switches the core OQS_randombytes to use the specified algorithm. Possible values are "system" and "OpenSSL". See <oqs/rand.h> liboqs header for more details.

func SigName 

func SigName(algID int) (string, error)

SigName returns the signature algorithm name from its corresponding numerical ID.

func SupportedKEMs 

func SupportedKEMs() []string

SupportedKEMs returns the list of supported KEM algorithms.

func SupportedSigs 

func SupportedSigs() []string

SupportedSigs returns the list of supported signature algorithms.

Types

type KeyEncapsulation 

type KeyEncapsulation struct {
	// contains filtered or unexported fields
}

KeyEncapsulation defines the KEM main data structure.

func (*KeyEncapsulation) Clean 

func (kem *KeyEncapsulation) Clean()

Clean zeroes-in the stored secret key and resets the kem receiver. One can reuse the KEM by re-initializing it with the KeyEncapsulation.Init method.

func (*KeyEncapsulation) DecapSecret 

func (kem *KeyEncapsulation) DecapSecret(ciphertext []byte) ([]byte, error)

DecapSecret decapsulates a ciphertexts and returns the corresponding shared secret.

func (*KeyEncapsulation) Details 

func (kem *KeyEncapsulation) Details() KeyEncapsulationDetails

Details returns the KEM algorithm details.

func (*KeyEncapsulation) EncapSecret 

func (kem *KeyEncapsulation) EncapSecret(publicKey []byte) (ciphertext,
	sharedSecret []byte, err error,
)

EncapSecret encapsulates a secret using a public key and returns the corresponding ciphertext and shared secret.

func (*KeyEncapsulation) ExportSecretKey 

func (kem *KeyEncapsulation) ExportSecretKey() []byte

ExportSecretKey exports the corresponding secret key from the kem receiver.

func (*KeyEncapsulation) GenerateKeyPair 

func (kem *KeyEncapsulation) GenerateKeyPair() ([]byte, error)

GenerateKeyPair generates a pair of secret key/public key and returns the public key. The secret key is stored inside the kem receiver. The secret key is not directly accessible, unless one exports it with KeyEncapsulation.ExportSecretKey method.

func (*KeyEncapsulation) Init 

func (kem *KeyEncapsulation) Init(algName string, secretKey []byte) error

Init initializes the KEM data structure with an algorithm name and a secret key. If the secret key is null, then the user must invoke the KeyEncapsulation.GenerateKeyPair method to generate the pair of secret key/public key.

func (KeyEncapsulation) String 

func (kem KeyEncapsulation) String() string

String converts the KEM algorithm name to a string representation. Use this method to pretty-print the KEM algorithm name, e.g. fmt.Println(client).

type KeyEncapsulationDetails 

type KeyEncapsulationDetails struct {
	Name               string
	Version            string
	ClaimedNISTLevel   int
	IsINDCCA           bool
	LengthPublicKey    int
	LengthSecretKey    int
	LengthCiphertext   int
	LengthSharedSecret int
}

KeyEncapsulationDetails defines the KEM algorithm details.

func (KeyEncapsulationDetails) String 

func (kemDetails KeyEncapsulationDetails) String() string

String converts the KEM algorithm details to a string representation. Use this method to pretty-print the KEM algorithm details, e.g. fmt.Println(client.Details()).

type Signature 

type Signature struct {
	// contains filtered or unexported fields
}

Signature defines the signature main data structure.

func (*Signature) Clean 

func (sig *Signature) Clean()

Clean zeroes-in the stored secret key and resets the sig receiver. One can reuse the signature by re-initializing it with the Signature.Init method.

func (*Signature) Details 

func (sig *Signature) Details() SignatureDetails

Details returns the signature algorithm details.

func (*Signature) ExportSecretKey 

func (sig *Signature) ExportSecretKey() []byte

ExportSecretKey exports the corresponding secret key from the sig receiver.

func (*Signature) GenerateKeyPair 

func (sig *Signature) GenerateKeyPair() ([]byte, error)

GenerateKeyPair generates a pair of secret key/public key and returns the public key. The secret key is stored inside the sig receiver. The secret key is not directly accessible, unless one exports it with Signature.ExportSecretKey method.

func (*Signature) Init 

func (sig *Signature) Init(algName string, secretKey []byte) error

Init initializes the signature data structure with an algorithm name and a secret key. If the secret key is null, then the user must invoke the Signature.GenerateKeyPair method to generate the pair of secret key/public key.

func (*Signature) Sign 

func (sig *Signature) Sign(message []byte) ([]byte, error)

Sign signs a message and returns the corresponding signature.

func (*Signature) SignWithCtxStr 

func (sig *Signature) SignWithCtxStr(message []byte, context []byte) ([]byte, error)

Sign signs a message with context string and returns the corresponding signature.

func (Signature) String 

func (sig Signature) String() string

String converts the signature algorithm name to a string representation. Use this method to pretty-print the signature algorithm name, e.g. fmt.Println(signer).

func (*Signature) Verify 

func (sig *Signature) Verify(message []byte, signature []byte,
	publicKey []byte,
) (bool, error)

Verify verifies the validity of a signed message, returning true if the signature is valid, and false otherwise.

func (*Signature) VerifyWithCtxStr 

func (sig *Signature) VerifyWithCtxStr(
	message []byte,
	signature []byte,
	context []byte,
	publicKey []byte,
) (bool, error)

Verify verifies the validity of a signed message with context string, returning true if the signature is valid, and false otherwise.

type SignatureDetails 

type SignatureDetails struct {
	Name               string
	Version            string
	ClaimedNISTLevel   int
	IsEUFCMA           bool
	SigWithCtxSupport  bool
	LengthPublicKey    int
	LengthSecretKey    int
	MaxLengthSignature int
}

SignatureDetails defines the signature algorithm details.

func (SignatureDetails) String 

func (sigDetails SignatureDetails) String() string

String converts the signature algorithm details to a string representation. Use this method to pretty-print the signature algorithm details, e.g. fmt.Println(signer.Details()).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.