==>
const ( CurveCECPQ2 CurveID = 16696 )
type cecpq2CurveParameters struct { privateKey []byte publicKey []byte hrssPrivateKey hrss.PrivateKey }
func (p *cecpq2CurveParameters) CurveID() CurveID { return CurveCECPQ2 }
func (p *cecpq2CurveParameters) PublicKey() []byte { return p.publicKey[:] }
func (p *cecpq2CurveParameters) SharedKey(peerPublicKey []byte) []byte { if len(peerPublicKey) != curve25519.ScalarSize+hrss.CiphertextSize { return nil } sharedKey, err := curve25519.X25519(p.privateKey, peerPublicKey[:curve25519.ScalarSize]) if err != nil { return nil }
hrssShared, ok := p.hrssPrivateKey.Decap(peerPublicKey[curve25519.ScalarSize:])
if !ok {
return nil
}
return append(sharedKey, hrssShared...)
}
==>
"crypto/tls/hrss"
==>
if curveID == CurveCECPQ2 {
privateKey := make([]byte, curve25519.ScalarSize)
if _, err := io.ReadFull(rand, privateKey); err != nil {
return nil, err
}
publicKey, err := curve25519.X25519(privateKey, curve25519.Basepoint)
hrssPrivateKey := hrss.GenerateKey(rand)
hrssPublic := hrssPrivateKey.PublicKey.Marshal()
publicKey = append(publicKey, hrssPublic...)
if err != nil {
return nil, err
}
return &cecpq2CurveParameters{privateKey: privateKey, publicKey: publicKey, hrssPrivateKey: hrssPrivateKey,}, nil
}
==>
hrss.go
curveID != X25519
==>
curveID != X25519 && curveID != CurveCECPQ2
==>
out of scope