Skip to content

Commit 6665c9d

Browse files
janklaussnerjanklaussner
authored
Changes normative reference of ECDH Point Encoding.
Refer to RFC-5480 first, then hint to X9.62. Closes #264
1 parent e0a3c6f commit 6665c9d

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

draft-ietf-lamps-pq-composite-kem.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -792,7 +792,7 @@ While ML-KEM has a single fixed-size representation for each of public key, priv
792792

793793
* **ML-KEM**: MUST be encoded as specified in sections 7.1 and 7.2 of [FIPS.203], using a 64-byte seed `(d || z)` as the private key.
794794
* **RSA**: the public key MUST be encoded as RSAPublicKey with the `(n,e)` public key representation as specified in A.1.1 of [RFC8017] and the private key representation as RSAPrivateKey specified in A.1.2 of [RFC8017] with version 0 and 'otherPrimeInfos' absent. An RSA-OAEP ciphertext MUST be encoded as specified in section 7.1.1 of {{RFC8017}}
795-
* **ECDH**: public key MUST be encoded as an uncompressed X9.62 [X9.62–2005], including the leading byte `0x04` indicating uncompressed. This is consistent with the encoding of `ECPoint` as specified in section 2.2 of [RFC5480] when no ASN.1 OCTET STRING wrapping is present. The private key MUST be encoded as ECPrivateKey specified in [RFC5915] with 'NamedCurve' parameter set to the OID of the curve, but without the 'publicKey' field. The ciphertext MUST be encoded in the same manner as the public key.
795+
* **ECDH**: public key MUST be encoded as an uncompressed elliptic curve point as in section 2.2 of [RFC5480], including the leading byte `0x04` indicating uncompressed encoding and without the ASN.1 OCTET STRING wrapper. This is consistent with the encoding of EC public keys in X9.62 [X9.62–2005]. The private key MUST be encoded as ECPrivateKey specified in [RFC5915] with 'NamedCurve' parameter set to the OID of the curve, but without the 'publicKey' field. The ciphertext MUST be encoded in the same manner as the public key.
796796
* **X25519 and X448**: the public key MUST be encoded as per section 5 of [RFC7748] and the private key is a 32 or 56 byte raw value for X25519 and X448 respectively. The ciphertext MUST be encoded in the same manner as the public key.
797797

798798
All ASN.1 objects SHALL be encoded using DER on serialization.

0 commit comments

Comments
 (0)