PostQuantum.Hybrid.Envelopes
1.1.1
dotnet add package PostQuantum.Hybrid.Envelopes --version 1.1.1
NuGet\Install-Package PostQuantum.Hybrid.Envelopes -Version 1.1.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="PostQuantum.Hybrid.Envelopes" Version="1.1.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="PostQuantum.Hybrid.Envelopes" Version="1.1.1" />
<PackageReference Include="PostQuantum.Hybrid.Envelopes" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add PostQuantum.Hybrid.Envelopes --version 1.1.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: PostQuantum.Hybrid.Envelopes, 1.1.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package PostQuantum.Hybrid.Envelopes@1.1.1
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=PostQuantum.Hybrid.Envelopes&version=1.1.1
#tool nuget:?package=PostQuantum.Hybrid.Envelopes&version=1.1.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
PostQuantum.Hybrid.Envelopes
Opinionated, misuse-resistant message envelopes for PostQuantum.Hybrid.
Wraps KEM + HKDF + AES-GCM into one call. Use this when you don't want to wire up the symmetric layer yourself.
Install
dotnet add package PostQuantum.Hybrid.Envelopes
API
namespace PostQuantum.Hybrid.Envelopes;
// Anonymous (encrypted-only) envelope
public static class HybridEnvelope
{
public static byte[] Seal(HybridKemPublicKey recipientPublicKey, ReadOnlySpan<byte> plaintext);
public static byte[] Open(HybridKemPrivateKey recipientPrivateKey, ReadOnlySpan<byte> envelope);
}
// Authenticated (signed + encrypted) envelope
public static class SignedHybridEnvelope
{
public static byte[] Seal(
HybridSignaturePrivateKey senderSigningKey,
HybridKemPublicKey recipientPublicKey,
ReadOnlySpan<byte> plaintext);
public static byte[] Open(
HybridSignaturePublicKey senderVerificationKey,
HybridKemPrivateKey recipientPrivateKey,
ReadOnlySpan<byte> envelope);
}
Quick start
using PostQuantum.Hybrid;
using PostQuantum.Hybrid.Envelopes;
// Anonymous encrypted envelope
using var recipient = HybridKem.GenerateKeyPair();
byte[] envelope = HybridEnvelope.Seal(recipient.PublicKey, "secret message"u8);
byte[] plaintext = HybridEnvelope.Open(recipient.PrivateKey, envelope);
// Signed + encrypted envelope
using var sender = HybridSignature.GenerateKeyPair();
byte[] authEnv = SignedHybridEnvelope.Seal(
sender.PrivateKey, recipient.PublicKey, "from alice"u8);
byte[] verified = SignedHybridEnvelope.Open(
sender.PublicKey, recipient.PrivateKey, authEnv);
What's inside the envelope
Anonymous HybridEnvelope
[ 1B version ] [ 1121B KEM ciphertext ] [ 12B nonce ] [ 16B AES-GCM tag ]
[ N bytes encrypted plaintext ]
versionis0x01(the only version in v1; future variants get a new value).- The KEM ciphertext is bound into the AEAD as
associatedData, so any rearrangement breaks the tag check. - A fresh HKDF-derived AES-256 key per call.
Signed SignedHybridEnvelope
[ anonymous envelope above ] [ 3374B hybrid signature ]
- The signature is over the entire anonymous envelope (so the signature binds the encrypted payload, the KEM ciphertext, the nonce, and the AEAD tag).
Openverifies the signature BEFORE running KEM decapsulation. Tampered envelopes are rejected without ever touching the recipient's private key.
Failure modes
Open throws CryptographicException (specifically
PostQuantum.Hybrid.PostQuantumHybridException for structural problems
and AuthenticationTagMismatchException for AEAD failures). Match on
the base type if you need broad catching; match on
PostQuantumHybridException.Reason for structured handling.
Security guarantees
| Property | Anonymous | Signed |
|---|---|---|
| Confidentiality | ✅ both X25519 and ML-KEM-768 secure → secret stays secret | ✅ |
| Integrity of payload | ✅ AES-GCM tag | ✅ AES-GCM tag + hybrid signature |
| Sender authentication | ❌ anyone could have sealed it | ✅ both Ed25519 and ML-DSA-65 secure → only sender could have sealed |
| Replay protection | ❌ caller's responsibility | ❌ caller's responsibility |
| Forward secrecy | ❌ if recipient key leaks, past envelopes decrypt | ❌ same |
For replay protection or forward secrecy, layer a protocol on top.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net10.0
- PostQuantum.Hybrid (>= 1.1.1)
-
net8.0
- PostQuantum.Hybrid (>= 1.1.1)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.