Class DhkemX25519HkdfSha256

The DHKEM(X25519, HKDF-SHA256) for HPKE KEM implementing KemInterface.

The instance of this class can be specified to the CipherSuiteParams as follows:

Example

import {
  Aes128Gcm,
  CipherSuite,
  HkdfSha256,
  DhkemX25519HkdfSha256,
} from "@hpke/core";

const suite = new CipherSuite({
  kem: new DhkemX25519HkdfSha256(),
  kdf: new HkdfSha256(),
  aead: new Aes128Gcm(),
});

Hierarchy

  • Dhkem
    • DhkemX25519HkdfSha256

Constructors

constructor

Properties

_kdf _prim encSize id privateKeySize publicKeySize secretSize

Methods

decap deriveKeyPair deserializePrivateKey deserializePublicKey encap generateKeyPair importKey serializePrivateKey serializePublicKey

Constructors

constructor

Properties

Protected_kdf

_kdf: KdfInterface

Protected_prim

_prim: DhkemPrimitives

encSize

encSize: number = 32

32

id

id: KemId = KemId.DhkemX25519HkdfSha256

KemId.DhkemX25519HkdfSha256 (0x0020)

privateKeySize

privateKeySize: number = 32

32

publicKeySize

publicKeySize: number = 32

32

secretSize

secretSize: number = 32

32

Methods

decap

  • decap(params): Promise<ArrayBuffer>

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    Throws

    DecapError

deriveKeyPair

  • deriveKeyPair(ikm): Promise<CryptoKeyPair>

  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

    Throws

    DeriveKeyPairError

deserializePrivateKey

  • deserializePrivateKey(key): Promise<CryptoKey>

  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    Throws

    DeserializeError

deserializePublicKey

  • deserializePublicKey(key): Promise<CryptoKey>

  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    Throws

    DeserializeError

encap

  • encap(params): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    Throws

    EncapError

generateKeyPair

importKey

  • importKey(format, key, isPublic?): Promise<CryptoKey>

  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    Basically, this is a thin wrapper function of SubtleCrypto.importKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • format: "raw" | "jwk"

      For now, 'raw' and 'jwk' are supported.

    • key: ArrayBuffer | JsonWebKey

      A byte string of a raw key or A JsonWebKey object.

    • isPublic: boolean = true

      The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

    Returns Promise<CryptoKey>

    A public or private CryptoKey.

    Throws

    DeserializeError

serializePrivateKey

  • serializePrivateKey(key): Promise<ArrayBuffer>

  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    Throws

    SerializeError

serializePublicKey

  • serializePublicKey(key): Promise<ArrayBuffer>

  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    Throws

    SerializeError

Settings

Member Visibility

On This Page

Constructors
Properties
Methods