@hpke/hybridkem-x-wing
    Preparing search index...

    Class XWing

    The Hybrid Post-Quantum KEM (X25519, Kyber768).

    This class is implemented using pqc-kyber.

    The instance of this class can be specified to the CipherSuiteParams as follows:

    import { Aes128Gcm, CipherSuite, HkdfSha256 } from "@hpke/core";
    import { XWing } from "@hpke/hybridkem-x-wing";
    const suite = new CipherSuite({
      kem: new XWing(),
      kdf: new HkdfSha256(),
      aead: new Aes128Gcm(),
    });

    Implements

    • KemInterface
    Index

    Constructors

    constructor

    Properties

    _m _x25519 auth encSize id name privateKeySize publicKeySize secretSize

    Methods

    decap deriveKeyPair deserializePrivateKey deserializePublicKey encap generateKeyPair generateKeyPairDerand importKey serializePrivateKey serializePublicKey

    Constructors

    Properties

    Protected_m

    _m: MlKem768

    Protected_x25519

    _x25519: X25519
    auth: boolean = false
    encSize: number = 1120

    The length in bytes of an encapsulated key produced by this KEM (Nenc).

    id: KemId = KemId.XWing

    The KEM identifier.

    name: string = ALG_NAME
    privateKeySize: number = 32

    The length in bytes of an encoded private key for this KEM (Nsk).

    publicKeySize: number = 1216

    The length in bytes of an encoded public key for this KEM (Npk).

    secretSize: number = 32

    The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

    Methods

    • Decapsulates the ss (shared secret) from the enc and the recipient's private key. The enc is the same as the ct (ciphertext) resulting from X-Wing::Encapsulate(), which is executed under the encap(). @param params The parameters for decapsulation. @returns {Promise<ArrayBuffer>} A promise that resolves with the shared secret. @throws {InvalidParamError} Thrown if the length of the enc` is not 1120 bytes.

      Parameters

      • params: RecipientContextParams

      Returns Promise<ArrayBuffer>

      Thrown if the shared secret cannot be decapsulated.

    • Derives a key pair from the input keying material.

      Parameters

      • ikm: ArrayBuffer

        The input keying material.

      Returns Promise<CryptoKeyPair>

      A promise that resolves with a new key pair.

      Thrown if the key pair cannot be derived.

      Thrown if the length of the IKM is not 32 bytes.

    • Deserializes a private key as a byte string of length Nsk to CryptoKey.

      If the error occurred, throws DeserializeError.

      Parameters

      • key: ArrayBuffer

        A key as bytes.

      Returns Promise<CryptoKey>

      A CryptoKey.

      DeserializeError

    • Deserializes a public key as a byte string of length Npk to CryptoKey.

      If the error occurred, throws DeserializeError.

      Parameters

      • key: ArrayBuffer

        A key as bytes.

      Returns Promise<CryptoKey>

      A CryptoKey.

      DeserializeError

    • Encapsulates the shared secret and the ct (ciphertext) as enc.

      Parameters

      • params: SenderContextParams

        The parameters for encapsulation.

      Returns Promise<{ enc: ArrayBuffer; sharedSecret: ArrayBuffer }>

      A promise that resolves with the ss (shared secret) as sharedSecret and the ct (ciphertext) as enc.

      Thrown if the length of the ekm is not 64 bytes.

      Thrown if the shared secret cannot be encapsulated.

    • Generates a new key pair.

      Returns Promise<CryptoKeyPair>

      A promise that resolves with a new key pair.

    • Generates a key pair from the secret key.

      Parameters

      • sk: Uint8Array

        The secret key.

      Returns Promise<CryptoKeyPair>

      A promise that resolves with a new key pair.

      Thrown if the length of the secret key is not 32 bytes.

      Thrown if the key pair cannot be derived.

    • Imports a key from the input.

      Parameters

      • format: "raw" | "jwk"

        The format of the key. "raw" or "jwk" can be specified.

      • key: ArrayBuffer | JsonWebKeyExtended

        The key to import. If the format is "raw", the key must be an ArrayBuffer. If the format is "jwk", the key must be a JsonWebKey.

      • isPublic: boolean = true

        A boolean indicating whether the key is public or not. The default is true.

      Returns Promise<CryptoKey>

      A promise that resolves with the imported key.

      Thrown if the key cannot be imported.

    • Serializes a private key as CryptoKey to a byte string of length Nsk.

      If the error occurred, throws SerializeError.

      Parameters

      • key: CryptoKey

        A CryptoKey.

      Returns Promise<ArrayBuffer>

      A key as bytes.

      SerializeError

    • Serializes a public key as CryptoKey to a byte string of length Npk.

      If the error occurred, throws SerializeError.

      Parameters

      • key: CryptoKey

        A CryptoKey.

      Returns Promise<ArrayBuffer>

      A key as bytes.

      SerializeError

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Methods