README.md

hpke

Hybrid Public Key Encryption (HPKE) implementation for JavaScript runtimes.

Implements an authenticated encryption encapsulation format that combines a semi-static asymmetric key exchange with a symmetric cipher. This was originally defined in an Informational document on the IRTF stream as RFC 9180 and is now being republished as a Standards Track document of the IETF as draft-ietf-hpke-hpke.

HPKE provides a variant of public key encryption for arbitrary-sized plaintexts using a recipient public key.

Example

Getting started with CipherSuite

import * as HPKE from 'hpke'

// 1. Choose a cipher suite
const suite = new HPKE.CipherSuite(
  HPKE.KEM_DHKEM_P256_HKDF_SHA256,
  HPKE.KDF_HKDF_SHA256,
  HPKE.AEAD_AES_128_GCM,
)

// 2. Generate recipient key pair
const recipient = await suite.GenerateKeyPair()

// 3. Encrypt a message
const plaintext = new TextEncoder().encode('Hello, World!')
const { encapsulatedSecret, ciphertext } = await suite.Seal(recipient.publicKey, plaintext)

// 4. Decrypt the message
const decrypted = await suite.Open(recipient.privateKey, encapsulatedSecret, ciphertext)
console.log(new TextDecoder().decode(decrypted)) // "Hello, World!"

Core

• CipherSuite
• RecipientContext
• SenderContext

KEM Algorithms

• KEM_DHKEM_P256_HKDF_SHA256
• KEM_DHKEM_P384_HKDF_SHA384
• KEM_DHKEM_P521_HKDF_SHA512
• KEM_DHKEM_X25519_HKDF_SHA256
• KEM_DHKEM_X448_HKDF_SHA512
• KEM_ML_KEM_1024
• KEM_ML_KEM_512
• KEM_ML_KEM_768
• KEM_MLKEM1024_P384
• KEM_MLKEM768_P256
• KEM_MLKEM768_X25519

KDF Algorithms

• KDF_HKDF_SHA256
• KDF_HKDF_SHA384
• KDF_HKDF_SHA512
• KDF_SHAKE128
• KDF_SHAKE256

AEAD Algorithms

• AEAD_AES_128_GCM
• AEAD_AES_256_GCM
• AEAD_ChaCha20Poly1305
• AEAD_EXPORT_ONLY

Interfaces

• AEAD
• KDF
• KEM
• Key
• KeyPair

Type Aliases

• AEADFactory
• KDFFactory
• KEMFactory

Utilities

• concat
• encode
• I2OSP
• LabeledDerive
• LabeledExpand
• LabeledExtract

Variables

• MODE_BASE
• MODE_PSK