-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path06-export-only-mode.ts
More file actions
38 lines (29 loc) · 1.32 KB
/
06-export-only-mode.ts
File metadata and controls
38 lines (29 loc) · 1.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
import * as HPKE from '../index.ts'
const encoder = new TextEncoder()
// Cipher suite with EXPORT_ONLY AEAD (no encryption/decryption)
const suite = new HPKE.CipherSuite(
HPKE.KEM_DHKEM_P256_HKDF_SHA256,
HPKE.KDF_HKDF_SHA256,
HPKE.AEAD_EXPORT_ONLY,
)
// Recipient: Generate a key pair
const recipientKeyPair = await suite.GenerateKeyPair()
// Sender: Setup sender context (no encryption capability)
const { encapsulatedSecret, ctx: senderCtx } = await suite.SetupSender(recipientKeyPair.publicKey)
// Recipient: Setup recipient context (no decryption capability)
const recipientCtx = await suite.SetupRecipient(recipientKeyPair, encapsulatedSecret)
// Export-only mode only supports exporting secrets
const exporterContext = encoder.encode('derived-key-material')
// Both parties derive the same secret
const senderSecret = await senderCtx.Export(exporterContext, 32)
const recipientSecret = await recipientCtx.Export(exporterContext, 32)
console.log(
'Secrets match:',
senderSecret.every((byte, i) => byte === recipientSecret[i]),
) // true
// Use cases for Export-only mode:
// - Key agreement protocols that don't need AEAD
// - Deriving shared secrets for external encryption
// - Establishing session keys for other protocols
// - Reducing overhead when encryption is not needed
// - TLS-style key derivation without using TLS