Built and signed on GitHub ActionsBuilt and signed on GitHub Actions
Built and signed on GitHub Actions
latest
dajiaji/hpke-jsA Hybrid Public Key Encryption (HPKE) core module for various JavaScript runtimes.
This package works with Cloudflare Workers, Node.js, Deno, Bun, Browsers
JSR Score
100%
Published
3 weeks ago (1.7.5)
@hpke/core
A TypeScript Hybrid Public Key Encryption (HPKE) core module implemented using only Web Cryptography API. It does not support the X25519/X448-based KEMs and the ChaCha20Poly1305 AEAD, but it has no external module dependencies. It's small in size and tree-shaking friendly.
Documentation: jsr.io | pages (only for the latest ver.)
Index
Installation
Where possible, it is recommended to use @hpke/core along with extension
modules (such as @hpke/chacha20poly1305) instead of hpke-js.
Node.js
You can install the package with npm, yarn or pnpm.
# Using npm: npm install @hpke/core yarn add @hpke/core pnpm install @hpke/core # Using jsr: npx jsr add @hpke/core yarn dlx jsr add @hpke/core pnpm dlx jsr add @@hpke/core
The above manner can be used with other JavaScript runtimes that support npm, such as Cloudflare Workers and Bun.
Then, you can use the module from code like this:
import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "@hpke/core";
Deno
For Deno, it is recommended to use the jsr.io registry.
deno add jsr:@hpke/core
Web Browsers
Followings are how to use this module with typical CDNs. Other CDNs can be used as well.
Using esm.sh:
<!-- use a specific version --> <script type="module"> import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "https://esm.sh/@hpke/core@<SEMVER>"; // ... </script> <!-- use the latest stable version --> <script type="module"> import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "https://esm.sh/@hpke/core"; // ... </script>
Using unpkg:
<!-- use a specific version --> <script type="module"> import * as hpke from "https://unpkg.com/@hpke/core@<SEMVER>/esm/mod.js"; // ... </script>
Usage
This section shows some typical usage examples.
Node.js
import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "@hpke/core"; async function doHpke() { // setup const suite = new CipherSuite({ kem: new DhkemP256HkdfSha256(), kdf: new HkdfSha256(), aead: new Aes128Gcm(), }); const rkp = await suite.kem.generateKeyPair(); const sender = await suite.createSenderContext({ recipientPublicKey: rkp.publicKey, }); const recipient = await suite.createRecipientContext({ recipientKey: rkp.privateKey, enc: sender.enc, }); // encrypt const ct = await sender.seal(new TextEncoder().encode("Hello world!")); // decrypt const pt = await recipient.open(ct); // Hello world! console.log(new TextDecoder().decode(pt)); } try { doHpke(); } catch (err) { console.log("failed:", err.message); }
Deno
import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "@hpke/core"; async function doHpke() { // setup const suite = new CipherSuite({ kem: new DhkemP256HkdfSha256(), kdf: new HkdfSha256(), aead: new Aes128Gcm(), }); const rkp = await suite.kem.generateKeyPair(); const sender = await suite.createSenderContext({ recipientPublicKey: rkp.publicKey, }); const recipient = await suite.createRecipientContext({ recipientKey: rkp.privateKey, enc: sender.enc, }); // encrypt const ct = await sender.seal(new TextEncoder().encode("Hello world!")); // decrypt const pt = await recipient.open(ct); // Hello world! console.log(new TextDecoder().decode(pt)); } try { doHpke(); } catch (_err: unknown) { console.log("doHPKE() failed."); }
Web Browsers
<html> <head></head> <body> <script type="module"> import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "https://esm.sh/@hpke/core"; globalThis.doHpke = async () => { const suite = new CipherSuite({ kem: new DhkemP256HkdfSha256(), kdf: new HkdfSha256(), aead: new Aes128Gcm(), }); const rkp = await suite.kem.generateKeyPair(); const sender = await suite.createSenderContext({ recipientPublicKey: rkp.publicKey, }); const recipient = await suite.createRecipientContext({ recipientKey: rkp.privateKey, // rkp (CryptoKeyPair) is also acceptable. enc: sender.enc, }); // encrypt const ct = await sender.seal( new TextEncoder().encode("hello world!"), ); // decrypt try { const pt = await recipient.open(ct); // hello world! alert(new TextDecoder().decode(pt)); } catch (err) { alert("failed to decrypt."); } }; </script> <button type="button" onclick="doHpke()">do HPKE</button> </body> </html>
Contributing
We welcome all kind of contributions, filing issues, suggesting new features or sending PRs.
Built and signed on
GitHub Actions
Add Package
deno add jsr:@hpke/core
Import symbol
import * as core from "@hpke/core";
Import directly with a jsr specifier
import * as core from "jsr:@hpke/core";
Add Package
pnpm i jsr:@hpke/core
pnpm dlx jsr add @hpke/core
Import symbol
import * as core from "@hpke/core";
Add Package
yarn add jsr:@hpke/core
yarn dlx jsr add @hpke/core
Import symbol
import * as core from "@hpke/core";
Add Package
vlt install jsr:@hpke/core
Import symbol
import * as core from "@hpke/core";
Add Package
npx jsr add @hpke/core
Import symbol
import * as core from "@hpke/core";
Add Package
bunx jsr add @hpke/core
Import symbol
import * as core from "@hpke/core";