@hpke/core

JSR
A TypeScript Hybrid Public Key Encryption (HPKE) core module implemented using only Web Cryptography API. It does not support the X25519/X448-based KEMs and the ChaCha20Poly1305 AEAD, but it has no external module dependencies. It's small in size and tree-shaking friendly.

Documentation: [jsr.io](https://jsr.io/@hpke/core/doc) | [pages (only for the latest ver.)](https://dajiaji.github.io/hpke-js/core/docs/)
## Index - [Installation](#installation) - [Node.js](#nodejs) - [Deno](#deno) - [Web Browsers](#web-browsers) - [Usage](#usage) - [Contributing](#contributing) ## Installation Where possible, it is recommended to use `@hpke/core` along with extension modules (such as `@hpke/chacha20poly1305`) instead of `hpke-js`. ### Node.js You can install the package with npm, yarn or pnpm. ```sh # Using npm: npm install @hpke/core yarn add @hpke/core pnpm install @hpke/core # Using jsr: npx jsr add @hpke/core yarn dlx jsr add @hpke/core pnpm dlx jsr add @@hpke/core ``` The above manner can be used with other JavaScript runtimes that support npm, such as Cloudflare Workers and Bun. Then, you can use the module from code like this: ```ts import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "@hpke/core"; ``` ### Deno For Deno, it is recommended to use the jsr.io registry. ```sh deno add jsr:@hpke/core ``` ### Web Browsers Followings are how to use this module with typical CDNs. Other CDNs can be used as well. Using esm.sh: ```html ``` Using unpkg: ```html ``` ## Usage This section shows some typical usage examples. ### Node.js ```js import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "@hpke/core"; async function doHpke() { // setup const suite = new CipherSuite({ kem: new DhkemP256HkdfSha256(), kdf: new HkdfSha256(), aead: new Aes128Gcm(), }); const rkp = await suite.kem.generateKeyPair(); const sender = await suite.createSenderContext({ recipientPublicKey: rkp.publicKey, }); const recipient = await suite.createRecipientContext({ recipientKey: rkp.privateKey, enc: sender.enc, }); // encrypt const ct = await sender.seal(new TextEncoder().encode("Hello world!")); // decrypt const pt = await recipient.open(ct); // Hello world! console.log(new TextDecoder().decode(pt)); } try { doHpke(); } catch (err) { console.log("failed:", err.message); } ``` ### Deno ```ts import { Aes128Gcm, CipherSuite, DhkemP256HkdfSha256, HkdfSha256, } from "@hpke/core"; async function doHpke() { // setup const suite = new CipherSuite({ kem: new DhkemP256HkdfSha256(), kdf: new HkdfSha256(), aead: new Aes128Gcm(), }); const rkp = await suite.kem.generateKeyPair(); const sender = await suite.createSenderContext({ recipientPublicKey: rkp.publicKey, }); const recipient = await suite.createRecipientContext({ recipientKey: rkp.privateKey, enc: sender.enc, }); // encrypt const ct = await sender.seal(new TextEncoder().encode("Hello world!")); // decrypt const pt = await recipient.open(ct); // Hello world! console.log(new TextDecoder().decode(pt)); } try { doHpke(); } catch (_err: unknown) { console.log("doHPKE() failed."); } ``` ### Web Browsers ```html ``` ## Contributing We welcome all kind of contributions, filing issues, suggesting new features or sending PRs.