hpke-js
Index
Installation
Where possible, it is recommended to use @hpke/core
along with extension
modules (such as @hpke/chacha20poly1305
) instead of hpke-js
.
Node.js
You can install the package with npm, yarn or pnpm.
npm install hpke-js
yarn add hpke-js
pnpm install hpke-js
npx jsr add hpke-js
yarn dlx jsr add hpke-js
pnpm dlx jsr add hpke-js
The above manner can be used with other JavaScript runtimes that support npm,
such as Cloudflare Workers and Bun.
Then, you can use the module from code like this:
import { AeadId, CipherSuite, KdfId, KemId } from "hpke-js";
Deno
For Deno, it is recommended to use the jsr.io registry.
deno add jsr:@hpke/hpke-js
Web Browsers
Followings are how to use the module with typical CDNs. Other CDNs can be used
as well.
Using esm.sh:
<script type="module">
import {
AeadId,
CipherSuite,
KdfId,
KemId,
} from "https://esm.sh/hpke-js@<SEMVER>";
</script>
<script type="module">
import { AeadId, CipherSuite, KdfId, KemId } from "https://esm.sh/hpke-js";
</script>
Using unpkg:
<script type="module">
import {
AeadId,
CipherSuite,
KdfId,
KemId,
} from "https://unpkg.com/hpke-js@<SEMVER>/esm/mod.js";
</script>
Usage
This section shows some typical usage examples.
Node.js
import { AeadId, CipherSuite, KdfId, KemId } from "hpke-js";
async function doHpke() {
const suite = new CipherSuite({
kem: KemId.DhkemX25519HkdfSha256,
kdf: KdfId.HkdfSha256,
aead: AeadId.Chacha20Poly1305,
});
const rkp = await suite.kem.generateKeyPair();
const sender = await suite.createSenderContext({
recipientPublicKey: rkp.publicKey,
});
const ct = await sender.seal(new TextEncoder().encode("Hello world!"));
const recipient = await suite.createRecipientContext({
recipientKey: rkp.privateKey,
enc: sender.enc,
});
const pt = await recipient.open(ct);
console.log("decrypted: ", new TextDecoder().decode(pt));
}
try {
doHpke();
} catch (e) {
console.log("failed:", e.message);
}
Deno
import { AeadId, CipherSuite, KdfId, KemId } from "@hpke/hpke-js";
async function doHpke() {
const suite = new CipherSuite({
kem: KemId.DhkemX25519HkdfSha256,
kdf: KdfId.HkdfSha256,
aead: AeadId.Chacha20Poly1305,
});
const rkp = await suite.kem.generateKeyPair();
const sender = await suite.createSenderContext({
recipientPublicKey: rkp.publicKey,
});
const ct = await sender.seal(new TextEncoder().encode("Hello world!"));
const recipient = await suite.createRecipientContext({
recipientKey: rkp.privateKey,
enc: sender.enc,
});
const pt = await recipient.open(ct);
console.log(new TextDecoder().decode(pt));
}
try {
doHpke();
} catch (_err: unknown) {
console.log("failed.");
}
Web Browsers
<html>
<head></head>
<body>
<script type="module">
import { AeadId, CipherSuite, KdfId, KemId } from "https://esm.sh/hpke-js";
globalThis.doHpke = async () => {
try {
const suite = new CipherSuite({
kem: KemId.DhkemP256HkdfSha256,
kdf: KdfId.HkdfSha256,
aead: AeadId.Aes128Gcm,
});
const rkp = await suite.kem.generateKeyPair();
const sender = await suite.createSenderContext({
recipientPublicKey: rkp.publicKey,
});
const ct = await sender.seal(new TextEncoder().encode("Hello world!"));
const recipient = await suite.createRecipientContext({
recipientKey: rkp.privateKey,
enc: sender.enc,
});
const pt = await recipient.open(ct);
alert(new TextDecoder().decode(pt));
} catch (err) {
alert("failed:", err.message);
}
};
</script>
<button type="button" onclick="doHpke()">do HPKE</button>
</body>
</html>
Contributing
We welcome all kind of contributions, filing issues, suggesting new features or
sending PRs.