diff --git a/chacha20poly1305/docs/classes/Chacha20Poly1305.html b/chacha20poly1305/docs/classes/Chacha20Poly1305.html index ab9ee6ecc..e1553e1f5 100644 --- a/chacha20poly1305/docs/classes/Chacha20Poly1305.html +++ b/chacha20poly1305/docs/classes/Chacha20Poly1305.html @@ -7,17 +7,17 @@

This class is implemented using @noble/ciphers.

-

Implements

Constructors

Implements

Constructors

Properties

id: AeadId = AeadId.Chacha20Poly1305

AeadId.Chacha20Poly1305 (0x0003)

-
keySize: number = 32

32

-
nonceSize: number = 12

12

-
tagSize: number = 16

16

-

Methods

  • Creates an AEAD encryption context which has seal/open operation.

    +
keySize: number = 32

32

+
nonceSize: number = 12

12

+
tagSize: number = 16

16

+

Methods

  • Creates an AEAD encryption context which has seal/open operation.

    Parameters

    • key: ArrayBuffer

      A byte string of the raw key.

    Returns AeadEncryptionContext

    An AEAD encryption context.

    -
+
diff --git a/common/docs/classes/DecapError.html b/common/docs/classes/DecapError.html index ce3ee0187..2d307a587 100644 --- a/common/docs/classes/DecapError.html +++ b/common/docs/classes/DecapError.html @@ -1,7 +1,7 @@ DecapError | @hpke/common

Class DecapError

decap() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/DeriveKeyPairError.html b/common/docs/classes/DeriveKeyPairError.html index 5c900fd75..b8bdf36e8 100644 --- a/common/docs/classes/DeriveKeyPairError.html +++ b/common/docs/classes/DeriveKeyPairError.html @@ -1,7 +1,7 @@ DeriveKeyPairError | @hpke/common

Class DeriveKeyPairError

Key pair derivation failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/DeserializeError.html b/common/docs/classes/DeserializeError.html index 4774c8760..9bc8f6c46 100644 --- a/common/docs/classes/DeserializeError.html +++ b/common/docs/classes/DeserializeError.html @@ -1,7 +1,7 @@ DeserializeError | @hpke/common

Class DeserializeError

Public or private key deserialization failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/Dhkem.html b/common/docs/classes/Dhkem.html index 503b7f9c3..4a9f11788 100644 --- a/common/docs/classes/Dhkem.html +++ b/common/docs/classes/Dhkem.html @@ -1,5 +1,5 @@ Dhkem | @hpke/common

The KEM interface.

-

Implements

Constructors

Implements

Constructors

Properties

Constructors

Properties

encSize: number = 0

The length in bytes of an encapsulated key produced by this KEM (Nenc).

-
id: KemId

The KEM identifier.

-
privateKeySize: number = 0

The length in bytes of an encoded private key for this KEM (Nsk).

-
publicKeySize: number = 0

The length in bytes of an encoded public key for this KEM (Npk).

-
secretSize: number = 0

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

-

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

encSize: number = 0

The length in bytes of an encapsulated key produced by this KEM (Nenc).

+
id: KemId

The KEM identifier.

+
privateKeySize: number = 0

The length in bytes of an encoded private key for this KEM (Nsk).

+
publicKeySize: number = 0

The length in bytes of an encoded public key for this KEM (Npk).

+
secretSize: number = 0

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

+

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +

Returns Promise<CryptoKey>

A public or private CryptoKey.

+
diff --git a/common/docs/classes/Ec.html b/common/docs/classes/Ec.html index 485859643..262bfad63 100644 --- a/common/docs/classes/Ec.html +++ b/common/docs/classes/Ec.html @@ -1,4 +1,4 @@ -Ec | @hpke/common

Hierarchy (view full)

Implements

Constructors

constructor +Ec | @hpke/common

Hierarchy (view full)

Implements

Constructors

Properties

Methods

Constructors

Properties

_api: SubtleCrypto = undefined

Methods

+

Constructors

Properties

_api: SubtleCrypto = undefined

Methods

diff --git a/common/docs/classes/EncapError.html b/common/docs/classes/EncapError.html index 3150e1c8e..22307f891 100644 --- a/common/docs/classes/EncapError.html +++ b/common/docs/classes/EncapError.html @@ -1,7 +1,7 @@ EncapError | @hpke/common

Class EncapError

encap() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/ExportError.html b/common/docs/classes/ExportError.html index 625030b9c..d9c13782f 100644 --- a/common/docs/classes/ExportError.html +++ b/common/docs/classes/ExportError.html @@ -1,7 +1,7 @@ ExportError | @hpke/common

Class ExportError

Secret export failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/HkdfSha256Native.html b/common/docs/classes/HkdfSha256Native.html index c982de93b..9ccfc1c94 100644 --- a/common/docs/classes/HkdfSha256Native.html +++ b/common/docs/classes/HkdfSha256Native.html @@ -1,4 +1,4 @@ -HkdfSha256Native | @hpke/common

Class HkdfSha256Native

Hierarchy

  • HkdfNative
    • HkdfSha256Native

Constructors

constructor +HkdfSha256Native | @hpke/common

Class HkdfSha256Native

Hierarchy

  • HkdfNative
    • HkdfSha256Native

Constructors

Properties

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

-
hashSize: number = 32

32

-
id: KdfId = KdfId.HkdfSha256

KdfId.HkdfSha256 (0x0001)

-

Methods

  • Returns Promise<void>

  • Builds a labeled input keying material.

    +

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

+
hashSize: number = 32

32

+
id: KdfId = KdfId.HkdfSha256

KdfId.HkdfSha256 (0x0001)

+

Methods

  • Returns Promise<void>

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    +
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    +
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    +
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    +
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

+
diff --git a/common/docs/classes/HkdfSha384Native.html b/common/docs/classes/HkdfSha384Native.html index 4bf650a65..5095fb6a4 100644 --- a/common/docs/classes/HkdfSha384Native.html +++ b/common/docs/classes/HkdfSha384Native.html @@ -1,4 +1,4 @@ -HkdfSha384Native | @hpke/common

Class HkdfSha384Native

Hierarchy

  • HkdfNative
    • HkdfSha384Native

Constructors

constructor +HkdfSha384Native | @hpke/common

Class HkdfSha384Native

Hierarchy

  • HkdfNative
    • HkdfSha384Native

Constructors

Properties

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

-
hashSize: number = 48

48

-
id: KdfId = KdfId.HkdfSha384

KdfId.HkdfSha384 (0x0002)

-

Methods

  • Returns Promise<void>

  • Builds a labeled input keying material.

    +

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

+
hashSize: number = 48

48

+
id: KdfId = KdfId.HkdfSha384

KdfId.HkdfSha384 (0x0002)

+

Methods

  • Returns Promise<void>

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    +
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    +
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    +
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    +
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

+
diff --git a/common/docs/classes/HkdfSha512Native.html b/common/docs/classes/HkdfSha512Native.html index cfb2b3d70..20e5a035e 100644 --- a/common/docs/classes/HkdfSha512Native.html +++ b/common/docs/classes/HkdfSha512Native.html @@ -1,4 +1,4 @@ -HkdfSha512Native | @hpke/common

Class HkdfSha512Native

Hierarchy

  • HkdfNative
    • HkdfSha512Native

Constructors

constructor +HkdfSha512Native | @hpke/common

Class HkdfSha512Native

Hierarchy

  • HkdfNative
    • HkdfSha512Native

Constructors

Properties

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

-
hashSize: number = 64

64

-
id: KdfId = KdfId.HkdfSha512

KdfId.HkdfSha512 (0x0003)

-

Methods

  • Returns Promise<void>

  • Builds a labeled input keying material.

    +

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

+
hashSize: number = 64

64

+
id: KdfId = KdfId.HkdfSha512

KdfId.HkdfSha512 (0x0003)

+

Methods

  • Returns Promise<void>

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    +
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    +
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    +
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    +
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

+
diff --git a/common/docs/classes/HpkeError.html b/common/docs/classes/HpkeError.html index 7cd4ca86f..46a148b9d 100644 --- a/common/docs/classes/HpkeError.html +++ b/common/docs/classes/HpkeError.html @@ -1,7 +1,7 @@ HpkeError | @hpke/common

Class HpkeError

The base error class of hpke-js.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/Hybridkem.html b/common/docs/classes/Hybridkem.html index f162afbf5..17f88d326 100644 --- a/common/docs/classes/Hybridkem.html +++ b/common/docs/classes/Hybridkem.html @@ -1,5 +1,5 @@ Hybridkem | @hpke/common

Class Hybridkem

The KEM interface.

-

Implements

Constructors

Implements

Constructors

Properties

Constructors

Properties

encSize: number = 0

The length in bytes of an encapsulated key produced by this KEM (Nenc).

-
id: KemId = KemId.NotAssigned

The KEM identifier.

-
name: string = ""
privateKeySize: number = 0

The length in bytes of an encoded private key for this KEM (Nsk).

-
publicKeySize: number = 0

The length in bytes of an encoded public key for this KEM (Npk).

-
secretSize: number = 0

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

-

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

encSize: number = 0

The length in bytes of an encapsulated key produced by this KEM (Nenc).

+
id: KemId = KemId.NotAssigned

The KEM identifier.

+
name: string = ""
privateKeySize: number = 0

The length in bytes of an encoded private key for this KEM (Nsk).

+
publicKeySize: number = 0

The length in bytes of an encoded public key for this KEM (Npk).

+
secretSize: number = 0

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

+

Methods

  • Derives a key pair from the byte string ikm.

    +

Returns Promise<CryptoKey>

A public or private CryptoKey.

+
diff --git a/common/docs/classes/InvalidParamError.html b/common/docs/classes/InvalidParamError.html index 6e5e36aea..c2c77de8a 100644 --- a/common/docs/classes/InvalidParamError.html +++ b/common/docs/classes/InvalidParamError.html @@ -1,7 +1,7 @@ InvalidParamError | @hpke/common

Class InvalidParamError

Invalid parameter.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/MessageLimitReachedError.html b/common/docs/classes/MessageLimitReachedError.html index 60e749ac2..0dcc79059 100644 --- a/common/docs/classes/MessageLimitReachedError.html +++ b/common/docs/classes/MessageLimitReachedError.html @@ -1,7 +1,7 @@ MessageLimitReachedError | @hpke/common

Class MessageLimitReachedError

Sequence number overflow on the encryption context.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/NativeAlgorithm.html b/common/docs/classes/NativeAlgorithm.html index 73d5312b4..b445409c5 100644 --- a/common/docs/classes/NativeAlgorithm.html +++ b/common/docs/classes/NativeAlgorithm.html @@ -1,4 +1,4 @@ -NativeAlgorithm | @hpke/common

Class NativeAlgorithm

Hierarchy (view full)

  • NativeAlgorithm

Constructors

constructor +NativeAlgorithm | @hpke/common

Class NativeAlgorithm

Hierarchy (view full)

  • NativeAlgorithm

Constructors

Properties

Methods

Constructors

Properties

_api: SubtleCrypto = undefined

Methods

+

Constructors

Properties

_api: SubtleCrypto = undefined

Methods

diff --git a/common/docs/classes/NotSupportedError.html b/common/docs/classes/NotSupportedError.html index bfe848a26..fe51e0ea0 100644 --- a/common/docs/classes/NotSupportedError.html +++ b/common/docs/classes/NotSupportedError.html @@ -1,7 +1,7 @@ NotSupportedError | @hpke/common

Class NotSupportedError

Not supported failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/OpenError.html b/common/docs/classes/OpenError.html index 51871aace..0d57e4443 100644 --- a/common/docs/classes/OpenError.html +++ b/common/docs/classes/OpenError.html @@ -1,7 +1,7 @@ OpenError | @hpke/common

Class OpenError

open() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/SealError.html b/common/docs/classes/SealError.html index a3d1c515f..6b776cbfe 100644 --- a/common/docs/classes/SealError.html +++ b/common/docs/classes/SealError.html @@ -1,7 +1,7 @@ SealError | @hpke/common

Class SealError

seal() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/SerializeError.html b/common/docs/classes/SerializeError.html index 5d171cfcd..1e5e59b25 100644 --- a/common/docs/classes/SerializeError.html +++ b/common/docs/classes/SerializeError.html @@ -1,7 +1,7 @@ SerializeError | @hpke/common

Class SerializeError

Public or private key serialization failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/ValidationError.html b/common/docs/classes/ValidationError.html index 072a77836..81a612268 100644 --- a/common/docs/classes/ValidationError.html +++ b/common/docs/classes/ValidationError.html @@ -1,7 +1,7 @@ ValidationError | @hpke/common

Class ValidationError

KEM input or output validation failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/common/docs/classes/XCryptoKey.html b/common/docs/classes/XCryptoKey.html index 50ec9ac95..0cb62dee5 100644 --- a/common/docs/classes/XCryptoKey.html +++ b/common/docs/classes/XCryptoKey.html @@ -1,11 +1,11 @@ -XCryptoKey | @hpke/common

Class XCryptoKey

Implements

  • CryptoKey

Constructors

constructor +XCryptoKey | @hpke/common

Class XCryptoKey

Implements

  • CryptoKey

Constructors

Properties

algorithm: KeyAlgorithm
extractable: boolean = true
key: Uint8Array
type: "private" | "public"
usages: KeyUsage[]
+

Constructors

Properties

algorithm: KeyAlgorithm
extractable: boolean = true
key: Uint8Array
type: "private" | "public"
usages: KeyUsage[]
diff --git a/common/docs/functions/base64UrlToBytes.html b/common/docs/functions/base64UrlToBytes.html index 2d749cdbf..d7dddd055 100644 --- a/common/docs/functions/base64UrlToBytes.html +++ b/common/docs/functions/base64UrlToBytes.html @@ -1,4 +1,4 @@ base64UrlToBytes | @hpke/common

Function base64UrlToBytes

  • Decodes Base64Url-encoded data.

    Parameters

    • v: string

      Base64Url-encoded string

    Returns Uint8Array

    Uint8Array

    -
+
diff --git a/common/docs/functions/concat.html b/common/docs/functions/concat.html index bd6d4126a..21a59c644 100644 --- a/common/docs/functions/concat.html +++ b/common/docs/functions/concat.html @@ -2,4 +2,4 @@

Parameters

Returns Uint8Array

Concatenated Uint8Array

-
+
diff --git a/common/docs/functions/hexToBytes.html b/common/docs/functions/hexToBytes.html index 59cb5842a..9201da4d5 100644 --- a/common/docs/functions/hexToBytes.html +++ b/common/docs/functions/hexToBytes.html @@ -2,4 +2,4 @@

Parameters

Returns Uint8Array

Uint8Array

Error if the input is not a hex string.

-
+
diff --git a/common/docs/functions/i2Osp.html b/common/docs/functions/i2Osp.html index 815a4d2fa..fd4d4ef55 100644 --- a/common/docs/functions/i2Osp.html +++ b/common/docs/functions/i2Osp.html @@ -1,2 +1,2 @@ i2Osp | @hpke/common

Function i2Osp

  • Converts integer to octet string. I2OSP implementation.

    -

    Parameters

    • n: number
    • w: number

    Returns Uint8Array

+

Parameters

Returns Uint8Array

diff --git a/common/docs/functions/isCryptoKeyPair.html b/common/docs/functions/isCryptoKeyPair.html index e400d5bb6..88601fd92 100644 --- a/common/docs/functions/isCryptoKeyPair.html +++ b/common/docs/functions/isCryptoKeyPair.html @@ -1,2 +1,2 @@ isCryptoKeyPair | @hpke/common

Function isCryptoKeyPair

Checks whetehr the type of input is CryptoKeyPair or not.

-
  • Parameters

    • x: unknown

    Returns x is CryptoKeyPair

+
diff --git a/common/docs/functions/isDeno.html b/common/docs/functions/isDeno.html index 52e394885..bf881d185 100644 --- a/common/docs/functions/isDeno.html +++ b/common/docs/functions/isDeno.html @@ -1,3 +1,3 @@ isDeno | @hpke/common

Function isDeno

  • Checks whether the runtime is Deno or not (Node.js).

    Returns boolean

    boolean - true if the runtime is Deno, false Node.js.

    -
+
diff --git a/common/docs/functions/isDenoV1.html b/common/docs/functions/isDenoV1.html index 791211b37..7055d9866 100644 --- a/common/docs/functions/isDenoV1.html +++ b/common/docs/functions/isDenoV1.html @@ -1 +1 @@ -isDenoV1 | @hpke/common

Function isDenoV1

+isDenoV1 | @hpke/common

Function isDenoV1

diff --git a/common/docs/functions/kemToKeyGenAlgorithm.html b/common/docs/functions/kemToKeyGenAlgorithm.html index 2f5fe18a3..af448a6f4 100644 --- a/common/docs/functions/kemToKeyGenAlgorithm.html +++ b/common/docs/functions/kemToKeyGenAlgorithm.html @@ -1,4 +1,4 @@ kemToKeyGenAlgorithm | @hpke/common

Function kemToKeyGenAlgorithm

  • Converts KemId to KeyAlgorithm.

    Parameters

    Returns KeyAlgorithm

    KeyAlgorithm

    -
+
diff --git a/common/docs/functions/loadCrypto.html b/common/docs/functions/loadCrypto.html index 60b332b4d..7cda408fc 100644 --- a/common/docs/functions/loadCrypto.html +++ b/common/docs/functions/loadCrypto.html @@ -1 +1 @@ -loadCrypto | @hpke/common

Function loadCrypto

+loadCrypto | @hpke/common

Function loadCrypto

diff --git a/common/docs/functions/loadSubtleCrypto.html b/common/docs/functions/loadSubtleCrypto.html index a3bba3faf..dd0dd30d7 100644 --- a/common/docs/functions/loadSubtleCrypto.html +++ b/common/docs/functions/loadSubtleCrypto.html @@ -1 +1 @@ -loadSubtleCrypto | @hpke/common

Function loadSubtleCrypto

+loadSubtleCrypto | @hpke/common

Function loadSubtleCrypto

diff --git a/common/docs/functions/xor.html b/common/docs/functions/xor.html index e765a7be8..d532a553d 100644 --- a/common/docs/functions/xor.html +++ b/common/docs/functions/xor.html @@ -1,2 +1,2 @@ xor | @hpke/common

Function xor

  • XOR for Uint8Array.

    -

    Parameters

    • a: Uint8Array
    • b: Uint8Array

    Returns Uint8Array

+

Parameters

Returns Uint8Array

diff --git a/common/docs/interfaces/AeadEncryptionContext.html b/common/docs/interfaces/AeadEncryptionContext.html index dc9f3ca60..93aa3dd88 100644 --- a/common/docs/interfaces/AeadEncryptionContext.html +++ b/common/docs/interfaces/AeadEncryptionContext.html @@ -1,14 +1,14 @@ AeadEncryptionContext | @hpke/common

Interface AeadEncryptionContext

The AEAD encryption context interface.

-
interface AeadEncryptionContext {
    open(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
    seal(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
}

Methods

interface AeadEncryptionContext {
    open(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
    seal(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
}

Methods

Methods

  • Decrypts data with an initialization vector and additional authenticated data.

    Parameters

    • iv: ArrayBuffer

      An initialization vector.

    • data: ArrayBuffer

      A plain text as bytes to be encrypted.

    • aad: ArrayBuffer

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A decrypted plain text as bytes.

    -
  • Encrypts data with an initialization vector and additional authenticated data.

    Parameters

    • iv: ArrayBuffer

      An initialization vector.

    • data: ArrayBuffer

      A plain text as bytes to be encrypted.

    • aad: ArrayBuffer

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A cipher text as bytes.

    -
+
diff --git a/common/docs/interfaces/AeadInterface.html b/common/docs/interfaces/AeadInterface.html index 966708b27..25bb667e0 100644 --- a/common/docs/interfaces/AeadInterface.html +++ b/common/docs/interfaces/AeadInterface.html @@ -1,14 +1,14 @@ AeadInterface | @hpke/common

Interface AeadInterface

The AEAD interface.

-
interface AeadInterface {
    id: AeadId;
    keySize: number;
    nonceSize: number;
    tagSize: number;
    createEncryptionContext(key: ArrayBuffer): AeadEncryptionContext;
}

Properties

id +
interface AeadInterface {
    id: AeadId;
    keySize: number;
    nonceSize: number;
    tagSize: number;
    createEncryptionContext(key: ArrayBuffer): AeadEncryptionContext;
}

Properties

id: AeadId

The KDF identifier.

-
keySize: number

The length in bytes of an AEAD key (Nk).

-
nonceSize: number

The length in bytes of an AEAD nonce (Nn).

-
tagSize: number

The length in bytes of an AEAD authentication tag (Nt).

-

Methods

keySize: number

The length in bytes of an AEAD key (Nk).

+
nonceSize: number

The length in bytes of an AEAD nonce (Nn).

+
tagSize: number

The length in bytes of an AEAD authentication tag (Nt).

+

Methods

+
diff --git a/common/docs/interfaces/DhkemInterface.html b/common/docs/interfaces/DhkemInterface.html index 3225dec67..6a72690e2 100644 --- a/common/docs/interfaces/DhkemInterface.html +++ b/common/docs/interfaces/DhkemInterface.html @@ -1,5 +1,5 @@ DhkemInterface | @hpke/common

Interface DhkemInterface

The DHKEM interface.

-
interface DhkemInterface {
    encSize: number;
    id: KemId;
    kdf: KdfInterface;
    privateKeySize: number;
    publicKeySize: number;
    secretSize: number;
    decap(params: RecipientContextParams): Promise<ArrayBuffer>;
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    encap(params: SenderContextParams): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic?: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Properties

interface DhkemInterface {
    encSize: number;
    id: KemId;
    kdf: KdfInterface;
    privateKeySize: number;
    publicKeySize: number;
    secretSize: number;
    decap(params: RecipientContextParams): Promise<ArrayBuffer>;
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    encap(params: SenderContextParams): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic?: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Properties

encSize: number

The length in bytes of an encapsulated key produced by this KEM (Nenc).

-
id: KemId

The KEM identifier.

-
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

-
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

-
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

-

Methods

id: KemId

The KEM identifier.

+
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

+
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

+
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

+

Methods

  • Derives a key pair from the byte string ikm.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +

Returns Promise<CryptoKey>

A public or private CryptoKey.

+
diff --git a/common/docs/interfaces/DhkemPrimitives.html b/common/docs/interfaces/DhkemPrimitives.html index 56c39f0a4..ec2820fc6 100644 --- a/common/docs/interfaces/DhkemPrimitives.html +++ b/common/docs/interfaces/DhkemPrimitives.html @@ -1,4 +1,4 @@ -DhkemPrimitives | @hpke/common

Interface DhkemPrimitives

interface DhkemPrimitives {
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    derivePublicKey(key: CryptoKey): Promise<CryptoKey>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    dh(sk: CryptoKey, pk: CryptoKey): Promise<ArrayBuffer>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Implemented by

Methods

deriveKeyPair +DhkemPrimitives | @hpke/common

Interface DhkemPrimitives

interface DhkemPrimitives {
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    derivePublicKey(key: CryptoKey): Promise<CryptoKey>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    dh(sk: CryptoKey, pk: CryptoKey): Promise<ArrayBuffer>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Implemented by

Methods

  • Parameters

    • format: "raw" | "jwk"
    • key: ArrayBuffer | JsonWebKey
    • isPublic: boolean

    Returns Promise<CryptoKey>

+

Methods

  • Parameters

    • format: "raw" | "jwk"
    • key: ArrayBuffer | JsonWebKey
    • isPublic: boolean

    Returns Promise<CryptoKey>

diff --git a/common/docs/interfaces/JsonWebKeyExtended.html b/common/docs/interfaces/JsonWebKeyExtended.html index 47935ae40..5e3654cc2 100644 --- a/common/docs/interfaces/JsonWebKeyExtended.html +++ b/common/docs/interfaces/JsonWebKeyExtended.html @@ -2,7 +2,7 @@ which are not supported by the current JsonWebKey. Both of them are defined for the newly defined JSON WWb Key type AKP (Algorithm Key Pair), which is used to express Public and Private Keys for use with Algorithms.

-
interface JsonWebKeyExtended {
    alg?: string;
    crv?: string;
    d?: string;
    dp?: string;
    dq?: string;
    e?: string;
    ext?: boolean;
    k?: string;
    key_ops?: string[];
    kty?: string;
    n?: string;
    oth?: RsaOtherPrimesInfo[];
    p?: string;
    priv?: string;
    pub?: string;
    q?: string;
    qi?: string;
    use?: string;
    x?: string;
    y?: string;
}

Hierarchy

Properties

interface JsonWebKeyExtended {
    alg?: string;
    crv?: string;
    d?: string;
    dp?: string;
    dq?: string;
    e?: string;
    ext?: boolean;
    k?: string;
    key_ops?: string[];
    kty?: string;
    n?: string;
    oth?: RsaOtherPrimesInfo[];
    p?: string;
    priv?: string;
    pub?: string;
    q?: string;
    qi?: string;
    use?: string;
    x?: string;
    y?: string;
}

Hierarchy

  • JsonWebKey
    • JsonWebKeyExtended

Properties

alg? crv? d? dp? @@ -23,5 +23,5 @@ x? y?

Properties

alg?: string
crv?: string
d?: string
dp?: string
dq?: string
e?: string
ext?: boolean
k?: string
key_ops?: string[]
kty?: string
n?: string
oth?: RsaOtherPrimesInfo[]
p?: string
priv?: string

The private key in base64url encoding, which is used with the 'AKP' key type.

-
pub?: string

The public key in base64url encoding, which is used with the 'AKP' key type.

-
q?: string
qi?: string
use?: string
x?: string
y?: string
+
pub?: string

The public key in base64url encoding, which is used with the 'AKP' key type.

+
q?: string
qi?: string
use?: string
x?: string
y?: string
diff --git a/common/docs/interfaces/KdfInterface.html b/common/docs/interfaces/KdfInterface.html index f5df0be07..9b60b59de 100644 --- a/common/docs/interfaces/KdfInterface.html +++ b/common/docs/interfaces/KdfInterface.html @@ -1,5 +1,5 @@ KdfInterface | @hpke/common

Interface KdfInterface

The KDF interface.

-
interface KdfInterface {
    hashSize: number;
    id: KdfId;
    buildLabeledIkm(label: Uint8Array, ikm: Uint8Array): Uint8Array;
    buildLabeledInfo(label: Uint8Array, info: Uint8Array, len: number): Uint8Array;
    expand(prk: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    extract(salt: ArrayBuffer, ikm: ArrayBuffer): Promise<ArrayBuffer>;
    extractAndExpand(salt: ArrayBuffer, ikm: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    init(suiteId: Uint8Array): void;
    labeledExpand(prk: ArrayBuffer, label: Uint8Array, info: Uint8Array, len: number): Promise<ArrayBuffer>;
    labeledExtract(salt: ArrayBuffer, label: Uint8Array, ikm: Uint8Array): Promise<ArrayBuffer>;
}

Properties

interface KdfInterface {
    hashSize: number;
    id: KdfId;
    buildLabeledIkm(label: Uint8Array, ikm: Uint8Array): Uint8Array;
    buildLabeledInfo(label: Uint8Array, info: Uint8Array, len: number): Uint8Array;
    expand(prk: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    extract(salt: ArrayBuffer, ikm: ArrayBuffer): Promise<ArrayBuffer>;
    extractAndExpand(salt: ArrayBuffer, ikm: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    init(suiteId: Uint8Array): void;
    labeledExpand(prk: ArrayBuffer, label: Uint8Array, info: Uint8Array, len: number): Promise<ArrayBuffer>;
    labeledExtract(salt: ArrayBuffer, label: Uint8Array, ikm: Uint8Array): Promise<ArrayBuffer>;
}

Properties

hashSize: number

The output size of the extract() function in bytes (Nh).

-
id: KdfId

The KDF identifier.

-

Methods

id: KdfId

The KDF identifier.

+

Methods

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

  • Extracts a pseudorandom key with label.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key with label.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
+
diff --git a/common/docs/interfaces/KemInterface.html b/common/docs/interfaces/KemInterface.html index 612b7e0ad..f8d2ca5a3 100644 --- a/common/docs/interfaces/KemInterface.html +++ b/common/docs/interfaces/KemInterface.html @@ -1,5 +1,5 @@ KemInterface | @hpke/common

Interface KemInterface

The KEM interface.

-
interface KemInterface {
    encSize: number;
    id: KemId;
    privateKeySize: number;
    publicKeySize: number;
    secretSize: number;
    decap(params: RecipientContextParams): Promise<ArrayBuffer>;
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    encap(params: SenderContextParams): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic?: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Implemented by

Properties

interface KemInterface {
    encSize: number;
    id: KemId;
    privateKeySize: number;
    publicKeySize: number;
    secretSize: number;
    decap(params: RecipientContextParams): Promise<ArrayBuffer>;
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    encap(params: SenderContextParams): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic?: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Implemented by

Properties

encSize: number

The length in bytes of an encapsulated key produced by this KEM (Nenc).

-
id: KemId

The KEM identifier.

-
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

-
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

-
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

-

Methods

id: KemId

The KEM identifier.

+
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

+
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

+
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

+

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +

Returns Promise<CryptoKey>

A public or private CryptoKey.

+
diff --git a/common/docs/interfaces/KeyScheduleParams.html b/common/docs/interfaces/KeyScheduleParams.html index 10eec80b3..722b0b1b3 100644 --- a/common/docs/interfaces/KeyScheduleParams.html +++ b/common/docs/interfaces/KeyScheduleParams.html @@ -1,7 +1,7 @@ KeyScheduleParams | @hpke/common

Interface KeyScheduleParams

The common parameters used to setup the EncryptionContext.

-
interface KeyScheduleParams {
    info?: ArrayBuffer;
    psk?: PreSharedKey;
}

Hierarchy (view full)

Properties

interface KeyScheduleParams {
    info?: ArrayBuffer;
    psk?: PreSharedKey;
}

Hierarchy (view full)

Properties

Properties

info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

-

A pre-shared key (PSK) held by both the sender and recipient. +

A pre-shared key (PSK) held by both the sender and recipient. The PSK should have at least 32 bytes :and the maxmum length of the PSK is 128 bytes.

-
+
diff --git a/common/docs/interfaces/PreSharedKey.html b/common/docs/interfaces/PreSharedKey.html index a564f7a67..8b6108e04 100644 --- a/common/docs/interfaces/PreSharedKey.html +++ b/common/docs/interfaces/PreSharedKey.html @@ -1,6 +1,6 @@ PreSharedKey | @hpke/common

Interface PreSharedKey

The pre-shared key interface.

-
interface PreSharedKey {
    id: ArrayBuffer;
    key: ArrayBuffer;
}

Properties

id +
interface PreSharedKey {
    id: ArrayBuffer;
    key: ArrayBuffer;
}

Properties

Properties

id: ArrayBuffer

The key identifier.

-
key: ArrayBuffer

The body of the pre-shared key.

-
+
key: ArrayBuffer

The body of the pre-shared key.

+
diff --git a/common/docs/interfaces/RecipientContextParams.html b/common/docs/interfaces/RecipientContextParams.html index 8e23932c8..73feff394 100644 --- a/common/docs/interfaces/RecipientContextParams.html +++ b/common/docs/interfaces/RecipientContextParams.html @@ -1,13 +1,13 @@ RecipientContextParams | @hpke/common

Interface RecipientContextParams

The parameters used to setup the RecipientContext.

-
interface RecipientContextParams {
    enc: ArrayBuffer;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientKey: CryptoKeyPair | CryptoKey;
    senderPublicKey?: CryptoKey;
}

Hierarchy (view full)

Properties

enc +
interface RecipientContextParams {
    enc: ArrayBuffer;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientKey: CryptoKeyPair | CryptoKey;
    senderPublicKey?: CryptoKey;
}

Hierarchy (view full)

Properties

enc: ArrayBuffer

A byte string of the encapsulated key received from a sender.

-
info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

-

A pre-shared key (PSK) held by both the sender and recipient. +

info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

+

A pre-shared key (PSK) held by both the sender and recipient. The PSK should have at least 32 bytes :and the maxmum length of the PSK is 128 bytes.

-
recipientKey: CryptoKeyPair | CryptoKey

A recipient private key or a key pair.

-
senderPublicKey?: CryptoKey

A sender public key for Auth mode.

-
+
recipientKey: CryptoKeyPair | CryptoKey

A recipient private key or a key pair.

+
senderPublicKey?: CryptoKey

A sender public key for Auth mode.

+
diff --git a/common/docs/interfaces/SenderContextParams.html b/common/docs/interfaces/SenderContextParams.html index c86aed1f6..8eef9a293 100644 --- a/common/docs/interfaces/SenderContextParams.html +++ b/common/docs/interfaces/SenderContextParams.html @@ -1,13 +1,13 @@ SenderContextParams | @hpke/common

Interface SenderContextParams

The parameters used to setup the SenderContext.

-
interface SenderContextParams {
    ekm?: ArrayBuffer | CryptoKeyPair;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientPublicKey: CryptoKey;
    senderKey?: CryptoKeyPair | CryptoKey;
}

Hierarchy (view full)

Properties

interface SenderContextParams {
    ekm?: ArrayBuffer | CryptoKeyPair;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientPublicKey: CryptoKey;
    senderKey?: CryptoKeyPair | CryptoKey;
}

Hierarchy (view full)

Properties

ekm?: ArrayBuffer | CryptoKeyPair

DO NOT USE. FOR DEBUGGING/TESTING PURPOSES ONLY.

-
info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

-

A pre-shared key (PSK) held by both the sender and recipient. +

info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

+

A pre-shared key (PSK) held by both the sender and recipient. The PSK should have at least 32 bytes :and the maxmum length of the PSK is 128 bytes.

-
recipientPublicKey: CryptoKey

A recipient public key.

-
senderKey?: CryptoKeyPair | CryptoKey

A sender private key or a key pair for Auth mode.

-
+
recipientPublicKey: CryptoKey

A recipient public key.

+
senderKey?: CryptoKeyPair | CryptoKey

A sender private key or a key pair for Auth mode.

+
diff --git a/common/docs/types/AeadId.html b/common/docs/types/AeadId.html index 0b056df17..4d408afec 100644 --- a/common/docs/types/AeadId.html +++ b/common/docs/types/AeadId.html @@ -1,2 +1,2 @@ AeadId | @hpke/common

Type Alias AeadId

AeadId: typeof AeadId[keyof typeof AeadId]

The type alias of the supported AEAD identifiers.

-
+
diff --git a/common/docs/types/KdfId.html b/common/docs/types/KdfId.html index 01c6145e0..d0ef2a62e 100644 --- a/common/docs/types/KdfId.html +++ b/common/docs/types/KdfId.html @@ -1,2 +1,2 @@ KdfId | @hpke/common

Type Alias KdfId

KdfId: typeof KdfId[keyof typeof KdfId]

The type alias of the supported KDF identifiers.

-
+
diff --git a/common/docs/types/KemId.html b/common/docs/types/KemId.html index f908c50e0..95b882d06 100644 --- a/common/docs/types/KemId.html +++ b/common/docs/types/KemId.html @@ -1,2 +1,2 @@ KemId | @hpke/common

Type Alias KemId

KemId: typeof KemId[keyof typeof KemId]

The type alias of the supported KEM identifiers.

-
+
diff --git a/common/docs/types/Mode.html b/common/docs/types/Mode.html index 0639e70a3..457b61ec2 100644 --- a/common/docs/types/Mode.html +++ b/common/docs/types/Mode.html @@ -1,2 +1,2 @@ Mode | @hpke/common

Type Alias Mode

Mode: typeof Mode[keyof typeof Mode]

The type alias of the supported HPKE modes.

-
+
diff --git a/common/docs/variables/AEAD_USAGES.html b/common/docs/variables/AEAD_USAGES.html index 7adbe4a06..f5acb5ce8 100644 --- a/common/docs/variables/AEAD_USAGES.html +++ b/common/docs/variables/AEAD_USAGES.html @@ -1 +1 @@ -AEAD_USAGES | @hpke/common

Variable AEAD_USAGESConst

AEAD_USAGES: KeyUsage[] = ...
+AEAD_USAGES | @hpke/common

Variable AEAD_USAGESConst

AEAD_USAGES: KeyUsage[] = ...
diff --git a/common/docs/variables/AeadId-1.html b/common/docs/variables/AeadId-1.html index 8ec38dbc4..163bd32e2 100644 --- a/common/docs/variables/AeadId-1.html +++ b/common/docs/variables/AeadId-1.html @@ -1,2 +1,2 @@ AeadId | @hpke/common

Variable AeadIdConst

AeadId: {
    Aes128Gcm: 1;
    Aes256Gcm: 2;
    Chacha20Poly1305: 3;
    ExportOnly: 65535;
} = ...

The supported Authenticated Encryption with Associated Data (AEAD) identifiers.

-
+
diff --git a/common/docs/variables/EMPTY.html b/common/docs/variables/EMPTY.html index 6e8a84ada..be7f00fcc 100644 --- a/common/docs/variables/EMPTY.html +++ b/common/docs/variables/EMPTY.html @@ -1 +1 @@ -EMPTY | @hpke/common

Variable EMPTYConst

EMPTY: Uint8Array = ...
+EMPTY | @hpke/common

Variable EMPTYConst

EMPTY: Uint8Array = ...
diff --git a/common/docs/variables/INPUT_LENGTH_LIMIT.html b/common/docs/variables/INPUT_LENGTH_LIMIT.html index 11a2c8152..486081a28 100644 --- a/common/docs/variables/INPUT_LENGTH_LIMIT.html +++ b/common/docs/variables/INPUT_LENGTH_LIMIT.html @@ -1 +1 @@ -INPUT_LENGTH_LIMIT | @hpke/common

Variable INPUT_LENGTH_LIMITConst

INPUT_LENGTH_LIMIT = 8192
+INPUT_LENGTH_LIMIT | @hpke/common

Variable INPUT_LENGTH_LIMITConst

INPUT_LENGTH_LIMIT = 8192
diff --git a/common/docs/variables/KEM_USAGES.html b/common/docs/variables/KEM_USAGES.html index a46bf4d2e..2a744a7c5 100644 --- a/common/docs/variables/KEM_USAGES.html +++ b/common/docs/variables/KEM_USAGES.html @@ -1 +1 @@ -KEM_USAGES | @hpke/common

Variable KEM_USAGESConst

KEM_USAGES: KeyUsage[] = ...
+KEM_USAGES | @hpke/common

Variable KEM_USAGESConst

KEM_USAGES: KeyUsage[] = ...
diff --git a/common/docs/variables/KdfId-1.html b/common/docs/variables/KdfId-1.html index eb83fd185..ad7a83e9e 100644 --- a/common/docs/variables/KdfId-1.html +++ b/common/docs/variables/KdfId-1.html @@ -1,2 +1,2 @@ KdfId | @hpke/common

Variable KdfIdConst

KdfId: {
    HkdfSha256: 1;
    HkdfSha384: 2;
    HkdfSha512: 3;
} = ...

The supported Key Derivation Function (KDF) identifiers.

-
+
diff --git a/common/docs/variables/KemId-1.html b/common/docs/variables/KemId-1.html index c00534d9e..589fd6b77 100644 --- a/common/docs/variables/KemId-1.html +++ b/common/docs/variables/KemId-1.html @@ -1,2 +1,2 @@ KemId | @hpke/common

Variable KemIdConst

KemId: {
    DhkemP256HkdfSha256: 16;
    DhkemP384HkdfSha384: 17;
    DhkemP521HkdfSha512: 18;
    DhkemSecp256k1HkdfSha256: 19;
    DhkemX25519HkdfSha256: 32;
    DhkemX448HkdfSha512: 33;
    HybridkemX25519Kyber768: 48;
    MlKem1024: 66;
    MlKem512: 64;
    MlKem768: 65;
    NotAssigned: 0;
    XWing: 25722;
} = ...

The supported Key Encapsulation Mechanism (KEM) identifiers.

-
+
diff --git a/common/docs/variables/LABEL_DKP_PRK.html b/common/docs/variables/LABEL_DKP_PRK.html index 23b524875..8d717acef 100644 --- a/common/docs/variables/LABEL_DKP_PRK.html +++ b/common/docs/variables/LABEL_DKP_PRK.html @@ -1 +1 @@ -LABEL_DKP_PRK | @hpke/common

Variable LABEL_DKP_PRKConst

LABEL_DKP_PRK: Uint8Array = ...
+LABEL_DKP_PRK | @hpke/common

Variable LABEL_DKP_PRKConst

LABEL_DKP_PRK: Uint8Array = ...
diff --git a/common/docs/variables/LABEL_SK.html b/common/docs/variables/LABEL_SK.html index cb01ce00c..8f01b102b 100644 --- a/common/docs/variables/LABEL_SK.html +++ b/common/docs/variables/LABEL_SK.html @@ -1 +1 @@ -LABEL_SK | @hpke/common

Variable LABEL_SKConst

LABEL_SK: Uint8Array = ...
+LABEL_SK | @hpke/common

Variable LABEL_SKConst

LABEL_SK: Uint8Array = ...
diff --git a/common/docs/variables/MINIMUM_PSK_LENGTH.html b/common/docs/variables/MINIMUM_PSK_LENGTH.html index de5835cf8..7101eff06 100644 --- a/common/docs/variables/MINIMUM_PSK_LENGTH.html +++ b/common/docs/variables/MINIMUM_PSK_LENGTH.html @@ -1 +1 @@ -MINIMUM_PSK_LENGTH | @hpke/common

Variable MINIMUM_PSK_LENGTHConst

MINIMUM_PSK_LENGTH = 32
+MINIMUM_PSK_LENGTH | @hpke/common

Variable MINIMUM_PSK_LENGTHConst

MINIMUM_PSK_LENGTH = 32
diff --git a/common/docs/variables/Mode-1.html b/common/docs/variables/Mode-1.html index ee1b433b1..7610dfa93 100644 --- a/common/docs/variables/Mode-1.html +++ b/common/docs/variables/Mode-1.html @@ -1,2 +1,2 @@ Mode | @hpke/common

Variable ModeConst

Mode: {
    Auth: 2;
    AuthPsk: 3;
    Base: 0;
    Psk: 1;
} = ...

The supported HPKE modes.

-
+
diff --git a/common/docs/variables/SUITE_ID_HEADER_KEM.html b/common/docs/variables/SUITE_ID_HEADER_KEM.html index 4a85a175c..506b4aab8 100644 --- a/common/docs/variables/SUITE_ID_HEADER_KEM.html +++ b/common/docs/variables/SUITE_ID_HEADER_KEM.html @@ -1 +1 @@ -SUITE_ID_HEADER_KEM | @hpke/common

Variable SUITE_ID_HEADER_KEMConst

SUITE_ID_HEADER_KEM: Uint8Array = ...
+SUITE_ID_HEADER_KEM | @hpke/common

Variable SUITE_ID_HEADER_KEMConst

SUITE_ID_HEADER_KEM: Uint8Array = ...
diff --git a/core/docs/classes/Aes128Gcm.html b/core/docs/classes/Aes128Gcm.html index 804a67877..a790c4240 100644 --- a/core/docs/classes/Aes128Gcm.html +++ b/core/docs/classes/Aes128Gcm.html @@ -4,17 +4,17 @@
import {
Aes128Gcm,
CipherSuite,
DhkemP256HkdfSha256,
HkdfSha256,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP256HkdfSha256(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
});
-

Hierarchy (view full)

Implements

Constructors

Hierarchy (view full)

Implements

Constructors

Properties

id: AeadId = AeadId.Aes128Gcm

AeadId.Aes128Gcm (0x0001)

-
keySize: number = 16

16

-
nonceSize: number = 12

12

-
tagSize: number = 16

16

-

Methods

keySize: number = 16

16

+
nonceSize: number = 12

12

+
tagSize: number = 16

16

+

Methods

+
diff --git a/core/docs/classes/Aes256Gcm.html b/core/docs/classes/Aes256Gcm.html index 924bb8a4d..1a0d2f35b 100644 --- a/core/docs/classes/Aes256Gcm.html +++ b/core/docs/classes/Aes256Gcm.html @@ -5,17 +5,17 @@
import {
Aes256Gcm,
CipherSuite,
DhkemP256HkdfSha256,
HkdfSha256,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP256HkdfSha256(),
kdf: new HkdfSha256(),
aead: new Aes256Gcm(),
});
-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

id: AeadId = AeadId.Aes256Gcm

AeadId.Aes256Gcm (0x0002)

-
keySize: number = 32

32

-
nonceSize: number = 12

12

-
tagSize: number = 16

16

-

Methods

keySize: number = 32

32

+
nonceSize: number = 12

12

+
tagSize: number = 16

16

+

Methods

+
diff --git a/core/docs/classes/CipherSuite.html b/core/docs/classes/CipherSuite.html index f33b25979..702905b9a 100644 --- a/core/docs/classes/CipherSuite.html +++ b/core/docs/classes/CipherSuite.html @@ -39,7 +39,7 @@
import { Aes128Gcm, HkdfSha256, CipherSuite } from "@hpke/core";
import { DhkemX25519HkdfSha256 } from "@hpke/dhkem-x25519";
const suite = new CipherSuite({
kem: new DhkemX25519HkdfSha256(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Accessors

aead @@ -53,32 +53,32 @@

Constructors

Properties

_api: SubtleCrypto = undefined

Accessors

Methods

Properties

_api: SubtleCrypto = undefined

Accessors

Methods

  • Decrypts a message from a sender.

    +
  • Decrypts a message from a sender.

    If the error occurred, throws DecapError | DeserializeError | OpenError | ValidationError.

    Parameters

    • params: RecipientContextParams

      A set of parameters for building a recipient encryption context.

    • ct: ArrayBuffer

      An encrypted text as bytes to be decrypted.

    • aad: ArrayBuffer = EMPTY

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A decrypted plain text as bytes.

+
diff --git a/core/docs/classes/DecapError.html b/core/docs/classes/DecapError.html index b691e0568..4f755d42a 100644 --- a/core/docs/classes/DecapError.html +++ b/core/docs/classes/DecapError.html @@ -1,7 +1,7 @@ DecapError | @hpke/core

Class DecapError

decap() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/DeriveKeyPairError.html b/core/docs/classes/DeriveKeyPairError.html index afa0a42c3..5e784896a 100644 --- a/core/docs/classes/DeriveKeyPairError.html +++ b/core/docs/classes/DeriveKeyPairError.html @@ -1,7 +1,7 @@ DeriveKeyPairError | @hpke/core

Class DeriveKeyPairError

Key pair derivation failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/DeserializeError.html b/core/docs/classes/DeserializeError.html index b50783a44..865136201 100644 --- a/core/docs/classes/DeserializeError.html +++ b/core/docs/classes/DeserializeError.html @@ -1,7 +1,7 @@ DeserializeError | @hpke/core

Class DeserializeError

Public or private key deserialization failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/DhkemP256HkdfSha256.html b/core/docs/classes/DhkemP256HkdfSha256.html index ea7fa68e0..a09c74d6f 100644 --- a/core/docs/classes/DhkemP256HkdfSha256.html +++ b/core/docs/classes/DhkemP256HkdfSha256.html @@ -5,7 +5,7 @@
import {
Aes128Gcm,
CipherSuite,
DhkemP256HkdfSha256,
HkdfSha256,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP256HkdfSha256(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 65
id: KemId = KemId.DhkemP256HkdfSha256
privateKeySize: number = 32
publicKeySize: number = 65
secretSize: number = 32

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 65
id: KemId = KemId.DhkemP256HkdfSha256
privateKeySize: number = 32
publicKeySize: number = 65
secretSize: number = 32

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Generates an ephemeral, fixed-length symmetric key and +

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Generates a key pair.

    +
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -65,14 +65,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

+
diff --git a/core/docs/classes/DhkemP384HkdfSha384.html b/core/docs/classes/DhkemP384HkdfSha384.html index 778bcb22a..32a9257aa 100644 --- a/core/docs/classes/DhkemP384HkdfSha384.html +++ b/core/docs/classes/DhkemP384HkdfSha384.html @@ -5,7 +5,7 @@
import {
Aes128Gcm,
CipherSuite,
DhkemP384HkdfSha384,
HkdfSha384,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP384HkdfSha384(),
kdf: new HkdfSha384(),
aead: new Aes128Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 97
id: KemId = KemId.DhkemP384HkdfSha384
privateKeySize: number = 48
publicKeySize: number = 97
secretSize: number = 48

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 97
id: KemId = KemId.DhkemP384HkdfSha384
privateKeySize: number = 48
publicKeySize: number = 97
secretSize: number = 48

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Generates an ephemeral, fixed-length symmetric key and +

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Generates a key pair.

    +
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -65,14 +65,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

+
diff --git a/core/docs/classes/DhkemP521HkdfSha512.html b/core/docs/classes/DhkemP521HkdfSha512.html index c2f1c907d..b7c5c386e 100644 --- a/core/docs/classes/DhkemP521HkdfSha512.html +++ b/core/docs/classes/DhkemP521HkdfSha512.html @@ -5,7 +5,7 @@
import {
Aes256Gcm,
CipherSuite,
DhkemP521HkdfSha512,
HkdfSha512,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP521HkdfSha512(),
kdf: new HkdfSha512(),
aead: new Aes256Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 133
id: KemId = KemId.DhkemP521HkdfSha512
privateKeySize: number = 64
publicKeySize: number = 133
secretSize: number = 64

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 133
id: KemId = KemId.DhkemP521HkdfSha512
privateKeySize: number = 64
publicKeySize: number = 133
secretSize: number = 64

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Generates an ephemeral, fixed-length symmetric key and +

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Generates a key pair.

    +
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -65,14 +65,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

+
diff --git a/core/docs/classes/DhkemX25519HkdfSha256.html b/core/docs/classes/DhkemX25519HkdfSha256.html index c92eab49e..02049507c 100644 --- a/core/docs/classes/DhkemX25519HkdfSha256.html +++ b/core/docs/classes/DhkemX25519HkdfSha256.html @@ -4,7 +4,7 @@
import {
Aes128Gcm,
CipherSuite,
HkdfSha256,
DhkemX25519HkdfSha256,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemX25519HkdfSha256(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 32

32

-
id: KemId = KemId.DhkemX25519HkdfSha256

KemId.DhkemX25519HkdfSha256 (0x0020)

-
privateKeySize: number = 32

32

-
publicKeySize: number = 32

32

-
secretSize: number = 32

32

-

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 32

32

+
id: KemId = KemId.DhkemX25519HkdfSha256

KemId.DhkemX25519HkdfSha256 (0x0020)

+
privateKeySize: number = 32

32

+
publicKeySize: number = 32

32

+
secretSize: number = 32

32

+

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Generates an ephemeral, fixed-length symmetric key and +

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -69,14 +69,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

+
diff --git a/core/docs/classes/DhkemX448HkdfSha512.html b/core/docs/classes/DhkemX448HkdfSha512.html index b72d00485..a76f0149b 100644 --- a/core/docs/classes/DhkemX448HkdfSha512.html +++ b/core/docs/classes/DhkemX448HkdfSha512.html @@ -4,7 +4,7 @@
import {
Aes256Gcm,
CipherSuite,
HkdfSha512,
DhkemX448HkdfSha512,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemX448HkdfSha512(),
kdf: new HkdfSha512(),
aead: new Aes256Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 56

56

-
id: KemId = KemId.DhkemX448HkdfSha512

KemId.DhkemX448HkdfSha512 (0x0021)

-
privateKeySize: number = 56

56

-
publicKeySize: number = 56

56

-
secretSize: number = 64

64

-

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_prim: DhkemPrimitives
encSize: number = 56

56

+
id: KemId = KemId.DhkemX448HkdfSha512

KemId.DhkemX448HkdfSha512 (0x0021)

+
privateKeySize: number = 56

56

+
publicKeySize: number = 56

56

+
secretSize: number = 64

64

+

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

  • Generates an ephemeral, fixed-length symmetric key and +

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -69,14 +69,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

+
diff --git a/core/docs/classes/EncapError.html b/core/docs/classes/EncapError.html index 3184b38a2..3f13d0ae5 100644 --- a/core/docs/classes/EncapError.html +++ b/core/docs/classes/EncapError.html @@ -1,7 +1,7 @@ EncapError | @hpke/core

Class EncapError

encap() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/ExportError.html b/core/docs/classes/ExportError.html index 392ea09c1..8465383a3 100644 --- a/core/docs/classes/ExportError.html +++ b/core/docs/classes/ExportError.html @@ -1,7 +1,7 @@ ExportError | @hpke/core

Class ExportError

Secret export failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/ExportOnly.html b/core/docs/classes/ExportOnly.html index 84e8f2f2b..0b07c379f 100644 --- a/core/docs/classes/ExportOnly.html +++ b/core/docs/classes/ExportOnly.html @@ -5,16 +5,16 @@
import {
CipherSuite,
DhkemP256HkdfSha256,
ExportOnly,
HkdfSha256,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP256HkdfSha256(),
kdf: new HkdfSha256(),
aead: new ExportOnly(),
});
-

Implements

Constructors

Implements

Constructors

Properties

id: AeadId = AeadId.ExportOnly

The KDF identifier.

-
keySize: number = 0

The length in bytes of an AEAD key (Nk).

-
nonceSize: number = 0

The length in bytes of an AEAD nonce (Nn).

-
tagSize: number = 0

The length in bytes of an AEAD authentication tag (Nt).

-

Methods

keySize: number = 0

The length in bytes of an AEAD key (Nk).

+
nonceSize: number = 0

The length in bytes of an AEAD nonce (Nn).

+
tagSize: number = 0

The length in bytes of an AEAD authentication tag (Nt).

+

Methods

+
diff --git a/core/docs/classes/HkdfSha256.html b/core/docs/classes/HkdfSha256.html index 129c2954d..d6ac6fb5b 100644 --- a/core/docs/classes/HkdfSha256.html +++ b/core/docs/classes/HkdfSha256.html @@ -7,7 +7,7 @@
import {
Aes128Gcm,
CipherSuite,
DhkemP256HkdfSha256,
HkdfSha256,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP256HkdfSha256(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

-
hashSize: number = 32

32

-
id: KdfId = KdfId.HkdfSha256

KdfId.HkdfSha256 (0x0001)

-

Methods

  • Builds a labeled input keying material.

    +

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

+
hashSize: number = 32

32

+
id: KdfId = KdfId.HkdfSha256

KdfId.HkdfSha256 (0x0001)

+

Methods

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    +
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    +
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    +
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    +
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

  • Extracts a pseudorandom key with label.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key with label.

    +
  • Extracts a pseudorandom key with label.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
+
diff --git a/core/docs/classes/HkdfSha384.html b/core/docs/classes/HkdfSha384.html index d03ce3870..a3bb64b47 100644 --- a/core/docs/classes/HkdfSha384.html +++ b/core/docs/classes/HkdfSha384.html @@ -7,7 +7,7 @@
import {
Aes128Gcm,
CipherSuite,
DhkemP384HkdfSha384,
HkdfSha384,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP384HkdfSha384(),
kdf: new HkdfSha384(),
aead: new Aes128Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

-
hashSize: number = 48

48

-
id: KdfId = KdfId.HkdfSha384

KdfId.HkdfSha384 (0x0002)

-

Methods

  • Builds a labeled input keying material.

    +

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

+
hashSize: number = 48

48

+
id: KdfId = KdfId.HkdfSha384

KdfId.HkdfSha384 (0x0002)

+

Methods

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    +
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    +
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    +
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    +
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

  • Extracts a pseudorandom key with label.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key with label.

    +
  • Extracts a pseudorandom key with label.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
+
diff --git a/core/docs/classes/HkdfSha512.html b/core/docs/classes/HkdfSha512.html index 5a6beba04..562a0f54e 100644 --- a/core/docs/classes/HkdfSha512.html +++ b/core/docs/classes/HkdfSha512.html @@ -7,7 +7,7 @@
import {
Aes256Gcm,
CipherSuite,
DhkemP521HkdfSha512,
HkdfSha512,
} from "@hpke/core";

const suite = new CipherSuite({
kem: new DhkemP521HkdfSha512(),
kdf: new HkdfSha512(),
aead: new Aes256Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

-
hashSize: number = 64

64

-
id: KdfId = KdfId.HkdfSha512

KdfId.HkdfSha512 (0x0003)

-

Methods

  • Builds a labeled input keying material.

    +

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

+
hashSize: number = 64

64

+
id: KdfId = KdfId.HkdfSha512

KdfId.HkdfSha512 (0x0003)

+

Methods

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    +
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    +
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    +
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    +
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

  • Extracts a pseudorandom key with label.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key with label.

    +
  • Extracts a pseudorandom key with label.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
+
diff --git a/core/docs/classes/HpkeError.html b/core/docs/classes/HpkeError.html index 724865af5..b27c9dbdc 100644 --- a/core/docs/classes/HpkeError.html +++ b/core/docs/classes/HpkeError.html @@ -1,7 +1,7 @@ HpkeError | @hpke/core

Class HpkeError

The base error class of hpke-js.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/InvalidParamError.html b/core/docs/classes/InvalidParamError.html index 68c5ba8bb..f8b2612e7 100644 --- a/core/docs/classes/InvalidParamError.html +++ b/core/docs/classes/InvalidParamError.html @@ -1,7 +1,7 @@ InvalidParamError | @hpke/core

Class InvalidParamError

Invalid parameter.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/MessageLimitReachedError.html b/core/docs/classes/MessageLimitReachedError.html index c1ea0b1b5..0ac4cec44 100644 --- a/core/docs/classes/MessageLimitReachedError.html +++ b/core/docs/classes/MessageLimitReachedError.html @@ -1,7 +1,7 @@ MessageLimitReachedError | @hpke/core

Class MessageLimitReachedError

Sequence number overflow on the encryption context.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/NotSupportedError.html b/core/docs/classes/NotSupportedError.html index 4c449bbc8..571dd9715 100644 --- a/core/docs/classes/NotSupportedError.html +++ b/core/docs/classes/NotSupportedError.html @@ -1,7 +1,7 @@ NotSupportedError | @hpke/core

Class NotSupportedError

Not supported failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/OpenError.html b/core/docs/classes/OpenError.html index 3b08cdd50..f088fe726 100644 --- a/core/docs/classes/OpenError.html +++ b/core/docs/classes/OpenError.html @@ -1,7 +1,7 @@ OpenError | @hpke/core

Class OpenError

open() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/SealError.html b/core/docs/classes/SealError.html index 0c777872c..c49d448a7 100644 --- a/core/docs/classes/SealError.html +++ b/core/docs/classes/SealError.html @@ -1,7 +1,7 @@ SealError | @hpke/core

Class SealError

seal() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/SerializeError.html b/core/docs/classes/SerializeError.html index 70b71150e..fc4e7c7ec 100644 --- a/core/docs/classes/SerializeError.html +++ b/core/docs/classes/SerializeError.html @@ -1,7 +1,7 @@ SerializeError | @hpke/core

Class SerializeError

Public or private key serialization failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/classes/ValidationError.html b/core/docs/classes/ValidationError.html index d54fbd9b2..652166d7c 100644 --- a/core/docs/classes/ValidationError.html +++ b/core/docs/classes/ValidationError.html @@ -1,7 +1,7 @@ ValidationError | @hpke/core

Class ValidationError

KEM input or output validation failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/core/docs/interfaces/AeadEncryptionContext.html b/core/docs/interfaces/AeadEncryptionContext.html index eaa953f12..ba28144bf 100644 --- a/core/docs/interfaces/AeadEncryptionContext.html +++ b/core/docs/interfaces/AeadEncryptionContext.html @@ -1,14 +1,14 @@ AeadEncryptionContext | @hpke/core

Interface AeadEncryptionContext

The AEAD encryption context interface.

-
interface AeadEncryptionContext {
    open(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
    seal(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
}

Methods

interface AeadEncryptionContext {
    open(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
    seal(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
}

Methods

Methods

  • Decrypts data with an initialization vector and additional authenticated data.

    Parameters

    • iv: ArrayBuffer

      An initialization vector.

    • data: ArrayBuffer

      A plain text as bytes to be encrypted.

    • aad: ArrayBuffer

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A decrypted plain text as bytes.

    -
  • Encrypts data with an initialization vector and additional authenticated data.

    Parameters

    • iv: ArrayBuffer

      An initialization vector.

    • data: ArrayBuffer

      A plain text as bytes to be encrypted.

    • aad: ArrayBuffer

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A cipher text as bytes.

    -
+
diff --git a/core/docs/interfaces/AeadInterface.html b/core/docs/interfaces/AeadInterface.html index 866ea85d2..3004272ca 100644 --- a/core/docs/interfaces/AeadInterface.html +++ b/core/docs/interfaces/AeadInterface.html @@ -1,14 +1,14 @@ AeadInterface | @hpke/core

Interface AeadInterface

The AEAD interface.

-
interface AeadInterface {
    id: AeadId;
    keySize: number;
    nonceSize: number;
    tagSize: number;
    createEncryptionContext(key: ArrayBuffer): AeadEncryptionContext;
}

Implemented by

Properties

id +
interface AeadInterface {
    id: AeadId;
    keySize: number;
    nonceSize: number;
    tagSize: number;
    createEncryptionContext(key: ArrayBuffer): AeadEncryptionContext;
}

Implemented by

Properties

id: AeadId

The KDF identifier.

-
keySize: number

The length in bytes of an AEAD key (Nk).

-
nonceSize: number

The length in bytes of an AEAD nonce (Nn).

-
tagSize: number

The length in bytes of an AEAD authentication tag (Nt).

-

Methods

keySize: number

The length in bytes of an AEAD key (Nk).

+
nonceSize: number

The length in bytes of an AEAD nonce (Nn).

+
tagSize: number

The length in bytes of an AEAD authentication tag (Nt).

+

Methods

+
diff --git a/core/docs/interfaces/CipherSuiteParams.html b/core/docs/interfaces/CipherSuiteParams.html index a34d43e19..576dbee02 100644 --- a/core/docs/interfaces/CipherSuiteParams.html +++ b/core/docs/interfaces/CipherSuiteParams.html @@ -1,8 +1,8 @@ CipherSuiteParams | @hpke/core

Interface CipherSuiteParams

The parameters used to configure the CipherSuite.

-
interface CipherSuiteParams {
    aead: AeadId | AeadInterface;
    kdf: KdfId | KdfInterface;
    kem: KemId | KemInterface;
}

Properties

interface CipherSuiteParams {
    aead: AeadId | AeadInterface;
    kdf: KdfId | KdfInterface;
    kem: KemId | KemInterface;
}

Properties

Properties

The AEAD (Authenticated Encryption with Addtional Data) identifier or the AEAD object.

-

The KDF (Key Derivation Function) identifier or the KDF object.

-

The KEM (Key Encapsulation Mechanism) identifier or the KEM object.

-
+
kdf: KdfId | KdfInterface

The KDF (Key Derivation Function) identifier or the KDF object.

+
kem: KemId | KemInterface

The KEM (Key Encapsulation Mechanism) identifier or the KEM object.

+
diff --git a/core/docs/interfaces/CipherSuiteSealResponse.html b/core/docs/interfaces/CipherSuiteSealResponse.html index bbc6de67d..ac17e5711 100644 --- a/core/docs/interfaces/CipherSuiteSealResponse.html +++ b/core/docs/interfaces/CipherSuiteSealResponse.html @@ -1,6 +1,6 @@ CipherSuiteSealResponse | @hpke/core

Interface CipherSuiteSealResponse

The response of the single-shot seal API.

-
interface CipherSuiteSealResponse {
    ct: ArrayBuffer;
    enc: ArrayBuffer;
}

Properties

ct +
interface CipherSuiteSealResponse {
    ct: ArrayBuffer;
    enc: ArrayBuffer;
}

Properties

Properties

ct: ArrayBuffer

The ciphertext as bytes.

-
enc: ArrayBuffer

The encapsulated key.

-
+
enc: ArrayBuffer

The encapsulated key.

+
diff --git a/core/docs/interfaces/EncryptionContext.html b/core/docs/interfaces/EncryptionContext.html index a9982acd3..8a2f64327 100644 --- a/core/docs/interfaces/EncryptionContext.html +++ b/core/docs/interfaces/EncryptionContext.html @@ -1,5 +1,5 @@ EncryptionContext | @hpke/core

Interface EncryptionContext

The encryption context interface for a recipient and a sender.

-
interface EncryptionContext {
    export(exporterContext: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    open(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
    seal(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Methods

interface EncryptionContext {
    export(exporterContext: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    open(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
    seal(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Methods

Methods

  • Exports a secret using a variable-length pseudorandom function.

    @@ -8,16 +8,16 @@
  • len: number

    A desired length in bytes of the output secret.

Returns Promise<ArrayBuffer>

A secret string as bytes.

ExportError

-
  • Decrypts data.

    +
+
diff --git a/core/docs/interfaces/JsonWebKeyExtended.html b/core/docs/interfaces/JsonWebKeyExtended.html index 9a320a4cb..885d59809 100644 --- a/core/docs/interfaces/JsonWebKeyExtended.html +++ b/core/docs/interfaces/JsonWebKeyExtended.html @@ -2,7 +2,7 @@ which are not supported by the current JsonWebKey. Both of them are defined for the newly defined JSON WWb Key type AKP (Algorithm Key Pair), which is used to express Public and Private Keys for use with Algorithms.

-
interface JsonWebKeyExtended {
    alg?: string;
    crv?: string;
    d?: string;
    dp?: string;
    dq?: string;
    e?: string;
    ext?: boolean;
    k?: string;
    key_ops?: string[];
    kty?: string;
    n?: string;
    oth?: RsaOtherPrimesInfo[];
    p?: string;
    priv?: string;
    pub?: string;
    q?: string;
    qi?: string;
    use?: string;
    x?: string;
    y?: string;
}

Hierarchy

Properties

interface JsonWebKeyExtended {
    alg?: string;
    crv?: string;
    d?: string;
    dp?: string;
    dq?: string;
    e?: string;
    ext?: boolean;
    k?: string;
    key_ops?: string[];
    kty?: string;
    n?: string;
    oth?: RsaOtherPrimesInfo[];
    p?: string;
    priv?: string;
    pub?: string;
    q?: string;
    qi?: string;
    use?: string;
    x?: string;
    y?: string;
}

Hierarchy

  • JsonWebKey
    • JsonWebKeyExtended

Properties

alg? crv? d? dp? @@ -23,5 +23,5 @@ x? y?

Properties

alg?: string
crv?: string
d?: string
dp?: string
dq?: string
e?: string
ext?: boolean
k?: string
key_ops?: string[]
kty?: string
n?: string
oth?: RsaOtherPrimesInfo[]
p?: string
priv?: string

The private key in base64url encoding, which is used with the 'AKP' key type.

-
pub?: string

The public key in base64url encoding, which is used with the 'AKP' key type.

-
q?: string
qi?: string
use?: string
x?: string
y?: string
+
pub?: string

The public key in base64url encoding, which is used with the 'AKP' key type.

+
q?: string
qi?: string
use?: string
x?: string
y?: string
diff --git a/core/docs/interfaces/KdfInterface.html b/core/docs/interfaces/KdfInterface.html index 80f3f524d..8ff49de7f 100644 --- a/core/docs/interfaces/KdfInterface.html +++ b/core/docs/interfaces/KdfInterface.html @@ -1,5 +1,5 @@ KdfInterface | @hpke/core

Interface KdfInterface

The KDF interface.

-
interface KdfInterface {
    hashSize: number;
    id: KdfId;
    buildLabeledIkm(label: Uint8Array, ikm: Uint8Array): Uint8Array;
    buildLabeledInfo(label: Uint8Array, info: Uint8Array, len: number): Uint8Array;
    expand(prk: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    extract(salt: ArrayBuffer, ikm: ArrayBuffer): Promise<ArrayBuffer>;
    extractAndExpand(salt: ArrayBuffer, ikm: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    init(suiteId: Uint8Array): void;
    labeledExpand(prk: ArrayBuffer, label: Uint8Array, info: Uint8Array, len: number): Promise<ArrayBuffer>;
    labeledExtract(salt: ArrayBuffer, label: Uint8Array, ikm: Uint8Array): Promise<ArrayBuffer>;
}

Properties

interface KdfInterface {
    hashSize: number;
    id: KdfId;
    buildLabeledIkm(label: Uint8Array, ikm: Uint8Array): Uint8Array;
    buildLabeledInfo(label: Uint8Array, info: Uint8Array, len: number): Uint8Array;
    expand(prk: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    extract(salt: ArrayBuffer, ikm: ArrayBuffer): Promise<ArrayBuffer>;
    extractAndExpand(salt: ArrayBuffer, ikm: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    init(suiteId: Uint8Array): void;
    labeledExpand(prk: ArrayBuffer, label: Uint8Array, info: Uint8Array, len: number): Promise<ArrayBuffer>;
    labeledExtract(salt: ArrayBuffer, label: Uint8Array, ikm: Uint8Array): Promise<ArrayBuffer>;
}

Properties

hashSize: number

The output size of the extract() function in bytes (Nh).

-
id: KdfId

The KDF identifier.

-

Methods

id: KdfId

The KDF identifier.

+

Methods

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key with label.

    +

Returns void

  • Extracts a pseudorandom key with label.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key with label.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
+
diff --git a/core/docs/interfaces/KemInterface.html b/core/docs/interfaces/KemInterface.html index fd71a36e6..4fbc23925 100644 --- a/core/docs/interfaces/KemInterface.html +++ b/core/docs/interfaces/KemInterface.html @@ -1,5 +1,5 @@ KemInterface | @hpke/core

Interface KemInterface

The KEM interface.

-
interface KemInterface {
    encSize: number;
    id: KemId;
    privateKeySize: number;
    publicKeySize: number;
    secretSize: number;
    decap(params: RecipientContextParams): Promise<ArrayBuffer>;
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    encap(params: SenderContextParams): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic?: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Properties

interface KemInterface {
    encSize: number;
    id: KemId;
    privateKeySize: number;
    publicKeySize: number;
    secretSize: number;
    decap(params: RecipientContextParams): Promise<ArrayBuffer>;
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    encap(params: SenderContextParams): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic?: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Properties

encSize: number

The length in bytes of an encapsulated key produced by this KEM (Nenc).

-
id: KemId

The KEM identifier.

-
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

-
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

-
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

-

Methods

id: KemId

The KEM identifier.

+
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

+
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

+
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

+

Methods

  • Derives a key pair from the byte string ikm.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +

Returns Promise<CryptoKey>

A public or private CryptoKey.

+
diff --git a/core/docs/interfaces/PreSharedKey.html b/core/docs/interfaces/PreSharedKey.html index 5bf201c4a..abc638c61 100644 --- a/core/docs/interfaces/PreSharedKey.html +++ b/core/docs/interfaces/PreSharedKey.html @@ -1,6 +1,6 @@ PreSharedKey | @hpke/core

Interface PreSharedKey

The pre-shared key interface.

-
interface PreSharedKey {
    id: ArrayBuffer;
    key: ArrayBuffer;
}

Properties

id +
interface PreSharedKey {
    id: ArrayBuffer;
    key: ArrayBuffer;
}

Properties

Properties

id: ArrayBuffer

The key identifier.

-
key: ArrayBuffer

The body of the pre-shared key.

-
+
key: ArrayBuffer

The body of the pre-shared key.

+
diff --git a/core/docs/interfaces/RecipientContextParams.html b/core/docs/interfaces/RecipientContextParams.html index eb8c853a4..4559dd508 100644 --- a/core/docs/interfaces/RecipientContextParams.html +++ b/core/docs/interfaces/RecipientContextParams.html @@ -1,13 +1,13 @@ RecipientContextParams | @hpke/core

Interface RecipientContextParams

The parameters used to setup the RecipientContext.

-
interface RecipientContextParams {
    enc: ArrayBuffer;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientKey: CryptoKeyPair | CryptoKey;
    senderPublicKey?: CryptoKey;
}

Hierarchy

  • KeyScheduleParams
    • RecipientContextParams

Properties

enc +
interface RecipientContextParams {
    enc: ArrayBuffer;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientKey: CryptoKeyPair | CryptoKey;
    senderPublicKey?: CryptoKey;
}

Hierarchy

  • KeyScheduleParams
    • RecipientContextParams

Properties

enc: ArrayBuffer

A byte string of the encapsulated key received from a sender.

-
info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

-

A pre-shared key (PSK) held by both the sender and recipient. +

info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

+

A pre-shared key (PSK) held by both the sender and recipient. The PSK should have at least 32 bytes :and the maxmum length of the PSK is 128 bytes.

-
recipientKey: CryptoKeyPair | CryptoKey

A recipient private key or a key pair.

-
senderPublicKey?: CryptoKey

A sender public key for Auth mode.

-
+
recipientKey: CryptoKeyPair | CryptoKey

A recipient private key or a key pair.

+
senderPublicKey?: CryptoKey

A sender public key for Auth mode.

+
diff --git a/core/docs/interfaces/SenderContext.html b/core/docs/interfaces/SenderContext.html index b2536233e..f6272cdf4 100644 --- a/core/docs/interfaces/SenderContext.html +++ b/core/docs/interfaces/SenderContext.html @@ -1,25 +1,25 @@ SenderContext | @hpke/core

Interface SenderContext

The sender encryption context.

-
interface SenderContext {
    enc: ArrayBuffer;
    export(exporterContext: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    open(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
    seal(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Properties

enc +
interface SenderContext {
    enc: ArrayBuffer;
    export(exporterContext: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    open(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
    seal(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Properties

Methods

Properties

enc: ArrayBuffer

The encapsulated key generated by the sender.

-

Methods

Methods

  • Exports a secret using a variable-length pseudorandom function.

    If the error occurred, throws ExportError.

    Parameters

    • exporterContext: ArrayBuffer

      An exporter context string as bytes. The maximum length is 128 bytes.

    • len: number

      A desired length in bytes of the output secret.

    Returns Promise<ArrayBuffer>

    A secret string as bytes.

    ExportError

    -
  • Decrypts data.

    +
  • Decrypts data.

    If the error occurred, throws OpenError.

    Parameters

    • data: ArrayBuffer

      An encrypted text as bytes to be decrypted.

    • Optionalaad: ArrayBuffer

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A decrypted plain text as bytes.

    OpenError

    -
  • Encrypts data.

    +
+
diff --git a/core/docs/interfaces/SenderContextParams.html b/core/docs/interfaces/SenderContextParams.html index cea08cc17..3402c8b78 100644 --- a/core/docs/interfaces/SenderContextParams.html +++ b/core/docs/interfaces/SenderContextParams.html @@ -1,13 +1,13 @@ SenderContextParams | @hpke/core

Interface SenderContextParams

The parameters used to setup the SenderContext.

-
interface SenderContextParams {
    ekm?: ArrayBuffer | CryptoKeyPair;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientPublicKey: CryptoKey;
    senderKey?: CryptoKeyPair | CryptoKey;
}

Hierarchy

  • KeyScheduleParams
    • SenderContextParams

Properties

interface SenderContextParams {
    ekm?: ArrayBuffer | CryptoKeyPair;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientPublicKey: CryptoKey;
    senderKey?: CryptoKeyPair | CryptoKey;
}

Hierarchy

  • KeyScheduleParams
    • SenderContextParams

Properties

ekm?: ArrayBuffer | CryptoKeyPair

DO NOT USE. FOR DEBUGGING/TESTING PURPOSES ONLY.

-
info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

-

A pre-shared key (PSK) held by both the sender and recipient. +

info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

+

A pre-shared key (PSK) held by both the sender and recipient. The PSK should have at least 32 bytes :and the maxmum length of the PSK is 128 bytes.

-
recipientPublicKey: CryptoKey

A recipient public key.

-
senderKey?: CryptoKeyPair | CryptoKey

A sender private key or a key pair for Auth mode.

-
+
recipientPublicKey: CryptoKey

A recipient public key.

+
senderKey?: CryptoKeyPair | CryptoKey

A sender private key or a key pair for Auth mode.

+
diff --git a/core/docs/types/AeadId.html b/core/docs/types/AeadId.html index 1e4d64138..9393ae772 100644 --- a/core/docs/types/AeadId.html +++ b/core/docs/types/AeadId.html @@ -1,2 +1,2 @@ AeadId | @hpke/core

Type Alias AeadId

AeadId: typeof AeadId[keyof typeof AeadId]

The type alias of the supported AEAD identifiers.

-
+
diff --git a/core/docs/types/KdfId.html b/core/docs/types/KdfId.html index 2c10ab28c..194407132 100644 --- a/core/docs/types/KdfId.html +++ b/core/docs/types/KdfId.html @@ -1,2 +1,2 @@ KdfId | @hpke/core

Type Alias KdfId

KdfId: typeof KdfId[keyof typeof KdfId]

The type alias of the supported KDF identifiers.

-
+
diff --git a/core/docs/types/KemId.html b/core/docs/types/KemId.html index 601373a9a..f5b04ec19 100644 --- a/core/docs/types/KemId.html +++ b/core/docs/types/KemId.html @@ -1,2 +1,2 @@ KemId | @hpke/core

Type Alias KemId

KemId: typeof KemId[keyof typeof KemId]

The type alias of the supported KEM identifiers.

-
+
diff --git a/core/docs/types/RecipientContext.html b/core/docs/types/RecipientContext.html index e16e70398..a3801374b 100644 --- a/core/docs/types/RecipientContext.html +++ b/core/docs/types/RecipientContext.html @@ -1,2 +1,2 @@ RecipientContext | @hpke/core

Type Alias RecipientContext

RecipientContext: EncryptionContext

The recipient encryption context.

-
+
diff --git a/core/docs/variables/AeadId-1.html b/core/docs/variables/AeadId-1.html index f2feb6790..b70b0c876 100644 --- a/core/docs/variables/AeadId-1.html +++ b/core/docs/variables/AeadId-1.html @@ -1,2 +1,2 @@ AeadId | @hpke/core

Variable AeadIdConst

AeadId: {
    Aes128Gcm: 1;
    Aes256Gcm: 2;
    Chacha20Poly1305: 3;
    ExportOnly: 65535;
} = ...

The supported Authenticated Encryption with Associated Data (AEAD) identifiers.

-
+
diff --git a/core/docs/variables/KdfId-1.html b/core/docs/variables/KdfId-1.html index 5e4db01d5..208106a64 100644 --- a/core/docs/variables/KdfId-1.html +++ b/core/docs/variables/KdfId-1.html @@ -1,2 +1,2 @@ KdfId | @hpke/core

Variable KdfIdConst

KdfId: {
    HkdfSha256: 1;
    HkdfSha384: 2;
    HkdfSha512: 3;
} = ...

The supported Key Derivation Function (KDF) identifiers.

-
+
diff --git a/core/docs/variables/KemId-1.html b/core/docs/variables/KemId-1.html index 62dac4c81..518dd6147 100644 --- a/core/docs/variables/KemId-1.html +++ b/core/docs/variables/KemId-1.html @@ -1,2 +1,2 @@ KemId | @hpke/core

Variable KemIdConst

KemId: {
    DhkemP256HkdfSha256: 16;
    DhkemP384HkdfSha384: 17;
    DhkemP521HkdfSha512: 18;
    DhkemSecp256k1HkdfSha256: 19;
    DhkemX25519HkdfSha256: 32;
    DhkemX448HkdfSha512: 33;
    HybridkemX25519Kyber768: 48;
    MlKem1024: 66;
    MlKem512: 64;
    MlKem768: 65;
    NotAssigned: 0;
    XWing: 25722;
} = ...

The supported Key Encapsulation Mechanism (KEM) identifiers.

-
+
diff --git a/dhkem-secp256k1/docs/classes/DhkemSecp256k1HkdfSha256.html b/dhkem-secp256k1/docs/classes/DhkemSecp256k1HkdfSha256.html index 3eadc2276..82ef03e81 100644 --- a/dhkem-secp256k1/docs/classes/DhkemSecp256k1HkdfSha256.html +++ b/dhkem-secp256k1/docs/classes/DhkemSecp256k1HkdfSha256.html @@ -8,7 +8,7 @@

Note that it is experimental and not standardized.

-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_kdf: KdfInterface
_prim: DhkemPrimitives
encSize: number = 33

33

-
id: KemId = KemId.DhkemSecp256k1HkdfSha256

KemId.DhkemSecp256k1HkdfSha256 (0x0013) EXPERIMENTAL

-
privateKeySize: number = 32

32

-
publicKeySize: number = 33

33

-
secretSize: number = 32

32

-

Methods

  • Experimental

    Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_kdf: KdfInterface
_prim: DhkemPrimitives
encSize: number = 33

33

+
id: KemId = KemId.DhkemSecp256k1HkdfSha256

KemId.DhkemSecp256k1HkdfSha256 (0x0013) EXPERIMENTAL

+
privateKeySize: number = 32

32

+
publicKeySize: number = 33

33

+
secretSize: number = 32

32

+

Methods

  • Experimental

    Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    • params: RecipientContextParams

      A set of parameters for the recipient context.

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Experimental

    Derives a key pair from the byte string ikm.

    +
  • Experimental

    Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

    DeriveKeyPairError

    -
  • Experimental

    Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Experimental

    Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Experimental

    Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Experimental

    Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Experimental

    Generates an ephemeral, fixed-length symmetric key and +

  • Experimental

    Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    • params: SenderContextParams

      A set of parameters for the sender context.

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Experimental

    Generates a key pair.

    +
  • Experimental

    Generates a key pair.

    If the error occurred, throws NotSupportedError.

    Returns Promise<CryptoKeyPair>

    A key pair generated.

    NotSupportedError

    -
  • Experimental

    Imports a public or private key and converts to a CryptoKey.

    +
  • Experimental

    Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -73,14 +73,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

DeserializeError

-
  • Experimental

    Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Experimental

    Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
  • Experimental

    Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Experimental

    Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
+
diff --git a/dhkem-x25519/docs/classes/DhkemX25519HkdfSha256.html b/dhkem-x25519/docs/classes/DhkemX25519HkdfSha256.html index 002a16e5c..85956e9bb 100644 --- a/dhkem-x25519/docs/classes/DhkemX25519HkdfSha256.html +++ b/dhkem-x25519/docs/classes/DhkemX25519HkdfSha256.html @@ -6,7 +6,7 @@
import {
Aes128Gcm,
CipherSuite,
HkdfSha256,
} from "@hpke/core";
import { DhkemX25519HkdfSha256 } from "@hpke/dhkem-x25519";

const suite = new CipherSuite({
kem: new DhkemX25519HkdfSha256(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_kdf: KdfInterface
_prim: DhkemPrimitives
encSize: number = 32

32

-
id: KemId = KemId.DhkemX25519HkdfSha256

KemId.DhkemX25519HkdfSha256 (0x0020)

-
privateKeySize: number = 32

32

-
publicKeySize: number = 32

32

-
secretSize: number = 32

32

-

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_kdf: KdfInterface
_prim: DhkemPrimitives
encSize: number = 32

32

+
id: KemId = KemId.DhkemX25519HkdfSha256

KemId.DhkemX25519HkdfSha256 (0x0020)

+
privateKeySize: number = 32

32

+
publicKeySize: number = 32

32

+
secretSize: number = 32

32

+

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    • params: RecipientContextParams

      A set of parameters for the recipient context.

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

    DeriveKeyPairError

    -
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Generates an ephemeral, fixed-length symmetric key and +

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    • params: SenderContextParams

      A set of parameters for the sender context.

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Generates a key pair.

    If the error occurred, throws NotSupportedError.

    Returns Promise<CryptoKeyPair>

    A key pair generated.

    NotSupportedError

    -
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -71,14 +71,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

DeserializeError

-
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
+
diff --git a/dhkem-x25519/docs/classes/HkdfSha256.html b/dhkem-x25519/docs/classes/HkdfSha256.html index 60b8ebafa..2e6f662ab 100644 --- a/dhkem-x25519/docs/classes/HkdfSha256.html +++ b/dhkem-x25519/docs/classes/HkdfSha256.html @@ -1,4 +1,4 @@ -HkdfSha256 | @hpke/dhkem-x25519

Hierarchy

  • HkdfSha256Native
    • HkdfSha256

Constructors

constructor +HkdfSha256 | @hpke/dhkem-x25519

Hierarchy

  • HkdfSha256Native
    • HkdfSha256

Constructors

Properties

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

-
hashSize: number = 32

32

-
id: KdfId = KdfId.HkdfSha256

KdfId.HkdfSha256 (0x0001)

-

Methods

  • Builds a labeled input keying material.

    +

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

+
hashSize: number = 32

32

+
id: KdfId = KdfId.HkdfSha256

KdfId.HkdfSha256 (0x0001)

+

Methods

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    +
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    +
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Parameters

    • salt: ArrayBuffer
    • ikm: ArrayBuffer

    Returns Promise<ArrayBuffer>

  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Parameters

    • salt: ArrayBuffer
    • ikm: ArrayBuffer

    Returns Promise<ArrayBuffer>

  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    +
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

+
diff --git a/dhkem-x25519/docs/classes/X25519.html b/dhkem-x25519/docs/classes/X25519.html index 6029da3e6..1ccc4ed65 100644 --- a/dhkem-x25519/docs/classes/X25519.html +++ b/dhkem-x25519/docs/classes/X25519.html @@ -1,4 +1,4 @@ -X25519 | @hpke/dhkem-x25519

Implements

  • DhkemPrimitives

Constructors

constructor +X25519 | @hpke/dhkem-x25519

Implements

  • DhkemPrimitives

Constructors

Methods

  • Parameters

    • ikm: ArrayBuffer

    Returns Promise<CryptoKeyPair>

  • Parameters

    • key: CryptoKey

    Returns Promise<CryptoKey>

  • Parameters

    • key: ArrayBuffer

    Returns Promise<CryptoKey>

  • Parameters

    • key: ArrayBuffer

    Returns Promise<CryptoKey>

  • Parameters

    • sk: CryptoKey
    • pk: CryptoKey

    Returns Promise<ArrayBuffer>

  • Returns Promise<CryptoKeyPair>

  • Parameters

    • format: "raw" | "jwk"
    • key: ArrayBuffer | JsonWebKey
    • isPublic: boolean

    Returns Promise<CryptoKey>

  • Parameters

    • key: CryptoKey

    Returns Promise<ArrayBuffer>

  • Parameters

    • key: CryptoKey

    Returns Promise<ArrayBuffer>

+

Constructors

Methods

  • Parameters

    • ikm: ArrayBuffer

    Returns Promise<CryptoKeyPair>

  • Parameters

    • key: CryptoKey

    Returns Promise<CryptoKey>

  • Parameters

    • key: ArrayBuffer

    Returns Promise<CryptoKey>

  • Parameters

    • key: ArrayBuffer

    Returns Promise<CryptoKey>

  • Parameters

    • sk: CryptoKey
    • pk: CryptoKey

    Returns Promise<ArrayBuffer>

  • Returns Promise<CryptoKeyPair>

  • Parameters

    • format: "raw" | "jwk"
    • key: ArrayBuffer | JsonWebKey
    • isPublic: boolean

    Returns Promise<CryptoKey>

  • Parameters

    • key: CryptoKey

    Returns Promise<ArrayBuffer>

  • Parameters

    • key: CryptoKey

    Returns Promise<ArrayBuffer>

diff --git a/dhkem-x448/docs/classes/DhkemX448HkdfSha512.html b/dhkem-x448/docs/classes/DhkemX448HkdfSha512.html index 2295fca09..a147de9b9 100644 --- a/dhkem-x448/docs/classes/DhkemX448HkdfSha512.html +++ b/dhkem-x448/docs/classes/DhkemX448HkdfSha512.html @@ -6,7 +6,7 @@
import {
Aes256Gcm,
CipherSuite,
HkdfSha512,
} from "@hpke/core";
import { DhkemX448HkdfSha512 } from "@hpke/dhkem-x448";

const suite = new CipherSuite({
kem: new DhkemX448HkdfSha512(),
kdf: new HkdfSha512(),
aead: new Aes256Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_kdf: KdfInterface
_prim: DhkemPrimitives
encSize: number = 56

56

-
id: KemId = KemId.DhkemX448HkdfSha512

KemId.DhkemX448HkdfSha512 (0x0021)

-
privateKeySize: number = 56

56

-
publicKeySize: number = 56

56

-
secretSize: number = 64

64

-

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_kdf: KdfInterface
_prim: DhkemPrimitives
encSize: number = 56

56

+
id: KemId = KemId.DhkemX448HkdfSha512

KemId.DhkemX448HkdfSha512 (0x0021)

+
privateKeySize: number = 56

56

+
publicKeySize: number = 56

56

+
secretSize: number = 64

64

+

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    • params: RecipientContextParams

      A set of parameters for the recipient context.

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

    DeriveKeyPairError

    -
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Generates an ephemeral, fixed-length symmetric key and +

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    • params: SenderContextParams

      A set of parameters for the sender context.

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Generates a key pair.

    If the error occurred, throws NotSupportedError.

    Returns Promise<CryptoKeyPair>

    A key pair generated.

    NotSupportedError

    -
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -71,14 +71,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

DeserializeError

-
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
+
diff --git a/dhkem-x448/docs/classes/HkdfSha512.html b/dhkem-x448/docs/classes/HkdfSha512.html index e7dd10bc1..8da2fcb44 100644 --- a/dhkem-x448/docs/classes/HkdfSha512.html +++ b/dhkem-x448/docs/classes/HkdfSha512.html @@ -1,4 +1,4 @@ -HkdfSha512 | @hpke/dhkem-x448

Hierarchy

  • HkdfSha512Native
    • HkdfSha512

Constructors

constructor +HkdfSha512 | @hpke/dhkem-x448

Hierarchy

  • HkdfSha512Native
    • HkdfSha512

Constructors

Properties

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

-
hashSize: number = 64

64

-
id: KdfId = KdfId.HkdfSha512

KdfId.HkdfSha512 (0x0003)

-

Methods

  • Builds a labeled input keying material.

    +

Constructors

Properties

_api: SubtleCrypto = undefined
_suiteId: Uint8Array = EMPTY
algHash: HmacKeyGenParams = ...

The parameters for Web Cryptography API

+
hashSize: number = 64

64

+
id: KdfId = KdfId.HkdfSha512

KdfId.HkdfSha512 (0x0003)

+

Methods

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    +
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    +
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Parameters

    • salt: ArrayBuffer
    • ikm: ArrayBuffer

    Returns Promise<ArrayBuffer>

  • Extracts a pseudorandom key and expand it to a specified length keying material.

    +
  • Parameters

    • salt: ArrayBuffer
    • ikm: ArrayBuffer

    Returns Promise<ArrayBuffer>

  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Initializes the instance by setting a suite_id defined in RFC9180.

    +
  • Initializes the instance by setting a suite_id defined in RFC9180.

    Parameters

    • suiteId: Uint8Array

      A suite_id defined in RFC9180.

      -

    Returns void

  • Extracts a pseudorandom key with label.

    +

Returns void

+
diff --git a/dhkem-x448/docs/classes/X448.html b/dhkem-x448/docs/classes/X448.html index 028c0d9e4..42865f831 100644 --- a/dhkem-x448/docs/classes/X448.html +++ b/dhkem-x448/docs/classes/X448.html @@ -1,4 +1,4 @@ -X448 | @hpke/dhkem-x448

Implements

  • DhkemPrimitives

Constructors

constructor +X448 | @hpke/dhkem-x448

Implements

  • DhkemPrimitives

Constructors

Methods

  • Parameters

    • ikm: ArrayBuffer

    Returns Promise<CryptoKeyPair>

  • Parameters

    • key: CryptoKey

    Returns Promise<CryptoKey>

  • Parameters

    • key: ArrayBuffer

    Returns Promise<CryptoKey>

  • Parameters

    • key: ArrayBuffer

    Returns Promise<CryptoKey>

  • Parameters

    • sk: CryptoKey
    • pk: CryptoKey

    Returns Promise<ArrayBuffer>

  • Returns Promise<CryptoKeyPair>

  • Parameters

    • format: "raw" | "jwk"
    • key: ArrayBuffer | JsonWebKey
    • isPublic: boolean

    Returns Promise<CryptoKey>

  • Parameters

    • key: CryptoKey

    Returns Promise<ArrayBuffer>

  • Parameters

    • key: CryptoKey

    Returns Promise<ArrayBuffer>

+

Constructors

Methods

  • Parameters

    • ikm: ArrayBuffer

    Returns Promise<CryptoKeyPair>

  • Parameters

    • key: CryptoKey

    Returns Promise<CryptoKey>

  • Parameters

    • key: ArrayBuffer

    Returns Promise<CryptoKey>

  • Parameters

    • key: ArrayBuffer

    Returns Promise<CryptoKey>

  • Parameters

    • sk: CryptoKey
    • pk: CryptoKey

    Returns Promise<ArrayBuffer>

  • Returns Promise<CryptoKeyPair>

  • Parameters

    • format: "raw" | "jwk"
    • key: ArrayBuffer | JsonWebKey
    • isPublic: boolean

    Returns Promise<CryptoKey>

  • Parameters

    • key: CryptoKey

    Returns Promise<ArrayBuffer>

  • Parameters

    • key: CryptoKey

    Returns Promise<ArrayBuffer>

diff --git a/docs/classes/CipherSuite.html b/docs/classes/CipherSuite.html index 9f37ef64a..f65390eec 100644 --- a/docs/classes/CipherSuite.html +++ b/docs/classes/CipherSuite.html @@ -31,7 +31,7 @@
import { AeadId, CipherSuite, KdfId } from "@hpke/hpke-js";
// Use an extension module.
import {
HybridkemX25519Kyber768,
} from "@hpke/hybridkem-x25519-kyber768";

const suite = new CipherSuite({
kem: new HybridkemX25519Kyber768(),
kdf: KdfId.HkdfSha256,
aead: AeadId.Aes128Gcm,
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Accessors

aead @@ -47,33 +47,33 @@ seal

Constructors

Properties

_api: SubtleCrypto = undefined

Accessors

Methods

Properties

_api: SubtleCrypto = undefined

Accessors

Methods

  • Derives a key pair for the cipher suite in the manner +

  • Generates a key pair for the cipher suite.

    +
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -86,18 +86,18 @@

Returns Promise<CryptoKey>

A public or private CryptoKey.

Use KemInterface.generateKeyPair instead.

  • Decrypts a message from a sender.

    +
  • Decrypts a message from a sender.

    If the error occurred, throws DecapError | DeserializeError | OpenError | ValidationError.

    Parameters

    • params: RecipientContextParams

      A set of parameters for building a recipient encryption context.

    • ct: ArrayBuffer

      An encrypted text as bytes to be decrypted.

    • aad: ArrayBuffer = EMPTY

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A decrypted plain text as bytes.

+
diff --git a/docs/classes/DecapError.html b/docs/classes/DecapError.html index 8c7a7a6e2..023db5aa0 100644 --- a/docs/classes/DecapError.html +++ b/docs/classes/DecapError.html @@ -1,7 +1,7 @@ DecapError | @hpke/hpke-js

Class DecapError

decap() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/DeriveKeyPairError.html b/docs/classes/DeriveKeyPairError.html index c35690127..abb1f91a0 100644 --- a/docs/classes/DeriveKeyPairError.html +++ b/docs/classes/DeriveKeyPairError.html @@ -1,7 +1,7 @@ DeriveKeyPairError | @hpke/hpke-js

Class DeriveKeyPairError

Key pair derivation failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/DeserializeError.html b/docs/classes/DeserializeError.html index 6a2d2596e..28afa70ea 100644 --- a/docs/classes/DeserializeError.html +++ b/docs/classes/DeserializeError.html @@ -1,7 +1,7 @@ DeserializeError | @hpke/hpke-js

Class DeserializeError

Public or private key deserialization failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/EncapError.html b/docs/classes/EncapError.html index e787ee520..7d7908e6a 100644 --- a/docs/classes/EncapError.html +++ b/docs/classes/EncapError.html @@ -1,7 +1,7 @@ EncapError | @hpke/hpke-js

Class EncapError

encap() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/ExportError.html b/docs/classes/ExportError.html index 9f5e2422e..825e717fa 100644 --- a/docs/classes/ExportError.html +++ b/docs/classes/ExportError.html @@ -1,7 +1,7 @@ ExportError | @hpke/hpke-js

Class ExportError

Secret export failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/HpkeError.html b/docs/classes/HpkeError.html index df9efe1b7..a8cd3c2af 100644 --- a/docs/classes/HpkeError.html +++ b/docs/classes/HpkeError.html @@ -1,7 +1,7 @@ HpkeError | @hpke/hpke-js

The base error class of hpke-js.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/InvalidParamError.html b/docs/classes/InvalidParamError.html index 8c64aaf03..01de4e31c 100644 --- a/docs/classes/InvalidParamError.html +++ b/docs/classes/InvalidParamError.html @@ -1,7 +1,7 @@ InvalidParamError | @hpke/hpke-js

Class InvalidParamError

Invalid parameter.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/MessageLimitReachedError.html b/docs/classes/MessageLimitReachedError.html index de37f09bd..cbd4e49bc 100644 --- a/docs/classes/MessageLimitReachedError.html +++ b/docs/classes/MessageLimitReachedError.html @@ -1,7 +1,7 @@ MessageLimitReachedError | @hpke/hpke-js

Class MessageLimitReachedError

Sequence number overflow on the encryption context.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/NotSupportedError.html b/docs/classes/NotSupportedError.html index 6705efe07..542b7910b 100644 --- a/docs/classes/NotSupportedError.html +++ b/docs/classes/NotSupportedError.html @@ -1,7 +1,7 @@ NotSupportedError | @hpke/hpke-js

Class NotSupportedError

Not supported failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/OpenError.html b/docs/classes/OpenError.html index 464d8f841..9b160cc50 100644 --- a/docs/classes/OpenError.html +++ b/docs/classes/OpenError.html @@ -1,7 +1,7 @@ OpenError | @hpke/hpke-js

open() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/SealError.html b/docs/classes/SealError.html index e91d4ed4c..c7a1bd7e1 100644 --- a/docs/classes/SealError.html +++ b/docs/classes/SealError.html @@ -1,7 +1,7 @@ SealError | @hpke/hpke-js

seal() failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/SerializeError.html b/docs/classes/SerializeError.html index fa968977a..ed6cf356a 100644 --- a/docs/classes/SerializeError.html +++ b/docs/classes/SerializeError.html @@ -1,7 +1,7 @@ SerializeError | @hpke/hpke-js

Class SerializeError

Public or private key serialization failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/classes/ValidationError.html b/docs/classes/ValidationError.html index 2ed308e24..63fe576e9 100644 --- a/docs/classes/ValidationError.html +++ b/docs/classes/ValidationError.html @@ -1,7 +1,7 @@ ValidationError | @hpke/hpke-js

Class ValidationError

KEM input or output validation failure.

-

Hierarchy (view full)

Constructors

Hierarchy (view full)

Constructors

Properties

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
+

Constructors

Properties

cause?: unknown
message: string
name: string
stack?: string
diff --git a/docs/interfaces/AeadEncryptionContext.html b/docs/interfaces/AeadEncryptionContext.html index 79981ec02..9659ecfee 100644 --- a/docs/interfaces/AeadEncryptionContext.html +++ b/docs/interfaces/AeadEncryptionContext.html @@ -1,14 +1,14 @@ AeadEncryptionContext | @hpke/hpke-js

Interface AeadEncryptionContext

The AEAD encryption context interface.

-
interface AeadEncryptionContext {
    open(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
    seal(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
}

Methods

interface AeadEncryptionContext {
    open(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
    seal(iv: ArrayBuffer, data: ArrayBuffer, aad: ArrayBuffer): Promise<ArrayBuffer>;
}

Methods

Methods

  • Decrypts data with an initialization vector and additional authenticated data.

    Parameters

    • iv: ArrayBuffer

      An initialization vector.

    • data: ArrayBuffer

      A plain text as bytes to be encrypted.

    • aad: ArrayBuffer

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A decrypted plain text as bytes.

    -
  • Encrypts data with an initialization vector and additional authenticated data.

    Parameters

    • iv: ArrayBuffer

      An initialization vector.

    • data: ArrayBuffer

      A plain text as bytes to be encrypted.

    • aad: ArrayBuffer

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A cipher text as bytes.

    -
+
diff --git a/docs/interfaces/AeadInterface.html b/docs/interfaces/AeadInterface.html index 25c250c91..5bc4cc3e0 100644 --- a/docs/interfaces/AeadInterface.html +++ b/docs/interfaces/AeadInterface.html @@ -1,14 +1,14 @@ AeadInterface | @hpke/hpke-js

Interface AeadInterface

The AEAD interface.

-
interface AeadInterface {
    id: AeadId;
    keySize: number;
    nonceSize: number;
    tagSize: number;
    createEncryptionContext(key: ArrayBuffer): AeadEncryptionContext;
}

Properties

id +
interface AeadInterface {
    id: AeadId;
    keySize: number;
    nonceSize: number;
    tagSize: number;
    createEncryptionContext(key: ArrayBuffer): AeadEncryptionContext;
}

Properties

id: AeadId

The KDF identifier.

-
keySize: number

The length in bytes of an AEAD key (Nk).

-
nonceSize: number

The length in bytes of an AEAD nonce (Nn).

-
tagSize: number

The length in bytes of an AEAD authentication tag (Nt).

-

Methods

keySize: number

The length in bytes of an AEAD key (Nk).

+
nonceSize: number

The length in bytes of an AEAD nonce (Nn).

+
tagSize: number

The length in bytes of an AEAD authentication tag (Nt).

+

Methods

+
diff --git a/docs/interfaces/CipherSuiteParams.html b/docs/interfaces/CipherSuiteParams.html index 159bc0fc7..f366e82f6 100644 --- a/docs/interfaces/CipherSuiteParams.html +++ b/docs/interfaces/CipherSuiteParams.html @@ -1,8 +1,8 @@ CipherSuiteParams | @hpke/hpke-js

Interface CipherSuiteParams

The parameters used to configure the CipherSuite.

-
interface CipherSuiteParams {
    aead: AeadId | AeadInterface;
    kdf: KdfId | KdfInterface;
    kem: KemId | KemInterface;
}

Properties

interface CipherSuiteParams {
    aead: AeadId | AeadInterface;
    kdf: KdfId | KdfInterface;
    kem: KemId | KemInterface;
}

Properties

Properties

The AEAD (Authenticated Encryption with Addtional Data) identifier or the AEAD object.

-

The KDF (Key Derivation Function) identifier or the KDF object.

-

The KEM (Key Encapsulation Mechanism) identifier or the KEM object.

-
+
kdf: KdfId | KdfInterface

The KDF (Key Derivation Function) identifier or the KDF object.

+
kem: KemId | KemInterface

The KEM (Key Encapsulation Mechanism) identifier or the KEM object.

+
diff --git a/docs/interfaces/CipherSuiteSealResponse.html b/docs/interfaces/CipherSuiteSealResponse.html index e49a5cadd..28a14634c 100644 --- a/docs/interfaces/CipherSuiteSealResponse.html +++ b/docs/interfaces/CipherSuiteSealResponse.html @@ -1,6 +1,6 @@ CipherSuiteSealResponse | @hpke/hpke-js

Interface CipherSuiteSealResponse

The response of the single-shot seal API.

-
interface CipherSuiteSealResponse {
    ct: ArrayBuffer;
    enc: ArrayBuffer;
}

Properties

ct +
interface CipherSuiteSealResponse {
    ct: ArrayBuffer;
    enc: ArrayBuffer;
}

Properties

Properties

ct: ArrayBuffer

The ciphertext as bytes.

-
enc: ArrayBuffer

The encapsulated key.

-
+
enc: ArrayBuffer

The encapsulated key.

+
diff --git a/docs/interfaces/EncryptionContext.html b/docs/interfaces/EncryptionContext.html index 7b63e99be..00513762a 100644 --- a/docs/interfaces/EncryptionContext.html +++ b/docs/interfaces/EncryptionContext.html @@ -1,5 +1,5 @@ EncryptionContext | @hpke/hpke-js

Interface EncryptionContext

The encryption context interface for a recipient and a sender.

-
interface EncryptionContext {
    export(exporterContext: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    open(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
    seal(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Methods

interface EncryptionContext {
    export(exporterContext: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    open(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
    seal(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Methods

Methods

  • Exports a secret using a variable-length pseudorandom function.

    @@ -8,16 +8,16 @@
  • len: number

    A desired length in bytes of the output secret.

Returns Promise<ArrayBuffer>

A secret string as bytes.

ExportError

-
  • Decrypts data.

    +
+
diff --git a/docs/interfaces/KdfInterface.html b/docs/interfaces/KdfInterface.html index bdc69a2ce..5a6822204 100644 --- a/docs/interfaces/KdfInterface.html +++ b/docs/interfaces/KdfInterface.html @@ -1,5 +1,5 @@ KdfInterface | @hpke/hpke-js

Interface KdfInterface

The KDF interface.

-
interface KdfInterface {
    hashSize: number;
    id: KdfId;
    buildLabeledIkm(label: Uint8Array, ikm: Uint8Array): Uint8Array;
    buildLabeledInfo(label: Uint8Array, info: Uint8Array, len: number): Uint8Array;
    expand(prk: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    extract(salt: ArrayBuffer, ikm: ArrayBuffer): Promise<ArrayBuffer>;
    extractAndExpand(salt: ArrayBuffer, ikm: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    init(suiteId: Uint8Array): void;
    labeledExpand(prk: ArrayBuffer, label: Uint8Array, info: Uint8Array, len: number): Promise<ArrayBuffer>;
    labeledExtract(salt: ArrayBuffer, label: Uint8Array, ikm: Uint8Array): Promise<ArrayBuffer>;
}

Properties

interface KdfInterface {
    hashSize: number;
    id: KdfId;
    buildLabeledIkm(label: Uint8Array, ikm: Uint8Array): Uint8Array;
    buildLabeledInfo(label: Uint8Array, info: Uint8Array, len: number): Uint8Array;
    expand(prk: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    extract(salt: ArrayBuffer, ikm: ArrayBuffer): Promise<ArrayBuffer>;
    extractAndExpand(salt: ArrayBuffer, ikm: ArrayBuffer, info: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    init(suiteId: Uint8Array): void;
    labeledExpand(prk: ArrayBuffer, label: Uint8Array, info: Uint8Array, len: number): Promise<ArrayBuffer>;
    labeledExtract(salt: ArrayBuffer, label: Uint8Array, ikm: Uint8Array): Promise<ArrayBuffer>;
}

Properties

hashSize: number

The output size of the extract() function in bytes (Nh).

-
id: KdfId

The KDF identifier.

-

Methods

id: KdfId

The KDF identifier.

+

Methods

  • Builds a labeled input keying material.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

    Returns Uint8Array

    An input keying material as bytes.

    -
  • Builds a labeled info string.

    Parameters

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length of the output byte string.

    Returns Uint8Array

    An info string as bytes.

    -
  • Expands a pseudorandom key prk.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key of fixed length (Nh) bytes.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
  • Extracts a pseudorandom key and expand it to a specified length keying material.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • ikm: ArrayBuffer

      An input keying material

    • info: ArrayBuffer

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key with label.

    +

Returns void

  • Extracts a pseudorandom key with label.

    Parameters

    • prk: ArrayBuffer

      A pseudorandom key.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • info: Uint8Array

      An additional byte string.

    • len: number

      The length in bytes of the output keying material.

    Returns Promise<ArrayBuffer>

    An output keying material as bytes.

    -
  • Extracts a pseudorandom key with label.

    Parameters

    • salt: ArrayBuffer

      An additional random byte string.

    • label: Uint8Array

      A byte string indicating the cryptographic context/operation.

    • ikm: Uint8Array

      An input keying material

    Returns Promise<ArrayBuffer>

    A pseudorandom key as bytes.

    -
+
diff --git a/docs/interfaces/KemInterface.html b/docs/interfaces/KemInterface.html index f815389d2..4dfc3ddf5 100644 --- a/docs/interfaces/KemInterface.html +++ b/docs/interfaces/KemInterface.html @@ -1,5 +1,5 @@ KemInterface | @hpke/hpke-js

Interface KemInterface

The KEM interface.

-
interface KemInterface {
    encSize: number;
    id: KemId;
    privateKeySize: number;
    publicKeySize: number;
    secretSize: number;
    decap(params: RecipientContextParams): Promise<ArrayBuffer>;
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    encap(params: SenderContextParams): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic?: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Properties

interface KemInterface {
    encSize: number;
    id: KemId;
    privateKeySize: number;
    publicKeySize: number;
    secretSize: number;
    decap(params: RecipientContextParams): Promise<ArrayBuffer>;
    deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>;
    deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>;
    deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>;
    encap(params: SenderContextParams): Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>;
    generateKeyPair(): Promise<CryptoKeyPair>;
    importKey(format: "raw" | "jwk", key: ArrayBuffer | JsonWebKey, isPublic?: boolean): Promise<CryptoKey>;
    serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>;
    serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>;
}

Properties

encSize: number

The length in bytes of an encapsulated key produced by this KEM (Nenc).

-
id: KemId

The KEM identifier.

-
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

-
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

-
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

-

Methods

id: KemId

The KEM identifier.

+
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

+
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

+
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

+

Methods

  • Derives a key pair from the byte string ikm.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +

Returns Promise<CryptoKey>

A public or private CryptoKey.

+
diff --git a/docs/interfaces/PreSharedKey.html b/docs/interfaces/PreSharedKey.html index c6c5c082b..cff1be6ba 100644 --- a/docs/interfaces/PreSharedKey.html +++ b/docs/interfaces/PreSharedKey.html @@ -1,6 +1,6 @@ PreSharedKey | @hpke/hpke-js

Interface PreSharedKey

The pre-shared key interface.

-
interface PreSharedKey {
    id: ArrayBuffer;
    key: ArrayBuffer;
}

Properties

id +
interface PreSharedKey {
    id: ArrayBuffer;
    key: ArrayBuffer;
}

Properties

Properties

id: ArrayBuffer

The key identifier.

-
key: ArrayBuffer

The body of the pre-shared key.

-
+
key: ArrayBuffer

The body of the pre-shared key.

+
diff --git a/docs/interfaces/RecipientContextParams.html b/docs/interfaces/RecipientContextParams.html index 5b8dd5693..73c027f3d 100644 --- a/docs/interfaces/RecipientContextParams.html +++ b/docs/interfaces/RecipientContextParams.html @@ -1,13 +1,13 @@ RecipientContextParams | @hpke/hpke-js

Interface RecipientContextParams

The parameters used to setup the RecipientContext.

-
interface RecipientContextParams {
    enc: ArrayBuffer;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientKey: CryptoKeyPair | CryptoKey;
    senderPublicKey?: CryptoKey;
}

Hierarchy

  • KeyScheduleParams
    • RecipientContextParams

Properties

enc +
interface RecipientContextParams {
    enc: ArrayBuffer;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientKey: CryptoKeyPair | CryptoKey;
    senderPublicKey?: CryptoKey;
}

Hierarchy

  • KeyScheduleParams
    • RecipientContextParams

Properties

enc: ArrayBuffer

A byte string of the encapsulated key received from a sender.

-
info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

-

A pre-shared key (PSK) held by both the sender and recipient. +

info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

+

A pre-shared key (PSK) held by both the sender and recipient. The PSK should have at least 32 bytes :and the maxmum length of the PSK is 128 bytes.

-
recipientKey: CryptoKeyPair | CryptoKey

A recipient private key or a key pair.

-
senderPublicKey?: CryptoKey

A sender public key for Auth mode.

-
+
recipientKey: CryptoKeyPair | CryptoKey

A recipient private key or a key pair.

+
senderPublicKey?: CryptoKey

A sender public key for Auth mode.

+
diff --git a/docs/interfaces/SenderContext.html b/docs/interfaces/SenderContext.html index 18c8b79d1..00a11b992 100644 --- a/docs/interfaces/SenderContext.html +++ b/docs/interfaces/SenderContext.html @@ -1,25 +1,25 @@ SenderContext | @hpke/hpke-js

Interface SenderContext

The sender encryption context.

-
interface SenderContext {
    enc: ArrayBuffer;
    export(exporterContext: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    open(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
    seal(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Properties

enc +
interface SenderContext {
    enc: ArrayBuffer;
    export(exporterContext: ArrayBuffer, len: number): Promise<ArrayBuffer>;
    open(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
    seal(data: ArrayBuffer, aad?: ArrayBuffer): Promise<ArrayBuffer>;
}

Hierarchy (view full)

Properties

Methods

Properties

enc: ArrayBuffer

The encapsulated key generated by the sender.

-

Methods

Methods

  • Exports a secret using a variable-length pseudorandom function.

    If the error occurred, throws ExportError.

    Parameters

    • exporterContext: ArrayBuffer

      An exporter context string as bytes. The maximum length is 128 bytes.

    • len: number

      A desired length in bytes of the output secret.

    Returns Promise<ArrayBuffer>

    A secret string as bytes.

    ExportError

    -
  • Decrypts data.

    +
  • Decrypts data.

    If the error occurred, throws OpenError.

    Parameters

    • data: ArrayBuffer

      An encrypted text as bytes to be decrypted.

    • Optionalaad: ArrayBuffer

      Additional authenticated data as bytes fed by an application.

    Returns Promise<ArrayBuffer>

    A decrypted plain text as bytes.

    OpenError

    -
  • Encrypts data.

    +
+
diff --git a/docs/interfaces/SenderContextParams.html b/docs/interfaces/SenderContextParams.html index 8ffb5122f..451fe625a 100644 --- a/docs/interfaces/SenderContextParams.html +++ b/docs/interfaces/SenderContextParams.html @@ -1,13 +1,13 @@ SenderContextParams | @hpke/hpke-js

Interface SenderContextParams

The parameters used to setup the SenderContext.

-
interface SenderContextParams {
    ekm?: ArrayBuffer | CryptoKeyPair;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientPublicKey: CryptoKey;
    senderKey?: CryptoKeyPair | CryptoKey;
}

Hierarchy

  • KeyScheduleParams
    • SenderContextParams

Properties

interface SenderContextParams {
    ekm?: ArrayBuffer | CryptoKeyPair;
    info?: ArrayBuffer;
    psk?: PreSharedKey;
    recipientPublicKey: CryptoKey;
    senderKey?: CryptoKeyPair | CryptoKey;
}

Hierarchy

  • KeyScheduleParams
    • SenderContextParams

Properties

ekm?: ArrayBuffer | CryptoKeyPair

DO NOT USE. FOR DEBUGGING/TESTING PURPOSES ONLY.

-
info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

-

A pre-shared key (PSK) held by both the sender and recipient. +

info?: ArrayBuffer

Application supplied information. The maximum length is 128 bytes.

+

A pre-shared key (PSK) held by both the sender and recipient. The PSK should have at least 32 bytes :and the maxmum length of the PSK is 128 bytes.

-
recipientPublicKey: CryptoKey

A recipient public key.

-
senderKey?: CryptoKeyPair | CryptoKey

A sender private key or a key pair for Auth mode.

-
+
recipientPublicKey: CryptoKey

A recipient public key.

+
senderKey?: CryptoKeyPair | CryptoKey

A sender private key or a key pair for Auth mode.

+
diff --git a/docs/types/Aead.html b/docs/types/Aead.html index 6382b7d0b..df740bd3d 100644 --- a/docs/types/Aead.html +++ b/docs/types/Aead.html @@ -1,3 +1,3 @@ Aead | @hpke/hpke-js

Type Alias Aead

Aead: typeof Aead[keyof typeof Aead]

The type alias of the supported AEAD identifiers.

Use AeadId instead.

-
+
diff --git a/docs/types/AeadId.html b/docs/types/AeadId.html index 531ffe421..22c5c84d3 100644 --- a/docs/types/AeadId.html +++ b/docs/types/AeadId.html @@ -1,2 +1,2 @@ AeadId | @hpke/hpke-js

Type Alias AeadId

AeadId: typeof AeadId[keyof typeof AeadId]

The type alias of the supported AEAD identifiers.

-
+
diff --git a/docs/types/Kdf.html b/docs/types/Kdf.html index 3843ee769..1ea3210d6 100644 --- a/docs/types/Kdf.html +++ b/docs/types/Kdf.html @@ -1,3 +1,3 @@ Kdf | @hpke/hpke-js

Type Alias Kdf

Kdf: typeof Kdf[keyof typeof Kdf]

The type alias of the supported KDF identifiers.

Use KdfId instead.

-
+
diff --git a/docs/types/KdfId.html b/docs/types/KdfId.html index cbb65c38c..e673f43b1 100644 --- a/docs/types/KdfId.html +++ b/docs/types/KdfId.html @@ -1,2 +1,2 @@ KdfId | @hpke/hpke-js

Type Alias KdfId

KdfId: typeof KdfId[keyof typeof KdfId]

The type alias of the supported KDF identifiers.

-
+
diff --git a/docs/types/Kem.html b/docs/types/Kem.html index e191a87f0..bc78257e8 100644 --- a/docs/types/Kem.html +++ b/docs/types/Kem.html @@ -1,3 +1,3 @@ Kem | @hpke/hpke-js

Type Alias Kem

Kem: typeof Kem[keyof typeof Kem]

The type alias of the supported KEM identifiers.

Use KdfId instead.

-
+
diff --git a/docs/types/KemId.html b/docs/types/KemId.html index 412d0a58e..0a0bb106a 100644 --- a/docs/types/KemId.html +++ b/docs/types/KemId.html @@ -1,2 +1,2 @@ KemId | @hpke/hpke-js

Type Alias KemId

KemId: typeof KemId[keyof typeof KemId]

The type alias of the supported KEM identifiers.

-
+
diff --git a/docs/types/RecipientContext.html b/docs/types/RecipientContext.html index d143d943a..fe530a69e 100644 --- a/docs/types/RecipientContext.html +++ b/docs/types/RecipientContext.html @@ -1,2 +1,2 @@ RecipientContext | @hpke/hpke-js

Type Alias RecipientContext

RecipientContext: EncryptionContext

The recipient encryption context.

-
+
diff --git a/docs/variables/Aead-1.html b/docs/variables/Aead-1.html index c3dcf17c9..3de7ff71b 100644 --- a/docs/variables/Aead-1.html +++ b/docs/variables/Aead-1.html @@ -1,3 +1,3 @@ Aead | @hpke/hpke-js

Variable AeadConst

Aead: {
    Aes128Gcm: 1;
    Aes256Gcm: 2;
    Chacha20Poly1305: 3;
    ExportOnly: 65535;
} = ...

The supported Authenticated Encryption with Associated Data (AEAD) identifiers.

Use AeadId instead.

-
+
diff --git a/docs/variables/AeadId-1.html b/docs/variables/AeadId-1.html index 27f47025a..f49ba27a0 100644 --- a/docs/variables/AeadId-1.html +++ b/docs/variables/AeadId-1.html @@ -1,2 +1,2 @@ AeadId | @hpke/hpke-js

Variable AeadIdConst

AeadId: {
    Aes128Gcm: 1;
    Aes256Gcm: 2;
    Chacha20Poly1305: 3;
    ExportOnly: 65535;
} = ...

The supported Authenticated Encryption with Associated Data (AEAD) identifiers.

-
+
diff --git a/docs/variables/Kdf-1.html b/docs/variables/Kdf-1.html index 472bf17da..6df9137ad 100644 --- a/docs/variables/Kdf-1.html +++ b/docs/variables/Kdf-1.html @@ -1,3 +1,3 @@ Kdf | @hpke/hpke-js

Variable KdfConst

Kdf: {
    HkdfSha256: 1;
    HkdfSha384: 2;
    HkdfSha512: 3;
} = ...

The supported Key Derivation Function (KDF) identifiers.

Use KdfId instead.

-
+
diff --git a/docs/variables/KdfId-1.html b/docs/variables/KdfId-1.html index 88727efe0..a3f0ed4ad 100644 --- a/docs/variables/KdfId-1.html +++ b/docs/variables/KdfId-1.html @@ -1,2 +1,2 @@ KdfId | @hpke/hpke-js

Variable KdfIdConst

KdfId: {
    HkdfSha256: 1;
    HkdfSha384: 2;
    HkdfSha512: 3;
} = ...

The supported Key Derivation Function (KDF) identifiers.

-
+
diff --git a/docs/variables/Kem-1.html b/docs/variables/Kem-1.html index ac1c6a01c..fa7586f85 100644 --- a/docs/variables/Kem-1.html +++ b/docs/variables/Kem-1.html @@ -1,3 +1,3 @@ Kem | @hpke/hpke-js

Variable KemConst

Kem: {
    DhkemP256HkdfSha256: 16;
    DhkemP384HkdfSha384: 17;
    DhkemP521HkdfSha512: 18;
    DhkemSecp256k1HkdfSha256: 19;
    DhkemX25519HkdfSha256: 32;
    DhkemX448HkdfSha512: 33;
    HybridkemX25519Kyber768: 48;
    NotAssigned: 0;
} = ...

The supported Key Encapsulation Mechanism (KEM) identifiers.

Use KdfId instead.

-
+
diff --git a/docs/variables/KemId-1.html b/docs/variables/KemId-1.html index 6413344ad..f212035ad 100644 --- a/docs/variables/KemId-1.html +++ b/docs/variables/KemId-1.html @@ -1,2 +1,2 @@ KemId | @hpke/hpke-js

Variable KemIdConst

KemId: {
    DhkemP256HkdfSha256: 16;
    DhkemP384HkdfSha384: 17;
    DhkemP521HkdfSha512: 18;
    DhkemSecp256k1HkdfSha256: 19;
    DhkemX25519HkdfSha256: 32;
    DhkemX448HkdfSha512: 33;
    HybridkemX25519Kyber768: 48;
    MlKem1024: 66;
    MlKem512: 64;
    MlKem768: 65;
    NotAssigned: 0;
    XWing: 25722;
} = ...

The supported Key Encapsulation Mechanism (KEM) identifiers.

-
+
diff --git a/hybridkem-x-wing/docs/classes/XWing.html b/hybridkem-x-wing/docs/classes/XWing.html index 2dcc22f13..d90b0ea53 100644 --- a/hybridkem-x-wing/docs/classes/XWing.html +++ b/hybridkem-x-wing/docs/classes/XWing.html @@ -6,7 +6,7 @@
import { Aes128Gcm, CipherSuite, HkdfSha256 } from "@hpke/core";
import { XWing } from "@hpke/hybridkem-x-wing";
const suite = new CipherSuite({
kem: new XWing(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
});
-

Implements

Constructors

Implements

Constructors

Properties

Constructors

Properties

_m: MlKem768
_x25519: X25519
auth: boolean = false
encSize: number = 1120

The length in bytes of an encapsulated key produced by this KEM (Nenc).

-
id: KemId = KemId.XWing

The KEM identifier.

-
name: string = ALG_NAME
privateKeySize: number = 32

The length in bytes of an encoded private key for this KEM (Nsk).

-
publicKeySize: number = 1216

The length in bytes of an encoded public key for this KEM (Npk).

-
secretSize: number = 32

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

-

Methods

  • Decapsulates the ss (shared secret) from the enc and the recipient's private key. +

Constructors

Properties

_m: MlKem768
_x25519: X25519
auth: boolean = false
encSize: number = 1120

The length in bytes of an encapsulated key produced by this KEM (Nenc).

+
id: KemId = KemId.XWing

The KEM identifier.

+
name: string = ALG_NAME
privateKeySize: number = 32

The length in bytes of an encoded private key for this KEM (Nsk).

+
publicKeySize: number = 1216

The length in bytes of an encoded public key for this KEM (Npk).

+
secretSize: number = 32

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

+

Methods

  • Decapsulates the ss (shared secret) from the enc and the recipient's private key. The enc is the same as the ct (ciphertext) resulting from X-Wing::Encapsulate(), which is executed under the encap(). @param params The parameters for decapsulation. @returns {Promise<ArrayBuffer>} A promise that resolves with the shared secret. @throws {InvalidParamError} Thrown if the length of the enc` is not 1120 bytes.

    Parameters

    • params: RecipientContextParams

    Returns Promise<ArrayBuffer>

    Thrown if the shared secret cannot be decapsulated.

    -
  • Derives a key pair from the input keying material.

    +
  • Derives a key pair from the input keying material.

    Parameters

    • ikm: ArrayBuffer

      The input keying material.

    Returns Promise<CryptoKeyPair>

    A promise that resolves with a new key pair.

    Thrown if the key pair cannot be derived.

    Thrown if the length of the IKM is not 32 bytes.

    -
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Encapsulates the shared secret and the ct (ciphertext) as enc.

    +
  • Encapsulates the shared secret and the ct (ciphertext) as enc.

    Parameters

    • params: SenderContextParams

      The parameters for encapsulation.

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A promise that resolves with the ss (shared secret) as sharedSecret and the ct (ciphertext) as enc.

    Thrown if the length of the ekm is not 64 bytes.

    Thrown if the shared secret cannot be encapsulated.

    -
  • Generates a new key pair.

    +
  • Generates a new key pair.

    Returns Promise<CryptoKeyPair>

    A promise that resolves with a new key pair.

    -
  • Generates a key pair from the secret key.

    +
  • Generates a key pair from the secret key.

    Parameters

    • sk: Uint8Array

      The secret key.

    Returns Promise<CryptoKeyPair>

    A promise that resolves with a new key pair.

    Thrown if the length of the secret key is not 32 bytes.

    Thrown if the key pair cannot be derived.

    -
  • Imports a key from the input.

    +
  • Imports a key from the input.

    Parameters

    • format: "raw" | "jwk"

      The format of the key. "raw" or "jwk" can be specified.

    • key: ArrayBuffer | JsonWebKeyExtended

      The key to import. If the format is "raw", the key must be an ArrayBuffer. If the format is "jwk", the key must be a JsonWebKey.

    • isPublic: boolean = true

      A boolean indicating whether the key is public or not. The default is true.

    Returns Promise<CryptoKey>

    A promise that resolves with the imported key.

    Thrown if the key cannot be imported.

    -
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
+
diff --git a/hybridkem-x25519-kyber768/docs/classes/HybridkemX25519Kyber768.html b/hybridkem-x25519-kyber768/docs/classes/HybridkemX25519Kyber768.html index 4edb30a82..41e7344e1 100644 --- a/hybridkem-x25519-kyber768/docs/classes/HybridkemX25519Kyber768.html +++ b/hybridkem-x25519-kyber768/docs/classes/HybridkemX25519Kyber768.html @@ -6,7 +6,7 @@
import { Aes128Gcm, CipherSuite, HkdfSha256 } from "@hpke/core";
import { HybridkemX25519Kyber768 } from "@hpke/hybridkem-x25519-kyber768";
const suite = new CipherSuite({
kem: new HybridkemX25519Kyber768(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
});
-

Hierarchy

Constructors

Hierarchy

Constructors

Properties

Constructors

Properties

_a: DhkemInterface
_b: KemInterface
_kdf: KdfInterface
auth: boolean = false
encSize: number = 1120
id: KemId = KemId.HybridkemX25519Kyber768
name: string = "X25519Kyber25519"
privateKeySize: number = 2432
publicKeySize: number = 1216
secretSize: number = 64

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

Constructors

Properties

_a: DhkemInterface
_b: KemInterface
_kdf: KdfInterface
auth: boolean = false
encSize: number = 1120
id: KemId = KemId.HybridkemX25519Kyber768
name: string = "X25519Kyber25519"
privateKeySize: number = 2432
publicKeySize: number = 1216
secretSize: number = 64

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    If the error occurred, throws DecapError.

    Parameters

    • params: RecipientContextParams

      A set of parameters for the recipient context.

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    DecapError

    -
  • Derives a key pair from the byte string ikm.

    +
  • Derives a key pair from the byte string ikm.

    If the error occurred, throws DeriveKeyPairError.

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

    Returns Promise<CryptoKeyPair>

    A key pair derived.

    DeriveKeyPairError

    -
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    If the error occurred, throws DeserializeError.

    Parameters

    • key: ArrayBuffer

      A key as bytes.

    Returns Promise<CryptoKey>

    A CryptoKey.

    DeserializeError

    -
  • Generates an ephemeral, fixed-length symmetric key and +

  • Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

    If the error occurred, throws EncapError.

    Parameters

    • params: SenderContextParams

      A set of parameters for the sender context.

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    EncapError

    -
  • Generates a key pair.

    If the error occurred, throws NotSupportedError.

    Returns Promise<CryptoKeyPair>

    A key pair generated.

    NotSupportedError

    -
  • Imports a public or private key and converts to a CryptoKey.

    +
  • Imports a public or private key and converts to a CryptoKey.

    Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

    @@ -69,14 +69,14 @@
  • isPublic: boolean = true

    The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

Returns Promise<CryptoKey>

A public or private CryptoKey.

DeserializeError

-
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    If the error occurred, throws SerializeError.

    Parameters

    • key: CryptoKey

      A CryptoKey.

    Returns Promise<ArrayBuffer>

    A key as bytes.

    SerializeError

    -
+
diff --git a/ml-kem/docs/.nojekyll b/ml-kem/docs/.nojekyll new file mode 100644 index 000000000..e2ac6616a --- /dev/null +++ b/ml-kem/docs/.nojekyll @@ -0,0 +1 @@ +TypeDoc added this file to prevent GitHub Pages from using Jekyll. You can turn off this behavior by setting the `githubPages` option to false. \ No newline at end of file diff --git a/ml-kem/docs/assets/highlight.css b/ml-kem/docs/assets/highlight.css new file mode 100644 index 000000000..41de7bb67 --- /dev/null +++ b/ml-kem/docs/assets/highlight.css @@ -0,0 +1,120 @@ +:root { + --light-hl-0: #AF00DB; + --dark-hl-0: #C586C0; + --light-hl-1: #000000; + --dark-hl-1: #D4D4D4; + --light-hl-2: #001080; + --dark-hl-2: #9CDCFE; + --light-hl-3: #A31515; + --dark-hl-3: #CE9178; + --light-hl-4: #008000; + --dark-hl-4: #6A9955; + --light-hl-5: #0000FF; + --dark-hl-5: #569CD6; + --light-hl-6: #795E26; + --dark-hl-6: #DCDCAA; + --light-hl-7: #0070C1; + --dark-hl-7: #4FC1FF; + --light-hl-8: #267F99; + --dark-hl-8: #4EC9B0; + --light-hl-9: #800000; + --dark-hl-9: #808080; + --light-hl-10: #800000; + --dark-hl-10: #569CD6; + --light-hl-11: #000000FF; + --dark-hl-11: #D4D4D4; + --light-hl-12: #E50000; + --dark-hl-12: #9CDCFE; + --light-hl-13: #0000FF; + --dark-hl-13: #CE9178; + --light-code-background: #FFFFFF; + --dark-code-background: #1E1E1E; +} + +@media (prefers-color-scheme: light) { :root { + --hl-0: var(--light-hl-0); + --hl-1: var(--light-hl-1); + --hl-2: var(--light-hl-2); + --hl-3: var(--light-hl-3); + --hl-4: var(--light-hl-4); + --hl-5: var(--light-hl-5); + --hl-6: var(--light-hl-6); + --hl-7: var(--light-hl-7); + --hl-8: var(--light-hl-8); + --hl-9: var(--light-hl-9); + --hl-10: var(--light-hl-10); + --hl-11: var(--light-hl-11); + --hl-12: var(--light-hl-12); + --hl-13: var(--light-hl-13); + --code-background: var(--light-code-background); +} } + +@media (prefers-color-scheme: dark) { :root { + --hl-0: var(--dark-hl-0); + --hl-1: var(--dark-hl-1); + --hl-2: var(--dark-hl-2); + --hl-3: var(--dark-hl-3); + --hl-4: var(--dark-hl-4); + --hl-5: var(--dark-hl-5); + --hl-6: var(--dark-hl-6); + --hl-7: var(--dark-hl-7); + --hl-8: var(--dark-hl-8); + --hl-9: var(--dark-hl-9); + --hl-10: var(--dark-hl-10); + --hl-11: var(--dark-hl-11); + --hl-12: var(--dark-hl-12); + --hl-13: var(--dark-hl-13); + --code-background: var(--dark-code-background); +} } + +:root[data-theme='light'] { + --hl-0: var(--light-hl-0); + --hl-1: var(--light-hl-1); + --hl-2: var(--light-hl-2); + --hl-3: var(--light-hl-3); + --hl-4: var(--light-hl-4); + --hl-5: var(--light-hl-5); + --hl-6: var(--light-hl-6); + --hl-7: var(--light-hl-7); + --hl-8: var(--light-hl-8); + --hl-9: var(--light-hl-9); + --hl-10: var(--light-hl-10); + --hl-11: var(--light-hl-11); + --hl-12: var(--light-hl-12); + --hl-13: var(--light-hl-13); + --code-background: var(--light-code-background); +} + +:root[data-theme='dark'] { + --hl-0: var(--dark-hl-0); + --hl-1: var(--dark-hl-1); + --hl-2: var(--dark-hl-2); + --hl-3: var(--dark-hl-3); + --hl-4: var(--dark-hl-4); + --hl-5: var(--dark-hl-5); + --hl-6: var(--dark-hl-6); + --hl-7: var(--dark-hl-7); + --hl-8: var(--dark-hl-8); + --hl-9: var(--dark-hl-9); + --hl-10: var(--dark-hl-10); + --hl-11: var(--dark-hl-11); + --hl-12: var(--dark-hl-12); + --hl-13: var(--dark-hl-13); + --code-background: var(--dark-code-background); +} + +.hl-0 { color: var(--hl-0); } +.hl-1 { color: var(--hl-1); } +.hl-2 { color: var(--hl-2); } +.hl-3 { color: var(--hl-3); } +.hl-4 { color: var(--hl-4); } +.hl-5 { color: var(--hl-5); } +.hl-6 { color: var(--hl-6); } +.hl-7 { color: var(--hl-7); } +.hl-8 { color: var(--hl-8); } +.hl-9 { color: var(--hl-9); } +.hl-10 { color: var(--hl-10); } +.hl-11 { color: var(--hl-11); } +.hl-12 { color: var(--hl-12); } +.hl-13 { color: var(--hl-13); } +pre, code { background: var(--code-background); } diff --git a/ml-kem/docs/assets/icons.js b/ml-kem/docs/assets/icons.js new file mode 100644 index 000000000..3dfbd322d --- /dev/null +++ b/ml-kem/docs/assets/icons.js @@ -0,0 +1,18 @@ +(function() { + addIcons(); + function addIcons() { + if (document.readyState === "loading") return document.addEventListener("DOMContentLoaded", addIcons); + const svg = document.body.appendChild(document.createElementNS("http://www.w3.org/2000/svg", "svg")); + svg.innerHTML = `MMNEPVFCICPMFPCPTTAAATR`; + svg.style.display = "none"; + if (location.protocol === "file:") updateUseElements(); + } + + function updateUseElements() { + document.querySelectorAll("use").forEach(el => { + if (el.getAttribute("href").includes("#icon-")) { + el.setAttribute("href", el.getAttribute("href").replace(/.*#/, "#")); + } + }); + } +})() \ No newline at end of file diff --git a/ml-kem/docs/assets/icons.svg b/ml-kem/docs/assets/icons.svg new file mode 100644 index 000000000..a19417dcc --- /dev/null +++ b/ml-kem/docs/assets/icons.svg @@ -0,0 +1 @@ +MMNEPVFCICPMFPCPTTAAATR \ No newline at end of file diff --git a/ml-kem/docs/assets/main.js b/ml-kem/docs/assets/main.js new file mode 100644 index 000000000..99097a053 --- /dev/null +++ b/ml-kem/docs/assets/main.js @@ -0,0 +1,60 @@ +"use strict"; +window.translations={"copy":"Copy","copied":"Copied!","normally_hidden":"This member is normally hidden due to your filter settings."}; +"use strict";(()=>{var Pe=Object.create;var ie=Object.defineProperty;var Oe=Object.getOwnPropertyDescriptor;var _e=Object.getOwnPropertyNames;var Re=Object.getPrototypeOf,Me=Object.prototype.hasOwnProperty;var Fe=(t,e)=>()=>(e||t((e={exports:{}}).exports,e),e.exports);var De=(t,e,n,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let i of _e(e))!Me.call(t,i)&&i!==n&&ie(t,i,{get:()=>e[i],enumerable:!(r=Oe(e,i))||r.enumerable});return t};var Ae=(t,e,n)=>(n=t!=null?Pe(Re(t)):{},De(e||!t||!t.__esModule?ie(n,"default",{value:t,enumerable:!0}):n,t));var ue=Fe((ae,le)=>{(function(){var t=function(e){var n=new t.Builder;return n.pipeline.add(t.trimmer,t.stopWordFilter,t.stemmer),n.searchPipeline.add(t.stemmer),e.call(n,n),n.build()};t.version="2.3.9";t.utils={},t.utils.warn=function(e){return function(n){e.console&&console.warn&&console.warn(n)}}(this),t.utils.asString=function(e){return e==null?"":e.toString()},t.utils.clone=function(e){if(e==null)return e;for(var n=Object.create(null),r=Object.keys(e),i=0;i0){var d=t.utils.clone(n)||{};d.position=[a,u],d.index=s.length,s.push(new t.Token(r.slice(a,o),d))}a=o+1}}return s},t.tokenizer.separator=/[\s\-]+/;t.Pipeline=function(){this._stack=[]},t.Pipeline.registeredFunctions=Object.create(null),t.Pipeline.registerFunction=function(e,n){n in this.registeredFunctions&&t.utils.warn("Overwriting existing registered function: "+n),e.label=n,t.Pipeline.registeredFunctions[e.label]=e},t.Pipeline.warnIfFunctionNotRegistered=function(e){var n=e.label&&e.label in this.registeredFunctions;n||t.utils.warn(`Function is not registered with pipeline. This may cause problems when serialising the index. +`,e)},t.Pipeline.load=function(e){var n=new t.Pipeline;return e.forEach(function(r){var i=t.Pipeline.registeredFunctions[r];if(i)n.add(i);else throw new Error("Cannot load unregistered function: "+r)}),n},t.Pipeline.prototype.add=function(){var e=Array.prototype.slice.call(arguments);e.forEach(function(n){t.Pipeline.warnIfFunctionNotRegistered(n),this._stack.push(n)},this)},t.Pipeline.prototype.after=function(e,n){t.Pipeline.warnIfFunctionNotRegistered(n);var r=this._stack.indexOf(e);if(r==-1)throw new Error("Cannot find existingFn");r=r+1,this._stack.splice(r,0,n)},t.Pipeline.prototype.before=function(e,n){t.Pipeline.warnIfFunctionNotRegistered(n);var r=this._stack.indexOf(e);if(r==-1)throw new Error("Cannot find existingFn");this._stack.splice(r,0,n)},t.Pipeline.prototype.remove=function(e){var n=this._stack.indexOf(e);n!=-1&&this._stack.splice(n,1)},t.Pipeline.prototype.run=function(e){for(var n=this._stack.length,r=0;r1&&(oe&&(r=s),o!=e);)i=r-n,s=n+Math.floor(i/2),o=this.elements[s*2];if(o==e||o>e)return s*2;if(ol?d+=2:a==l&&(n+=r[u+1]*i[d+1],u+=2,d+=2);return n},t.Vector.prototype.similarity=function(e){return this.dot(e)/this.magnitude()||0},t.Vector.prototype.toArray=function(){for(var e=new Array(this.elements.length/2),n=1,r=0;n0){var o=s.str.charAt(0),a;o in s.node.edges?a=s.node.edges[o]:(a=new t.TokenSet,s.node.edges[o]=a),s.str.length==1&&(a.final=!0),i.push({node:a,editsRemaining:s.editsRemaining,str:s.str.slice(1)})}if(s.editsRemaining!=0){if("*"in s.node.edges)var l=s.node.edges["*"];else{var l=new t.TokenSet;s.node.edges["*"]=l}if(s.str.length==0&&(l.final=!0),i.push({node:l,editsRemaining:s.editsRemaining-1,str:s.str}),s.str.length>1&&i.push({node:s.node,editsRemaining:s.editsRemaining-1,str:s.str.slice(1)}),s.str.length==1&&(s.node.final=!0),s.str.length>=1){if("*"in s.node.edges)var u=s.node.edges["*"];else{var u=new t.TokenSet;s.node.edges["*"]=u}s.str.length==1&&(u.final=!0),i.push({node:u,editsRemaining:s.editsRemaining-1,str:s.str.slice(1)})}if(s.str.length>1){var d=s.str.charAt(0),m=s.str.charAt(1),p;m in s.node.edges?p=s.node.edges[m]:(p=new t.TokenSet,s.node.edges[m]=p),s.str.length==1&&(p.final=!0),i.push({node:p,editsRemaining:s.editsRemaining-1,str:d+s.str.slice(2)})}}}return r},t.TokenSet.fromString=function(e){for(var n=new t.TokenSet,r=n,i=0,s=e.length;i=e;n--){var r=this.uncheckedNodes[n],i=r.child.toString();i in this.minimizedNodes?r.parent.edges[r.char]=this.minimizedNodes[i]:(r.child._str=i,this.minimizedNodes[i]=r.child),this.uncheckedNodes.pop()}};t.Index=function(e){this.invertedIndex=e.invertedIndex,this.fieldVectors=e.fieldVectors,this.tokenSet=e.tokenSet,this.fields=e.fields,this.pipeline=e.pipeline},t.Index.prototype.search=function(e){return this.query(function(n){var r=new t.QueryParser(e,n);r.parse()})},t.Index.prototype.query=function(e){for(var n=new t.Query(this.fields),r=Object.create(null),i=Object.create(null),s=Object.create(null),o=Object.create(null),a=Object.create(null),l=0;l1?this._b=1:this._b=e},t.Builder.prototype.k1=function(e){this._k1=e},t.Builder.prototype.add=function(e,n){var r=e[this._ref],i=Object.keys(this._fields);this._documents[r]=n||{},this.documentCount+=1;for(var s=0;s=this.length)return t.QueryLexer.EOS;var e=this.str.charAt(this.pos);return this.pos+=1,e},t.QueryLexer.prototype.width=function(){return this.pos-this.start},t.QueryLexer.prototype.ignore=function(){this.start==this.pos&&(this.pos+=1),this.start=this.pos},t.QueryLexer.prototype.backup=function(){this.pos-=1},t.QueryLexer.prototype.acceptDigitRun=function(){var e,n;do e=this.next(),n=e.charCodeAt(0);while(n>47&&n<58);e!=t.QueryLexer.EOS&&this.backup()},t.QueryLexer.prototype.more=function(){return this.pos1&&(e.backup(),e.emit(t.QueryLexer.TERM)),e.ignore(),e.more())return t.QueryLexer.lexText},t.QueryLexer.lexEditDistance=function(e){return e.ignore(),e.acceptDigitRun(),e.emit(t.QueryLexer.EDIT_DISTANCE),t.QueryLexer.lexText},t.QueryLexer.lexBoost=function(e){return e.ignore(),e.acceptDigitRun(),e.emit(t.QueryLexer.BOOST),t.QueryLexer.lexText},t.QueryLexer.lexEOS=function(e){e.width()>0&&e.emit(t.QueryLexer.TERM)},t.QueryLexer.termSeparator=t.tokenizer.separator,t.QueryLexer.lexText=function(e){for(;;){var n=e.next();if(n==t.QueryLexer.EOS)return t.QueryLexer.lexEOS;if(n.charCodeAt(0)==92){e.escapeCharacter();continue}if(n==":")return t.QueryLexer.lexField;if(n=="~")return e.backup(),e.width()>0&&e.emit(t.QueryLexer.TERM),t.QueryLexer.lexEditDistance;if(n=="^")return e.backup(),e.width()>0&&e.emit(t.QueryLexer.TERM),t.QueryLexer.lexBoost;if(n=="+"&&e.width()===1||n=="-"&&e.width()===1)return e.emit(t.QueryLexer.PRESENCE),t.QueryLexer.lexText;if(n.match(t.QueryLexer.termSeparator))return t.QueryLexer.lexTerm}},t.QueryParser=function(e,n){this.lexer=new t.QueryLexer(e),this.query=n,this.currentClause={},this.lexemeIdx=0},t.QueryParser.prototype.parse=function(){this.lexer.run(),this.lexemes=this.lexer.lexemes;for(var e=t.QueryParser.parseClause;e;)e=e(this);return this.query},t.QueryParser.prototype.peekLexeme=function(){return this.lexemes[this.lexemeIdx]},t.QueryParser.prototype.consumeLexeme=function(){var e=this.peekLexeme();return this.lexemeIdx+=1,e},t.QueryParser.prototype.nextClause=function(){var e=this.currentClause;this.query.clause(e),this.currentClause={}},t.QueryParser.parseClause=function(e){var n=e.peekLexeme();if(n!=null)switch(n.type){case t.QueryLexer.PRESENCE:return t.QueryParser.parsePresence;case t.QueryLexer.FIELD:return t.QueryParser.parseField;case t.QueryLexer.TERM:return t.QueryParser.parseTerm;default:var r="expected either a field or a term, found "+n.type;throw n.str.length>=1&&(r+=" with value '"+n.str+"'"),new t.QueryParseError(r,n.start,n.end)}},t.QueryParser.parsePresence=function(e){var n=e.consumeLexeme();if(n!=null){switch(n.str){case"-":e.currentClause.presence=t.Query.presence.PROHIBITED;break;case"+":e.currentClause.presence=t.Query.presence.REQUIRED;break;default:var r="unrecognised presence operator'"+n.str+"'";throw new t.QueryParseError(r,n.start,n.end)}var i=e.peekLexeme();if(i==null){var r="expecting term or field, found nothing";throw new t.QueryParseError(r,n.start,n.end)}switch(i.type){case t.QueryLexer.FIELD:return t.QueryParser.parseField;case t.QueryLexer.TERM:return t.QueryParser.parseTerm;default:var r="expecting term or field, found '"+i.type+"'";throw new t.QueryParseError(r,i.start,i.end)}}},t.QueryParser.parseField=function(e){var n=e.consumeLexeme();if(n!=null){if(e.query.allFields.indexOf(n.str)==-1){var r=e.query.allFields.map(function(o){return"'"+o+"'"}).join(", "),i="unrecognised field '"+n.str+"', possible fields: "+r;throw new t.QueryParseError(i,n.start,n.end)}e.currentClause.fields=[n.str];var s=e.peekLexeme();if(s==null){var i="expecting term, found nothing";throw new t.QueryParseError(i,n.start,n.end)}switch(s.type){case t.QueryLexer.TERM:return t.QueryParser.parseTerm;default:var i="expecting term, found '"+s.type+"'";throw new t.QueryParseError(i,s.start,s.end)}}},t.QueryParser.parseTerm=function(e){var n=e.consumeLexeme();if(n!=null){e.currentClause.term=n.str.toLowerCase(),n.str.indexOf("*")!=-1&&(e.currentClause.usePipeline=!1);var r=e.peekLexeme();if(r==null){e.nextClause();return}switch(r.type){case t.QueryLexer.TERM:return e.nextClause(),t.QueryParser.parseTerm;case t.QueryLexer.FIELD:return e.nextClause(),t.QueryParser.parseField;case t.QueryLexer.EDIT_DISTANCE:return t.QueryParser.parseEditDistance;case t.QueryLexer.BOOST:return t.QueryParser.parseBoost;case t.QueryLexer.PRESENCE:return e.nextClause(),t.QueryParser.parsePresence;default:var i="Unexpected lexeme type '"+r.type+"'";throw new t.QueryParseError(i,r.start,r.end)}}},t.QueryParser.parseEditDistance=function(e){var n=e.consumeLexeme();if(n!=null){var r=parseInt(n.str,10);if(isNaN(r)){var i="edit distance must be numeric";throw new t.QueryParseError(i,n.start,n.end)}e.currentClause.editDistance=r;var s=e.peekLexeme();if(s==null){e.nextClause();return}switch(s.type){case t.QueryLexer.TERM:return e.nextClause(),t.QueryParser.parseTerm;case t.QueryLexer.FIELD:return e.nextClause(),t.QueryParser.parseField;case t.QueryLexer.EDIT_DISTANCE:return t.QueryParser.parseEditDistance;case t.QueryLexer.BOOST:return t.QueryParser.parseBoost;case t.QueryLexer.PRESENCE:return e.nextClause(),t.QueryParser.parsePresence;default:var i="Unexpected lexeme type '"+s.type+"'";throw new t.QueryParseError(i,s.start,s.end)}}},t.QueryParser.parseBoost=function(e){var n=e.consumeLexeme();if(n!=null){var r=parseInt(n.str,10);if(isNaN(r)){var i="boost must be numeric";throw new t.QueryParseError(i,n.start,n.end)}e.currentClause.boost=r;var s=e.peekLexeme();if(s==null){e.nextClause();return}switch(s.type){case t.QueryLexer.TERM:return e.nextClause(),t.QueryParser.parseTerm;case t.QueryLexer.FIELD:return e.nextClause(),t.QueryParser.parseField;case t.QueryLexer.EDIT_DISTANCE:return t.QueryParser.parseEditDistance;case t.QueryLexer.BOOST:return t.QueryParser.parseBoost;case t.QueryLexer.PRESENCE:return e.nextClause(),t.QueryParser.parsePresence;default:var i="Unexpected lexeme type '"+s.type+"'";throw new t.QueryParseError(i,s.start,s.end)}}},function(e,n){typeof define=="function"&&define.amd?define(n):typeof ae=="object"?le.exports=n():e.lunr=n()}(this,function(){return t})})()});var se=[];function G(t,e){se.push({selector:e,constructor:t})}var U=class{constructor(){this.alwaysVisibleMember=null;this.createComponents(document.body),this.ensureFocusedElementVisible(),this.listenForCodeCopies(),window.addEventListener("hashchange",()=>this.ensureFocusedElementVisible()),document.body.style.display||(this.ensureFocusedElementVisible(),this.updateIndexVisibility(),this.scrollToHash())}createComponents(e){se.forEach(n=>{e.querySelectorAll(n.selector).forEach(r=>{r.dataset.hasInstance||(new n.constructor({el:r,app:this}),r.dataset.hasInstance=String(!0))})})}filterChanged(){this.ensureFocusedElementVisible()}showPage(){document.body.style.display&&(document.body.style.removeProperty("display"),this.ensureFocusedElementVisible(),this.updateIndexVisibility(),this.scrollToHash())}scrollToHash(){if(location.hash){let e=document.getElementById(location.hash.substring(1));if(!e)return;e.scrollIntoView({behavior:"instant",block:"start"})}}ensureActivePageVisible(){let e=document.querySelector(".tsd-navigation .current"),n=e?.parentElement;for(;n&&!n.classList.contains(".tsd-navigation");)n instanceof HTMLDetailsElement&&(n.open=!0),n=n.parentElement;if(e&&!Ve(e)){let r=e.getBoundingClientRect().top-document.documentElement.clientHeight/4;document.querySelector(".site-menu").scrollTop=r,document.querySelector(".col-sidebar").scrollTop=r}}updateIndexVisibility(){let e=document.querySelector(".tsd-index-content"),n=e?.open;e&&(e.open=!0),document.querySelectorAll(".tsd-index-section").forEach(r=>{r.style.display="block";let i=Array.from(r.querySelectorAll(".tsd-index-link")).every(s=>s.offsetParent==null);r.style.display=i?"none":"block"}),e&&(e.open=n)}ensureFocusedElementVisible(){if(this.alwaysVisibleMember&&(this.alwaysVisibleMember.classList.remove("always-visible"),this.alwaysVisibleMember.firstElementChild.remove(),this.alwaysVisibleMember=null),!location.hash)return;let e=document.getElementById(location.hash.substring(1));if(!e)return;let n=e.parentElement;for(;n&&n.tagName!=="SECTION";)n=n.parentElement;if(!n)return;let r=n.offsetParent==null,i=n;for(;i!==document.body;)i instanceof HTMLDetailsElement&&(i.open=!0),i=i.parentElement;if(n.offsetParent==null){this.alwaysVisibleMember=n,n.classList.add("always-visible");let s=document.createElement("p");s.classList.add("warning"),s.textContent=window.translations.normally_hidden,n.prepend(s)}r&&e.scrollIntoView()}listenForCodeCopies(){document.querySelectorAll("pre > button").forEach(e=>{let n;e.addEventListener("click",()=>{e.previousElementSibling instanceof HTMLElement&&navigator.clipboard.writeText(e.previousElementSibling.innerText.trim()),e.textContent=window.translations.copied,e.classList.add("visible"),clearTimeout(n),n=setTimeout(()=>{e.classList.remove("visible"),n=setTimeout(()=>{e.textContent=window.translations.copy},100)},1e3)})})}};function Ve(t){let e=t.getBoundingClientRect(),n=Math.max(document.documentElement.clientHeight,window.innerHeight);return!(e.bottom<0||e.top-n>=0)}var oe=(t,e=100)=>{let n;return()=>{clearTimeout(n),n=setTimeout(()=>t(),e)}};var pe=Ae(ue());async function ce(t,e){if(!window.searchData)return;let n=await fetch(window.searchData),r=new Blob([await n.arrayBuffer()]).stream().pipeThrough(new DecompressionStream("gzip")),i=await new Response(r).json();t.data=i,t.index=pe.Index.load(i.index),e.classList.remove("loading"),e.classList.add("ready")}function fe(){let t=document.getElementById("tsd-search");if(!t)return;let e={base:t.dataset.base+"/"},n=document.getElementById("tsd-search-script");t.classList.add("loading"),n&&(n.addEventListener("error",()=>{t.classList.remove("loading"),t.classList.add("failure")}),n.addEventListener("load",()=>{ce(e,t)}),ce(e,t));let r=document.querySelector("#tsd-search input"),i=document.querySelector("#tsd-search .results");if(!r||!i)throw new Error("The input field or the result list wrapper was not found");i.addEventListener("mouseup",()=>{te(t)}),r.addEventListener("focus",()=>t.classList.add("has-focus")),He(t,i,r,e)}function He(t,e,n,r){n.addEventListener("input",oe(()=>{Ne(t,e,n,r)},200)),n.addEventListener("keydown",i=>{i.key=="Enter"?Be(e,t):i.key=="ArrowUp"?(de(e,n,-1),i.preventDefault()):i.key==="ArrowDown"&&(de(e,n,1),i.preventDefault())}),document.body.addEventListener("keypress",i=>{i.altKey||i.ctrlKey||i.metaKey||!n.matches(":focus")&&i.key==="/"&&(i.preventDefault(),n.focus())}),document.body.addEventListener("keyup",i=>{t.classList.contains("has-focus")&&(i.key==="Escape"||!e.matches(":focus-within")&&!n.matches(":focus"))&&(n.blur(),te(t))})}function te(t){t.classList.remove("has-focus")}function Ne(t,e,n,r){if(!r.index||!r.data)return;e.textContent="";let i=n.value.trim(),s;if(i){let o=i.split(" ").map(a=>a.length?`*${a}*`:"").join(" ");s=r.index.search(o)}else s=[];for(let o=0;oa.score-o.score);for(let o=0,a=Math.min(10,s.length);o`,d=he(l.name,i);globalThis.DEBUG_SEARCH_WEIGHTS&&(d+=` (score: ${s[o].score.toFixed(2)})`),l.parent&&(d=` + ${he(l.parent,i)}.${d}`);let m=document.createElement("li");m.classList.value=l.classes??"";let p=document.createElement("a");p.href=r.base+l.url,p.innerHTML=u+d,m.append(p),p.addEventListener("focus",()=>{e.querySelector(".current")?.classList.remove("current"),m.classList.add("current")}),e.appendChild(m)}}function de(t,e,n){let r=t.querySelector(".current");if(!r)r=t.querySelector(n==1?"li:first-child":"li:last-child"),r&&r.classList.add("current");else{let i=r;if(n===1)do i=i.nextElementSibling??void 0;while(i instanceof HTMLElement&&i.offsetParent==null);else do i=i.previousElementSibling??void 0;while(i instanceof HTMLElement&&i.offsetParent==null);i?(r.classList.remove("current"),i.classList.add("current")):n===-1&&(r.classList.remove("current"),e.focus())}}function Be(t,e){let n=t.querySelector(".current");if(n||(n=t.querySelector("li:first-child")),n){let r=n.querySelector("a");r&&(window.location.href=r.href),te(e)}}function he(t,e){if(e==="")return t;let n=t.toLocaleLowerCase(),r=e.toLocaleLowerCase(),i=[],s=0,o=n.indexOf(r);for(;o!=-1;)i.push(ee(t.substring(s,o)),`${ee(t.substring(o,o+r.length))}`),s=o+r.length,o=n.indexOf(r,s);return i.push(ee(t.substring(s))),i.join("")}var je={"&":"&","<":"<",">":">","'":"'",'"':"""};function ee(t){return t.replace(/[&<>"'"]/g,e=>je[e])}var I=class{constructor(e){this.el=e.el,this.app=e.app}};var F="mousedown",ye="mousemove",N="mouseup",J={x:0,y:0},me=!1,ne=!1,qe=!1,D=!1,ve=/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent);document.documentElement.classList.add(ve?"is-mobile":"not-mobile");ve&&"ontouchstart"in document.documentElement&&(qe=!0,F="touchstart",ye="touchmove",N="touchend");document.addEventListener(F,t=>{ne=!0,D=!1;let e=F=="touchstart"?t.targetTouches[0]:t;J.y=e.pageY||0,J.x=e.pageX||0});document.addEventListener(ye,t=>{if(ne&&!D){let e=F=="touchstart"?t.targetTouches[0]:t,n=J.x-(e.pageX||0),r=J.y-(e.pageY||0);D=Math.sqrt(n*n+r*r)>10}});document.addEventListener(N,()=>{ne=!1});document.addEventListener("click",t=>{me&&(t.preventDefault(),t.stopImmediatePropagation(),me=!1)});var X=class extends I{constructor(e){super(e),this.className=this.el.dataset.toggle||"",this.el.addEventListener(N,n=>this.onPointerUp(n)),this.el.addEventListener("click",n=>n.preventDefault()),document.addEventListener(F,n=>this.onDocumentPointerDown(n)),document.addEventListener(N,n=>this.onDocumentPointerUp(n))}setActive(e){if(this.active==e)return;this.active=e,document.documentElement.classList.toggle("has-"+this.className,e),this.el.classList.toggle("active",e);let n=(this.active?"to-has-":"from-has-")+this.className;document.documentElement.classList.add(n),setTimeout(()=>document.documentElement.classList.remove(n),500)}onPointerUp(e){D||(this.setActive(!0),e.preventDefault())}onDocumentPointerDown(e){if(this.active){if(e.target.closest(".col-sidebar, .tsd-filter-group"))return;this.setActive(!1)}}onDocumentPointerUp(e){if(!D&&this.active&&e.target.closest(".col-sidebar")){let n=e.target.closest("a");if(n){let r=window.location.href;r.indexOf("#")!=-1&&(r=r.substring(0,r.indexOf("#"))),n.href.substring(0,r.length)==r&&setTimeout(()=>this.setActive(!1),250)}}}};var re;try{re=localStorage}catch{re={getItem(){return null},setItem(){}}}var Q=re;var ge=document.head.appendChild(document.createElement("style"));ge.dataset.for="filters";var Y=class extends I{constructor(e){super(e),this.key=`filter-${this.el.name}`,this.value=this.el.checked,this.el.addEventListener("change",()=>{this.setLocalStorage(this.el.checked)}),this.setLocalStorage(this.fromLocalStorage()),ge.innerHTML+=`html:not(.${this.key}) .tsd-is-${this.el.name} { display: none; } +`,this.app.updateIndexVisibility()}fromLocalStorage(){let e=Q.getItem(this.key);return e?e==="true":this.el.checked}setLocalStorage(e){Q.setItem(this.key,e.toString()),this.value=e,this.handleValueChange()}handleValueChange(){this.el.checked=this.value,document.documentElement.classList.toggle(this.key,this.value),this.app.filterChanged(),this.app.updateIndexVisibility()}};var Z=class extends I{constructor(e){super(e),this.summary=this.el.querySelector(".tsd-accordion-summary"),this.icon=this.summary.querySelector("svg"),this.key=`tsd-accordion-${this.summary.dataset.key??this.summary.textContent.trim().replace(/\s+/g,"-").toLowerCase()}`;let n=Q.getItem(this.key);this.el.open=n?n==="true":this.el.open,this.el.addEventListener("toggle",()=>this.update());let r=this.summary.querySelector("a");r&&r.addEventListener("click",()=>{location.assign(r.href)}),this.update()}update(){this.icon.style.transform=`rotate(${this.el.open?0:-90}deg)`,Q.setItem(this.key,this.el.open.toString())}};function Ee(t){let e=Q.getItem("tsd-theme")||"os";t.value=e,xe(e),t.addEventListener("change",()=>{Q.setItem("tsd-theme",t.value),xe(t.value)})}function xe(t){document.documentElement.dataset.theme=t}var K;function we(){let t=document.getElementById("tsd-nav-script");t&&(t.addEventListener("load",Le),Le())}async function Le(){let t=document.getElementById("tsd-nav-container");if(!t||!window.navigationData)return;let n=await(await fetch(window.navigationData)).arrayBuffer(),r=new Blob([n]).stream().pipeThrough(new DecompressionStream("gzip")),i=await new Response(r).json();K=t.dataset.base,K.endsWith("/")||(K+="/"),t.innerHTML="";for(let s of i)Se(s,t,[]);window.app.createComponents(t),window.app.showPage(),window.app.ensureActivePageVisible()}function Se(t,e,n){let r=e.appendChild(document.createElement("li"));if(t.children){let i=[...n,t.text],s=r.appendChild(document.createElement("details"));s.className=t.class?`${t.class} tsd-accordion`:"tsd-accordion";let o=s.appendChild(document.createElement("summary"));o.className="tsd-accordion-summary",o.dataset.key=i.join("$"),o.innerHTML='',be(t,o);let a=s.appendChild(document.createElement("div"));a.className="tsd-accordion-details";let l=a.appendChild(document.createElement("ul"));l.className="tsd-nested-navigation";for(let u of t.children)Se(u,l,i)}else be(t,r,t.class)}function be(t,e,n){if(t.path){let r=e.appendChild(document.createElement("a"));r.href=K+t.path,n&&(r.className=n),location.pathname===r.pathname&&!r.href.includes("#")&&r.classList.add("current"),t.kind&&(r.innerHTML=``),r.appendChild(document.createElement("span")).textContent=t.text}else{let r=e.appendChild(document.createElement("span"));r.innerHTML='',r.appendChild(document.createElement("span")).textContent=t.text}}G(X,"a[data-toggle]");G(Z,".tsd-accordion");G(Y,".tsd-filter-item input[type=checkbox]");var Te=document.getElementById("tsd-theme");Te&&Ee(Te);var $e=new U;Object.defineProperty(window,"app",{value:$e});fe();we();})(); +/*! Bundled license information: + +lunr/lunr.js: + (** + * lunr - http://lunrjs.com - A bit like Solr, but much smaller and not as bright - 2.3.9 + * Copyright (C) 2020 Oliver Nightingale + * @license MIT + *) + (*! + * lunr.utils + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.Set + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.tokenizer + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.Pipeline + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.Vector + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.stemmer + * Copyright (C) 2020 Oliver Nightingale + * Includes code from - http://tartarus.org/~martin/PorterStemmer/js.txt + *) + (*! + * lunr.stopWordFilter + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.trimmer + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.TokenSet + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.Index + * Copyright (C) 2020 Oliver Nightingale + *) + (*! + * lunr.Builder + * Copyright (C) 2020 Oliver Nightingale + *) +*/ diff --git a/ml-kem/docs/assets/navigation.js b/ml-kem/docs/assets/navigation.js new file mode 100644 index 000000000..32b8c257f --- /dev/null +++ b/ml-kem/docs/assets/navigation.js @@ -0,0 +1 @@ +window.navigationData = "data:application/octet-stream;base64,H4sIAAAAAAAAA4uuVipJrShRslLyzfFOzTU0MDJR0lEqSCzJULJSSs5JLC5OLdaHS+lllOTmKOkoZWfmpShZGRpZ1Oqg6jc1NMKh3dTQiKBuczMLHLrNzSwwdccCAEBiT6O9AAAA" \ No newline at end of file diff --git a/ml-kem/docs/assets/search.js b/ml-kem/docs/assets/search.js new file mode 100644 index 000000000..c34b85450 --- /dev/null +++ b/ml-kem/docs/assets/search.js @@ -0,0 +1 @@ +window.searchData = "data:application/octet-stream;base64,H4sIAAAAAAAAA7Wa3W7jNhCF34W91WY9Q1KS/QbFosACBXojBAvXVrtC/AfZSbsb5N0LyZTE0ZAULbtX2XU45wxGn0fHct5FffznLFbFu3ipDluxAswTcVjvS7ESv+2+lHtYoBKJeK13YiU2u/X5XJ4/9795+n7Z70TS/UKshPhIOi0N2GttjofzpX7dXI71hNov9KilnIjTui4PF9LaYNf8t/ertlM27YmZ6u2PCX1zZqbDudzU5eX36uekDzk50608bGKshmMzfU6vf+6qzZfyR4zb+PBcz7p6W1/KWNPx6Zmu69fL9ykvc2amw7dTXe2nLLpD8R64ULlFYV2td9XP8mt3LaZpdFQM7pfz9lN1/lQdvpd1dSm3N3WzLW/vx1PzoI4G7R6b+AHZJf/DhKI78hU9qKe/y0NZX0W/rqvJ7c+PP2w2dfUW28X48IN6qPanY32JuCb2wQd5l4fN+hSx4dtDD5t5hGd3aL4nCy0a0O2qAR8XWTqx+MTS9HVjYOlNpvJKQNsfV3r16bQS0J8KK71LbFYJeAWjSm8UlVQCLhFBpfe6IaeEHCNiymB5Q0oJePpDSu80nVEC+oGI0htEJBTqMCugWATelwYCvcTHk76b+9NJ1GwmooBjODNzQOR0Yvt5QDIJdBQVTPpe7solwblMxhJrHrNTSaCDiVAy3IDmZZKAcyCS2Jv81nQQnPa044w8MtqB4ziSpbnbM0vzx8WRTiw+jjR93RhHepOpOBLQ9seRXn06jgT0p+JI7xIbRwJewTjSG0XFkYBLRBzpvW6IIyHHiDgyWN4QRwKe/jjSO03HkYB+II70BhFxhDrMiiMWgffd/gO9xMeRvpv740jUbCZu/47hzLz5R04ntp8HxJFAR1FxpO/lrjgSnMtkHLHmMTuOBDqYiCPDDWheHAk4B+KIvclvDQfBaU87zogjreNzIqrDtvxXrN7FW1mfq+NBrAQ+yaelSMRfVbnbNl/8dHfjzXG/byQSsT1uXtt/Pptjf5RNlGgOX09/XoikWCQyfdL6+Tkputr29faFTmJ4pa0DkRSQYP60yDJSCKwQSCGKpEBXIbJCJIVSJIV0FUpWKEmhEkmhXIWKFSpSqEVSaFehZoWaFKYiKVJXYcoKU1KYiaTIXIUZK8xIYS6SIncV5qwwJ4VLkRRLV+GSFS4pAA0PsHAiwOGBET0tPm5+HABRgpoHggU4GQIOEVCKoGEDnBwBBwkoSdDwAU6WgMMElCZoGAEnT8CBAkoUNJyAkyngUAGlChpWwMkVcLCAkgUNL+BkCzhcQOmChhlYOvYLcL6AAoYL34pBzhdSvhC8W4bjhaMFhb5Fg44VRelC6ds1yOFCClfz3bx73SBnCylbqH0bBzlaSNHC1Ld0kJOFlCzMfHsHOVhIwcLct3qQc4WUK1x6lw9ysJCCJRfe5SM5WZKSJcG7fCRHS1K0JHqXj+RsydH9T3qXj3TcAilcUnmXj+R0SUqX1N7lIzlekuIlU+/ykZwvSfmSmXf5SA6YpIDJhhl0hRvJAZMUMLn0LR/J+ZKUL7XwLR/F8VIULwW+5aM4XYrSpdAbdDhcisKlpG/5KM6WGuUr5Vs+ypGwKFpK+5aP4mQpSpZKfctHcbAUBUtlvuWjOFeKcqVy7/JRHCxFwVJL7/JRnCxFydIL7/LRHC1N0dLgXT6as6UpWxq9y0dzuDSFS0vv8tGcLk3p0sq7fDTHS48SvPYuH+0I8ZQvnXqXj+aAmZfaj2pvZX0pt79eP7IVRfe06l18Mx/jlt3HxnexFKv3j0Rgfv2psubnx/Ahrn21/xzX/K6xvT48GwTzQdAIYWYE0yhB8qB50IVBF4zu4vpTLqN0zUdeS9FqFUyv0vSq43q9Pqx4KX+c2ocVlra2tLXRVkZbRmr3D4bMo9CX5rGE5SEtD2k80HjAzR7ts7mxhT11M3Zpxq7ixm6ebViamaVpxi1T07aO1Ty3z4QHVWveZtxoxq3ixt09+3JdTGV1bFSlGbjGKPXmi41BEAc9c73QDFct4uTax1Tji5VabZqBSjMMraJ097uX7o9zB93FIBvXXavS/rWM1Zy1aCCOnFam/ZbLmpzVjMyjZK6PogYJ611jriGai6Di3jTDu3EMoUW2ARvNdVBxYPdvwrGydWmNIporq+Ku7PVbqbGsBbbhGs1MVBzXUyvKIh3MlKVBXcfBNLGgLB7ALCY0NzIVwcdzIk7VqdxVh1KsiuePj/8ATXFGFrwuAAA="; \ No newline at end of file diff --git a/ml-kem/docs/assets/style.css b/ml-kem/docs/assets/style.css new file mode 100644 index 000000000..178bfb023 --- /dev/null +++ b/ml-kem/docs/assets/style.css @@ -0,0 +1,1493 @@ +:root { + /* Light */ + --light-color-background: #f2f4f8; + --light-color-background-secondary: #eff0f1; + --light-color-warning-text: #222; + --light-color-background-warning: #e6e600; + --light-color-accent: #c5c7c9; + --light-color-active-menu-item: var(--light-color-accent); + --light-color-text: #222; + --light-color-text-aside: #6e6e6e; + + --light-color-icon-background: var(--light-color-background); + --light-color-icon-text: var(--light-color-text); + + --light-color-comment-tag-text: var(--light-color-text); + --light-color-comment-tag: var(--light-color-background); + + --light-color-link: #1f70c2; + --light-color-focus-outline: #3584e4; + + --light-color-ts-keyword: #056bd6; + --light-color-ts-project: #b111c9; + --light-color-ts-module: var(--light-color-ts-project); + --light-color-ts-namespace: var(--light-color-ts-project); + --light-color-ts-enum: #7e6f15; + --light-color-ts-enum-member: var(--light-color-ts-enum); + --light-color-ts-variable: #4760ec; + --light-color-ts-function: #572be7; + --light-color-ts-class: #1f70c2; + --light-color-ts-interface: #108024; + --light-color-ts-constructor: #4d7fff; + --light-color-ts-property: #ff984d; + --light-color-ts-method: #ff4db8; + --light-color-ts-reference: #ff4d82; + --light-color-ts-call-signature: var(--light-color-ts-method); + --light-color-ts-index-signature: var(--light-color-ts-property); + --light-color-ts-constructor-signature: var(--light-color-ts-constructor); + --light-color-ts-parameter: var(--light-color-ts-variable); + /* type literal not included as links will never be generated to it */ + --light-color-ts-type-parameter: #a55c0e; + --light-color-ts-accessor: #ff4d4d; + --light-color-ts-get-signature: var(--light-color-ts-accessor); + --light-color-ts-set-signature: var(--light-color-ts-accessor); + --light-color-ts-type-alias: #d51270; + /* reference not included as links will be colored with the kind that it points to */ + --light-color-document: #000000; + + --light-external-icon: url("data:image/svg+xml;utf8,"); + --light-color-scheme: light; + + /* Dark */ + --dark-color-background: #2b2e33; + --dark-color-background-secondary: #1e2024; + --dark-color-background-warning: #bebe00; + --dark-color-warning-text: #222; + --dark-color-accent: #9096a2; + --dark-color-active-menu-item: #5d5d6a; + --dark-color-text: #f5f5f5; + --dark-color-text-aside: #dddddd; + + --dark-color-icon-background: var(--dark-color-background-secondary); + --dark-color-icon-text: var(--dark-color-text); + + --dark-color-comment-tag-text: var(--dark-color-text); + --dark-color-comment-tag: var(--dark-color-background); + + --dark-color-link: #00aff4; + --dark-color-focus-outline: #4c97f2; + + --dark-color-ts-keyword: #3399ff; + --dark-color-ts-project: #e358ff; + --dark-color-ts-module: var(--dark-color-ts-project); + --dark-color-ts-namespace: var(--dark-color-ts-project); + --dark-color-ts-enum: #f4d93e; + --dark-color-ts-enum-member: var(--dark-color-ts-enum); + --dark-color-ts-variable: #798dff; + --dark-color-ts-function: #a280ff; + --dark-color-ts-class: #8ac4ff; + --dark-color-ts-interface: #6cff87; + --dark-color-ts-constructor: #4d7fff; + --dark-color-ts-property: #ff984d; + --dark-color-ts-method: #ff4db8; + --dark-color-ts-reference: #ff4d82; + --dark-color-ts-call-signature: var(--dark-color-ts-method); + --dark-color-ts-index-signature: var(--dark-color-ts-property); + --dark-color-ts-constructor-signature: var(--dark-color-ts-constructor); + --dark-color-ts-parameter: var(--dark-color-ts-variable); + /* type literal not included as links will never be generated to it */ + --dark-color-ts-type-parameter: #e07d13; + --dark-color-ts-accessor: #ff4d4d; + --dark-color-ts-get-signature: var(--dark-color-ts-accessor); + --dark-color-ts-set-signature: var(--dark-color-ts-accessor); + --dark-color-ts-type-alias: #ff6492; + /* reference not included as links will be colored with the kind that it points to */ + --dark-color-document: #ffffff; + + --dark-external-icon: url("data:image/svg+xml;utf8,"); + --dark-color-scheme: dark; +} + +@media (prefers-color-scheme: light) { + :root { + --color-background: var(--light-color-background); + --color-background-secondary: var(--light-color-background-secondary); + --color-background-warning: var(--light-color-background-warning); + --color-warning-text: var(--light-color-warning-text); + --color-accent: var(--light-color-accent); + --color-active-menu-item: var(--light-color-active-menu-item); + --color-text: var(--light-color-text); + --color-text-aside: var(--light-color-text-aside); + + --color-icon-background: var(--light-color-icon-background); + --color-icon-text: var(--light-color-icon-text); + + --color-comment-tag-text: var(--light-color-text); + --color-comment-tag: var(--light-color-background); + + --color-link: var(--light-color-link); + --color-focus-outline: var(--light-color-focus-outline); + + --color-ts-keyword: var(--light-color-ts-keyword); + --color-ts-project: var(--light-color-ts-project); + --color-ts-module: var(--light-color-ts-module); + --color-ts-namespace: var(--light-color-ts-namespace); + --color-ts-enum: var(--light-color-ts-enum); + --color-ts-enum-member: var(--light-color-ts-enum-member); + --color-ts-variable: var(--light-color-ts-variable); + --color-ts-function: var(--light-color-ts-function); + --color-ts-class: var(--light-color-ts-class); + --color-ts-interface: var(--light-color-ts-interface); + --color-ts-constructor: var(--light-color-ts-constructor); + --color-ts-property: var(--light-color-ts-property); + --color-ts-method: var(--light-color-ts-method); + --color-ts-reference: var(--light-color-ts-reference); + --color-ts-call-signature: var(--light-color-ts-call-signature); + --color-ts-index-signature: var(--light-color-ts-index-signature); + --color-ts-constructor-signature: var( + --light-color-ts-constructor-signature + ); + --color-ts-parameter: var(--light-color-ts-parameter); + --color-ts-type-parameter: var(--light-color-ts-type-parameter); + --color-ts-accessor: var(--light-color-ts-accessor); + --color-ts-get-signature: var(--light-color-ts-get-signature); + --color-ts-set-signature: var(--light-color-ts-set-signature); + --color-ts-type-alias: var(--light-color-ts-type-alias); + --color-document: var(--light-color-document); + + --external-icon: var(--light-external-icon); + --color-scheme: var(--light-color-scheme); + } +} + +@media (prefers-color-scheme: dark) { + :root { + --color-background: var(--dark-color-background); + --color-background-secondary: var(--dark-color-background-secondary); + --color-background-warning: var(--dark-color-background-warning); + --color-warning-text: var(--dark-color-warning-text); + --color-accent: var(--dark-color-accent); + --color-active-menu-item: var(--dark-color-active-menu-item); + --color-text: var(--dark-color-text); + --color-text-aside: var(--dark-color-text-aside); + + --color-icon-background: var(--dark-color-icon-background); + --color-icon-text: var(--dark-color-icon-text); + + --color-comment-tag-text: var(--dark-color-text); + --color-comment-tag: var(--dark-color-background); + + --color-link: var(--dark-color-link); + --color-focus-outline: var(--dark-color-focus-outline); + + --color-ts-keyword: var(--dark-color-ts-keyword); + --color-ts-project: var(--dark-color-ts-project); + --color-ts-module: var(--dark-color-ts-module); + --color-ts-namespace: var(--dark-color-ts-namespace); + --color-ts-enum: var(--dark-color-ts-enum); + --color-ts-enum-member: var(--dark-color-ts-enum-member); + --color-ts-variable: var(--dark-color-ts-variable); + --color-ts-function: var(--dark-color-ts-function); + --color-ts-class: var(--dark-color-ts-class); + --color-ts-interface: var(--dark-color-ts-interface); + --color-ts-constructor: var(--dark-color-ts-constructor); + --color-ts-property: var(--dark-color-ts-property); + --color-ts-method: var(--dark-color-ts-method); + --color-ts-reference: var(--dark-color-ts-reference); + --color-ts-call-signature: var(--dark-color-ts-call-signature); + --color-ts-index-signature: var(--dark-color-ts-index-signature); + --color-ts-constructor-signature: var( + --dark-color-ts-constructor-signature + ); + --color-ts-parameter: var(--dark-color-ts-parameter); + --color-ts-type-parameter: var(--dark-color-ts-type-parameter); + --color-ts-accessor: var(--dark-color-ts-accessor); + --color-ts-get-signature: var(--dark-color-ts-get-signature); + --color-ts-set-signature: var(--dark-color-ts-set-signature); + --color-ts-type-alias: var(--dark-color-ts-type-alias); + --color-document: var(--dark-color-document); + + --external-icon: var(--dark-external-icon); + --color-scheme: var(--dark-color-scheme); + } +} + +html { + color-scheme: var(--color-scheme); +} + +body { + margin: 0; +} + +:root[data-theme="light"] { + --color-background: var(--light-color-background); + --color-background-secondary: var(--light-color-background-secondary); + --color-background-warning: var(--light-color-background-warning); + --color-warning-text: var(--light-color-warning-text); + --color-icon-background: var(--light-color-icon-background); + --color-accent: var(--light-color-accent); + --color-active-menu-item: var(--light-color-active-menu-item); + --color-text: var(--light-color-text); + --color-text-aside: var(--light-color-text-aside); + --color-icon-text: var(--light-color-icon-text); + + --color-comment-tag-text: var(--light-color-text); + --color-comment-tag: var(--light-color-background); + + --color-link: var(--light-color-link); + --color-focus-outline: var(--light-color-focus-outline); + + --color-ts-keyword: var(--light-color-ts-keyword); + --color-ts-project: var(--light-color-ts-project); + --color-ts-module: var(--light-color-ts-module); + --color-ts-namespace: var(--light-color-ts-namespace); + --color-ts-enum: var(--light-color-ts-enum); + --color-ts-enum-member: var(--light-color-ts-enum-member); + --color-ts-variable: var(--light-color-ts-variable); + --color-ts-function: var(--light-color-ts-function); + --color-ts-class: var(--light-color-ts-class); + --color-ts-interface: var(--light-color-ts-interface); + --color-ts-constructor: var(--light-color-ts-constructor); + --color-ts-property: var(--light-color-ts-property); + --color-ts-method: var(--light-color-ts-method); + --color-ts-reference: var(--light-color-ts-reference); + --color-ts-call-signature: var(--light-color-ts-call-signature); + --color-ts-index-signature: var(--light-color-ts-index-signature); + --color-ts-constructor-signature: var( + --light-color-ts-constructor-signature + ); + --color-ts-parameter: var(--light-color-ts-parameter); + --color-ts-type-parameter: var(--light-color-ts-type-parameter); + --color-ts-accessor: var(--light-color-ts-accessor); + --color-ts-get-signature: var(--light-color-ts-get-signature); + --color-ts-set-signature: var(--light-color-ts-set-signature); + --color-ts-type-alias: var(--light-color-ts-type-alias); + --color-document: var(--light-color-document); + + --external-icon: var(--light-external-icon); + --color-scheme: var(--light-color-scheme); +} + +:root[data-theme="dark"] { + --color-background: var(--dark-color-background); + --color-background-secondary: var(--dark-color-background-secondary); + --color-background-warning: var(--dark-color-background-warning); + --color-warning-text: var(--dark-color-warning-text); + --color-icon-background: var(--dark-color-icon-background); + --color-accent: var(--dark-color-accent); + --color-active-menu-item: var(--dark-color-active-menu-item); + --color-text: var(--dark-color-text); + --color-text-aside: var(--dark-color-text-aside); + --color-icon-text: var(--dark-color-icon-text); + + --color-comment-tag-text: var(--dark-color-text); + --color-comment-tag: var(--dark-color-background); + + --color-link: var(--dark-color-link); + --color-focus-outline: var(--dark-color-focus-outline); + + --color-ts-keyword: var(--dark-color-ts-keyword); + --color-ts-project: var(--dark-color-ts-project); + --color-ts-module: var(--dark-color-ts-module); + --color-ts-namespace: var(--dark-color-ts-namespace); + --color-ts-enum: var(--dark-color-ts-enum); + --color-ts-enum-member: var(--dark-color-ts-enum-member); + --color-ts-variable: var(--dark-color-ts-variable); + --color-ts-function: var(--dark-color-ts-function); + --color-ts-class: var(--dark-color-ts-class); + --color-ts-interface: var(--dark-color-ts-interface); + --color-ts-constructor: var(--dark-color-ts-constructor); + --color-ts-property: var(--dark-color-ts-property); + --color-ts-method: var(--dark-color-ts-method); + --color-ts-reference: var(--dark-color-ts-reference); + --color-ts-call-signature: var(--dark-color-ts-call-signature); + --color-ts-index-signature: var(--dark-color-ts-index-signature); + --color-ts-constructor-signature: var( + --dark-color-ts-constructor-signature + ); + --color-ts-parameter: var(--dark-color-ts-parameter); + --color-ts-type-parameter: var(--dark-color-ts-type-parameter); + --color-ts-accessor: var(--dark-color-ts-accessor); + --color-ts-get-signature: var(--dark-color-ts-get-signature); + --color-ts-set-signature: var(--dark-color-ts-set-signature); + --color-ts-type-alias: var(--dark-color-ts-type-alias); + --color-document: var(--dark-color-document); + + --external-icon: var(--dark-external-icon); + --color-scheme: var(--dark-color-scheme); +} + +*:focus-visible, +.tsd-accordion-summary:focus-visible svg { + outline: 2px solid var(--color-focus-outline); +} + +.always-visible, +.always-visible .tsd-signatures { + display: inherit !important; +} + +h1, +h2, +h3, +h4, +h5, +h6 { + line-height: 1.2; +} + +h1 { + font-size: 1.875rem; + margin: 0.67rem 0; +} + +h2 { + font-size: 1.5rem; + margin: 0.83rem 0; +} + +h3 { + font-size: 1.25rem; + margin: 1rem 0; +} + +h4 { + font-size: 1.05rem; + margin: 1.33rem 0; +} + +h5 { + font-size: 1rem; + margin: 1.5rem 0; +} + +h6 { + font-size: 0.875rem; + margin: 2.33rem 0; +} + +dl, +menu, +ol, +ul { + margin: 1em 0; +} + +dd { + margin: 0 0 0 40px; +} + +.container { + max-width: 1700px; + padding: 0 2rem; +} + +/* Footer */ +footer { + border-top: 1px solid var(--color-accent); + padding-top: 1rem; + padding-bottom: 1rem; + max-height: 3.5rem; +} +footer > p { + margin: 0 1em; +} + +.container-main { + margin: 0 auto; + /* toolbar, footer, margin */ + min-height: calc(100vh - 41px - 56px - 4rem); +} + +@keyframes fade-in { + from { + opacity: 0; + } + to { + opacity: 1; + } +} +@keyframes fade-out { + from { + opacity: 1; + visibility: visible; + } + to { + opacity: 0; + } +} +@keyframes fade-in-delayed { + 0% { + opacity: 0; + } + 33% { + opacity: 0; + } + 100% { + opacity: 1; + } +} +@keyframes fade-out-delayed { + 0% { + opacity: 1; + visibility: visible; + } + 66% { + opacity: 0; + } + 100% { + opacity: 0; + } +} +@keyframes pop-in-from-right { + from { + transform: translate(100%, 0); + } + to { + transform: translate(0, 0); + } +} +@keyframes pop-out-to-right { + from { + transform: translate(0, 0); + visibility: visible; + } + to { + transform: translate(100%, 0); + } +} +body { + background: var(--color-background); + font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", "Noto Sans", + Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji"; + font-size: 16px; + color: var(--color-text); +} + +a { + color: var(--color-link); + text-decoration: none; +} +a:hover { + text-decoration: underline; +} +a.external[target="_blank"] { + background-image: var(--external-icon); + background-position: top 3px right; + background-repeat: no-repeat; + padding-right: 13px; +} +a.tsd-anchor-link { + color: var(--color-text); +} + +code, +pre { + font-family: Menlo, Monaco, Consolas, "Courier New", monospace; + padding: 0.2em; + margin: 0; + font-size: 0.875rem; + border-radius: 0.8em; +} + +pre { + position: relative; + white-space: pre-wrap; + word-wrap: break-word; + padding: 10px; + border: 1px solid var(--color-accent); +} +pre code { + padding: 0; + font-size: 100%; +} +pre > button { + position: absolute; + top: 10px; + right: 10px; + opacity: 0; + transition: opacity 0.1s; + box-sizing: border-box; +} +pre:hover > button, +pre > button.visible { + opacity: 1; +} + +blockquote { + margin: 1em 0; + padding-left: 1em; + border-left: 4px solid gray; +} + +.tsd-typography { + line-height: 1.333em; +} +.tsd-typography ul { + list-style: square; + padding: 0 0 0 20px; + margin: 0; +} +.tsd-typography .tsd-index-panel h3, +.tsd-index-panel .tsd-typography h3, +.tsd-typography h4, +.tsd-typography h5, +.tsd-typography h6 { + font-size: 1em; +} +.tsd-typography h5, +.tsd-typography h6 { + font-weight: normal; +} +.tsd-typography p, +.tsd-typography ul, +.tsd-typography ol { + margin: 1em 0; +} +.tsd-typography table { + border-collapse: collapse; + border: none; +} +.tsd-typography td, +.tsd-typography th { + padding: 6px 13px; + border: 1px solid var(--color-accent); +} +.tsd-typography thead, +.tsd-typography tr:nth-child(even) { + background-color: var(--color-background-secondary); +} + +.tsd-breadcrumb { + margin: 0; + padding: 0; + color: var(--color-text-aside); +} +.tsd-breadcrumb a { + color: var(--color-text-aside); + text-decoration: none; +} +.tsd-breadcrumb a:hover { + text-decoration: underline; +} +.tsd-breadcrumb li { + display: inline; +} +.tsd-breadcrumb li:after { + content: " / "; +} + +.tsd-comment-tags { + display: flex; + flex-direction: column; +} +dl.tsd-comment-tag-group { + display: flex; + align-items: center; + overflow: hidden; + margin: 0.5em 0; +} +dl.tsd-comment-tag-group dt { + display: flex; + margin-right: 0.5em; + font-size: 0.875em; + font-weight: normal; +} +dl.tsd-comment-tag-group dd { + margin: 0; +} +code.tsd-tag { + padding: 0.25em 0.4em; + border: 0.1em solid var(--color-accent); + margin-right: 0.25em; + font-size: 70%; +} +h1 code.tsd-tag:first-of-type { + margin-left: 0.25em; +} + +dl.tsd-comment-tag-group dd:before, +dl.tsd-comment-tag-group dd:after { + content: " "; +} +dl.tsd-comment-tag-group dd pre, +dl.tsd-comment-tag-group dd:after { + clear: both; +} +dl.tsd-comment-tag-group p { + margin: 0; +} + +.tsd-panel.tsd-comment .lead { + font-size: 1.1em; + line-height: 1.333em; + margin-bottom: 2em; +} +.tsd-panel.tsd-comment .lead:last-child { + margin-bottom: 0; +} + +.tsd-filter-visibility h4 { + font-size: 1rem; + padding-top: 0.75rem; + padding-bottom: 0.5rem; + margin: 0; +} +.tsd-filter-item:not(:last-child) { + margin-bottom: 0.5rem; +} +.tsd-filter-input { + display: flex; + width: -moz-fit-content; + width: fit-content; + align-items: center; + -webkit-user-select: none; + -moz-user-select: none; + -ms-user-select: none; + user-select: none; + cursor: pointer; +} +.tsd-filter-input input[type="checkbox"] { + cursor: pointer; + position: absolute; + width: 1.5em; + height: 1.5em; + opacity: 0; +} +.tsd-filter-input input[type="checkbox"]:disabled { + pointer-events: none; +} +.tsd-filter-input svg { + cursor: pointer; + width: 1.5em; + height: 1.5em; + margin-right: 0.5em; + border-radius: 0.33em; + /* Leaving this at full opacity breaks event listeners on Firefox. + Don't remove unless you know what you're doing. */ + opacity: 0.99; +} +.tsd-filter-input input[type="checkbox"]:focus-visible + svg { + outline: 2px solid var(--color-focus-outline); +} +.tsd-checkbox-background { + fill: var(--color-accent); +} +input[type="checkbox"]:checked ~ svg .tsd-checkbox-checkmark { + stroke: var(--color-text); +} +.tsd-filter-input input:disabled ~ svg > .tsd-checkbox-background { + fill: var(--color-background); + stroke: var(--color-accent); + stroke-width: 0.25rem; +} +.tsd-filter-input input:disabled ~ svg > .tsd-checkbox-checkmark { + stroke: var(--color-accent); +} + +.settings-label { + font-weight: bold; + text-transform: uppercase; + display: inline-block; +} + +.tsd-filter-visibility .settings-label { + margin: 0.75rem 0 0.5rem 0; +} + +.tsd-theme-toggle .settings-label { + margin: 0.75rem 0.75rem 0 0; +} + +.tsd-hierarchy { + list-style: square; + margin: 0; +} +.tsd-hierarchy .target { + font-weight: bold; +} + +.tsd-full-hierarchy:not(:last-child) { + margin-bottom: 1em; + padding-bottom: 1em; + border-bottom: 1px solid var(--color-accent); +} +.tsd-full-hierarchy, +.tsd-full-hierarchy ul { + list-style: none; + margin: 0; + padding: 0; +} +.tsd-full-hierarchy ul { + padding-left: 1.5rem; +} +.tsd-full-hierarchy a { + padding: 0.25rem 0 !important; + font-size: 1rem; + display: inline-flex; + align-items: center; + color: var(--color-text); +} + +.tsd-panel-group.tsd-index-group { + margin-bottom: 0; +} +.tsd-index-panel .tsd-index-list { + list-style: none; + line-height: 1.333em; + margin: 0; + padding: 0.25rem 0 0 0; + overflow: hidden; + display: grid; + grid-template-columns: repeat(3, 1fr); + column-gap: 1rem; + grid-template-rows: auto; +} +@media (max-width: 1024px) { + .tsd-index-panel .tsd-index-list { + grid-template-columns: repeat(2, 1fr); + } +} +@media (max-width: 768px) { + .tsd-index-panel .tsd-index-list { + grid-template-columns: repeat(1, 1fr); + } +} +.tsd-index-panel .tsd-index-list li { + -webkit-page-break-inside: avoid; + -moz-page-break-inside: avoid; + -ms-page-break-inside: avoid; + -o-page-break-inside: avoid; + page-break-inside: avoid; +} + +.tsd-flag { + display: inline-block; + padding: 0.25em 0.4em; + border-radius: 4px; + color: var(--color-comment-tag-text); + background-color: var(--color-comment-tag); + text-indent: 0; + font-size: 75%; + line-height: 1; + font-weight: normal; +} + +.tsd-anchor { + position: relative; + top: -100px; +} + +.tsd-member { + position: relative; +} +.tsd-member .tsd-anchor + h3 { + display: flex; + align-items: center; + margin-top: 0; + margin-bottom: 0; + border-bottom: none; +} + +.tsd-navigation.settings { + margin: 1rem 0; +} +.tsd-navigation > a, +.tsd-navigation .tsd-accordion-summary { + width: calc(100% - 0.25rem); + display: flex; + align-items: center; +} +.tsd-navigation a, +.tsd-navigation summary > span, +.tsd-page-navigation a { + display: flex; + width: calc(100% - 0.25rem); + align-items: center; + padding: 0.25rem; + color: var(--color-text); + text-decoration: none; + box-sizing: border-box; +} +.tsd-navigation a.current, +.tsd-page-navigation a.current { + background: var(--color-active-menu-item); +} +.tsd-navigation a:hover, +.tsd-page-navigation a:hover { + text-decoration: underline; +} +.tsd-navigation ul, +.tsd-page-navigation ul { + margin-top: 0; + margin-bottom: 0; + padding: 0; + list-style: none; +} +.tsd-navigation li, +.tsd-page-navigation li { + padding: 0; + max-width: 100%; +} +.tsd-navigation .tsd-nav-link { + display: none; +} +.tsd-nested-navigation { + margin-left: 3rem; +} +.tsd-nested-navigation > li > details { + margin-left: -1.5rem; +} +.tsd-small-nested-navigation { + margin-left: 1.5rem; +} +.tsd-small-nested-navigation > li > details { + margin-left: -1.5rem; +} + +.tsd-page-navigation-section { + margin-left: 10px; +} +.tsd-page-navigation-section > summary { + padding: 0.25rem; +} +.tsd-page-navigation-section > div { + margin-left: 20px; +} +.tsd-page-navigation ul { + padding-left: 1.75rem; +} + +#tsd-sidebar-links a { + margin-top: 0; + margin-bottom: 0.5rem; + line-height: 1.25rem; +} +#tsd-sidebar-links a:last-of-type { + margin-bottom: 0; +} + +a.tsd-index-link { + padding: 0.25rem 0 !important; + font-size: 1rem; + line-height: 1.25rem; + display: inline-flex; + align-items: center; + color: var(--color-text); +} +.tsd-accordion-summary { + list-style-type: none; /* hide marker on non-safari */ + outline: none; /* broken on safari, so just hide it */ +} +.tsd-accordion-summary::-webkit-details-marker { + display: none; /* hide marker on safari */ +} +.tsd-accordion-summary, +.tsd-accordion-summary a { + -moz-user-select: none; + -webkit-user-select: none; + -ms-user-select: none; + user-select: none; + + cursor: pointer; +} +.tsd-accordion-summary a { + width: calc(100% - 1.5rem); +} +.tsd-accordion-summary > * { + margin-top: 0; + margin-bottom: 0; + padding-top: 0; + padding-bottom: 0; +} +.tsd-accordion .tsd-accordion-summary > svg { + margin-left: 0.25rem; + vertical-align: text-top; +} +.tsd-index-content > :not(:first-child) { + margin-top: 0.75rem; +} +.tsd-index-heading { + margin-top: 1.5rem; + margin-bottom: 0.75rem; +} + +.tsd-no-select { + -webkit-user-select: none; + -moz-user-select: none; + -ms-user-select: none; + user-select: none; +} +.tsd-kind-icon { + margin-right: 0.5rem; + width: 1.25rem; + height: 1.25rem; + min-width: 1.25rem; + min-height: 1.25rem; +} +.tsd-signature > .tsd-kind-icon { + margin-right: 0.8rem; +} + +.tsd-panel { + margin-bottom: 2.5rem; +} +.tsd-panel.tsd-member { + margin-bottom: 4rem; +} +.tsd-panel:empty { + display: none; +} +.tsd-panel > h1, +.tsd-panel > h2, +.tsd-panel > h3 { + margin: 1.5rem -1.5rem 0.75rem -1.5rem; + padding: 0 1.5rem 0.75rem 1.5rem; +} +.tsd-panel > h1.tsd-before-signature, +.tsd-panel > h2.tsd-before-signature, +.tsd-panel > h3.tsd-before-signature { + margin-bottom: 0; + border-bottom: none; +} + +.tsd-panel-group { + margin: 2rem 0; +} +.tsd-panel-group.tsd-index-group { + margin: 2rem 0; +} +.tsd-panel-group.tsd-index-group details { + margin: 2rem 0; +} +.tsd-panel-group > .tsd-accordion-summary { + margin-bottom: 1rem; +} + +#tsd-search { + transition: background-color 0.2s; +} +#tsd-search .title { + position: relative; + z-index: 2; +} +#tsd-search .field { + position: absolute; + left: 0; + top: 0; + right: 2.5rem; + height: 100%; +} +#tsd-search .field input { + box-sizing: border-box; + position: relative; + top: -50px; + z-index: 1; + width: 100%; + padding: 0 10px; + opacity: 0; + outline: 0; + border: 0; + background: transparent; + color: var(--color-text); +} +#tsd-search .field label { + position: absolute; + overflow: hidden; + right: -40px; +} +#tsd-search .field input, +#tsd-search .title, +#tsd-toolbar-links a { + transition: opacity 0.2s; +} +#tsd-search .results { + position: absolute; + visibility: hidden; + top: 40px; + width: 100%; + margin: 0; + padding: 0; + list-style: none; + box-shadow: 0 0 4px rgba(0, 0, 0, 0.25); +} +#tsd-search .results li { + background-color: var(--color-background); + line-height: initial; + padding: 4px; +} +#tsd-search .results li:nth-child(even) { + background-color: var(--color-background-secondary); +} +#tsd-search .results li.state { + display: none; +} +#tsd-search .results li.current:not(.no-results), +#tsd-search .results li:hover:not(.no-results) { + background-color: var(--color-accent); +} +#tsd-search .results a { + display: flex; + align-items: center; + padding: 0.25rem; + box-sizing: border-box; +} +#tsd-search .results a:before { + top: 10px; +} +#tsd-search .results span.parent { + color: var(--color-text-aside); + font-weight: normal; +} +#tsd-search.has-focus { + background-color: var(--color-accent); +} +#tsd-search.has-focus .field input { + top: 0; + opacity: 1; +} +#tsd-search.has-focus .title, +#tsd-search.has-focus #tsd-toolbar-links a { + z-index: 0; + opacity: 0; +} +#tsd-search.has-focus .results { + visibility: visible; +} +#tsd-search.loading .results li.state.loading { + display: block; +} +#tsd-search.failure .results li.state.failure { + display: block; +} + +#tsd-toolbar-links { + position: absolute; + top: 0; + right: 2rem; + height: 100%; + display: flex; + align-items: center; + justify-content: flex-end; +} +#tsd-toolbar-links a { + margin-left: 1.5rem; +} +#tsd-toolbar-links a:hover { + text-decoration: underline; +} + +.tsd-signature { + margin: 0 0 1rem 0; + padding: 1rem 0.5rem; + border: 1px solid var(--color-accent); + font-family: Menlo, Monaco, Consolas, "Courier New", monospace; + font-size: 14px; + overflow-x: auto; +} + +.tsd-signature-keyword { + color: var(--color-ts-keyword); + font-weight: normal; +} + +.tsd-signature-symbol { + color: var(--color-text-aside); + font-weight: normal; +} + +.tsd-signature-type { + font-style: italic; + font-weight: normal; +} + +.tsd-signatures { + padding: 0; + margin: 0 0 1em 0; + list-style-type: none; +} +.tsd-signatures .tsd-signature { + margin: 0; + border-color: var(--color-accent); + border-width: 1px 0; + transition: background-color 0.1s; +} +.tsd-signatures .tsd-index-signature:not(:last-child) { + margin-bottom: 1em; +} +.tsd-signatures .tsd-index-signature .tsd-signature { + border-width: 1px; +} +.tsd-description .tsd-signatures .tsd-signature { + border-width: 1px; +} + +ul.tsd-parameter-list, +ul.tsd-type-parameter-list { + list-style: square; + margin: 0; + padding-left: 20px; +} +ul.tsd-parameter-list > li.tsd-parameter-signature, +ul.tsd-type-parameter-list > li.tsd-parameter-signature { + list-style: none; + margin-left: -20px; +} +ul.tsd-parameter-list h5, +ul.tsd-type-parameter-list h5 { + font-size: 16px; + margin: 1em 0 0.5em 0; +} +.tsd-sources { + margin-top: 1rem; + font-size: 0.875em; +} +.tsd-sources a { + color: var(--color-text-aside); + text-decoration: underline; +} +.tsd-sources ul { + list-style: none; + padding: 0; +} + +.tsd-page-toolbar { + position: sticky; + z-index: 1; + top: 0; + left: 0; + width: 100%; + color: var(--color-text); + background: var(--color-background-secondary); + border-bottom: 1px var(--color-accent) solid; + transition: transform 0.3s ease-in-out; +} +.tsd-page-toolbar a { + color: var(--color-text); + text-decoration: none; +} +.tsd-page-toolbar a.title { + font-weight: bold; +} +.tsd-page-toolbar a.title:hover { + text-decoration: underline; +} +.tsd-page-toolbar .tsd-toolbar-contents { + display: flex; + justify-content: space-between; + height: 2.5rem; + margin: 0 auto; +} +.tsd-page-toolbar .table-cell { + position: relative; + white-space: nowrap; + line-height: 40px; +} +.tsd-page-toolbar .table-cell:first-child { + width: 100%; +} +.tsd-page-toolbar .tsd-toolbar-icon { + box-sizing: border-box; + line-height: 0; + padding: 12px 0; +} + +.tsd-widget { + display: inline-block; + overflow: hidden; + opacity: 0.8; + height: 40px; + transition: + opacity 0.1s, + background-color 0.2s; + vertical-align: bottom; + cursor: pointer; +} +.tsd-widget:hover { + opacity: 0.9; +} +.tsd-widget.active { + opacity: 1; + background-color: var(--color-accent); +} +.tsd-widget.no-caption { + width: 40px; +} +.tsd-widget.no-caption:before { + margin: 0; +} + +.tsd-widget.options, +.tsd-widget.menu { + display: none; +} +input[type="checkbox"] + .tsd-widget:before { + background-position: -120px 0; +} +input[type="checkbox"]:checked + .tsd-widget:before { + background-position: -160px 0; +} + +img { + max-width: 100%; +} + +.tsd-anchor-icon { + display: inline-flex; + align-items: center; + margin-left: 0.5rem; + vertical-align: middle; + color: var(--color-text); +} + +.tsd-anchor-icon svg { + width: 1em; + height: 1em; + visibility: hidden; +} + +.tsd-anchor-link:hover > .tsd-anchor-icon svg { + visibility: visible; +} + +.deprecated { + text-decoration: line-through !important; +} + +.warning { + padding: 1rem; + color: var(--color-warning-text); + background: var(--color-background-warning); +} + +.tsd-kind-project { + color: var(--color-ts-project); +} +.tsd-kind-module { + color: var(--color-ts-module); +} +.tsd-kind-namespace { + color: var(--color-ts-namespace); +} +.tsd-kind-enum { + color: var(--color-ts-enum); +} +.tsd-kind-enum-member { + color: var(--color-ts-enum-member); +} +.tsd-kind-variable { + color: var(--color-ts-variable); +} +.tsd-kind-function { + color: var(--color-ts-function); +} +.tsd-kind-class { + color: var(--color-ts-class); +} +.tsd-kind-interface { + color: var(--color-ts-interface); +} +.tsd-kind-constructor { + color: var(--color-ts-constructor); +} +.tsd-kind-property { + color: var(--color-ts-property); +} +.tsd-kind-method { + color: var(--color-ts-method); +} +.tsd-kind-reference { + color: var(--color-ts-reference); +} +.tsd-kind-call-signature { + color: var(--color-ts-call-signature); +} +.tsd-kind-index-signature { + color: var(--color-ts-index-signature); +} +.tsd-kind-constructor-signature { + color: var(--color-ts-constructor-signature); +} +.tsd-kind-parameter { + color: var(--color-ts-parameter); +} +.tsd-kind-type-parameter { + color: var(--color-ts-type-parameter); +} +.tsd-kind-accessor { + color: var(--color-ts-accessor); +} +.tsd-kind-get-signature { + color: var(--color-ts-get-signature); +} +.tsd-kind-set-signature { + color: var(--color-ts-set-signature); +} +.tsd-kind-type-alias { + color: var(--color-ts-type-alias); +} + +/* if we have a kind icon, don't color the text by kind */ +.tsd-kind-icon ~ span { + color: var(--color-text); +} + +* { + scrollbar-width: thin; + scrollbar-color: var(--color-accent) var(--color-icon-background); +} + +*::-webkit-scrollbar { + width: 0.75rem; +} + +*::-webkit-scrollbar-track { + background: var(--color-icon-background); +} + +*::-webkit-scrollbar-thumb { + background-color: var(--color-accent); + border-radius: 999rem; + border: 0.25rem solid var(--color-icon-background); +} + +/* mobile */ +@media (max-width: 769px) { + .tsd-widget.options, + .tsd-widget.menu { + display: inline-block; + } + + .container-main { + display: flex; + } + html .col-content { + float: none; + max-width: 100%; + width: 100%; + } + html .col-sidebar { + position: fixed !important; + overflow-y: auto; + -webkit-overflow-scrolling: touch; + z-index: 1024; + top: 0 !important; + bottom: 0 !important; + left: auto !important; + right: 0 !important; + padding: 1.5rem 1.5rem 0 0; + width: 75vw; + visibility: hidden; + background-color: var(--color-background); + transform: translate(100%, 0); + } + html .col-sidebar > *:last-child { + padding-bottom: 20px; + } + html .overlay { + content: ""; + display: block; + position: fixed; + z-index: 1023; + top: 0; + left: 0; + right: 0; + bottom: 0; + background-color: rgba(0, 0, 0, 0.75); + visibility: hidden; + } + + .to-has-menu .overlay { + animation: fade-in 0.4s; + } + + .to-has-menu .col-sidebar { + animation: pop-in-from-right 0.4s; + } + + .from-has-menu .overlay { + animation: fade-out 0.4s; + } + + .from-has-menu .col-sidebar { + animation: pop-out-to-right 0.4s; + } + + .has-menu body { + overflow: hidden; + } + .has-menu .overlay { + visibility: visible; + } + .has-menu .col-sidebar { + visibility: visible; + transform: translate(0, 0); + display: flex; + flex-direction: column; + gap: 1.5rem; + max-height: 100vh; + padding: 1rem 2rem; + } + .has-menu .tsd-navigation { + max-height: 100%; + } + #tsd-toolbar-links { + display: none; + } + .tsd-navigation .tsd-nav-link { + display: flex; + } +} + +/* one sidebar */ +@media (min-width: 770px) { + .container-main { + display: grid; + grid-template-columns: minmax(0, 1fr) minmax(0, 2fr); + grid-template-areas: "sidebar content"; + margin: 2rem auto; + } + + .col-sidebar { + grid-area: sidebar; + } + .col-content { + grid-area: content; + padding: 0 1rem; + } +} +@media (min-width: 770px) and (max-width: 1399px) { + .col-sidebar { + max-height: calc(100vh - 2rem - 42px); + overflow: auto; + position: sticky; + top: 42px; + padding-top: 1rem; + } + .site-menu { + margin-top: 1rem; + } +} + +/* two sidebars */ +@media (min-width: 1200px) { + .container-main { + grid-template-columns: minmax(0, 1fr) minmax(0, 2.5fr) minmax(0, 20rem); + grid-template-areas: "sidebar content toc"; + } + + .col-sidebar { + display: contents; + } + + .page-menu { + grid-area: toc; + padding-left: 1rem; + } + .site-menu { + grid-area: sidebar; + } + + .site-menu { + margin-top: 1rem; + } + + .page-menu, + .site-menu { + max-height: calc(100vh - 2rem - 42px); + overflow: auto; + position: sticky; + top: 42px; + } +} diff --git a/ml-kem/docs/classes/MlKem1024.html b/ml-kem/docs/classes/MlKem1024.html new file mode 100644 index 000000000..ad175cc4b --- /dev/null +++ b/ml-kem/docs/classes/MlKem1024.html @@ -0,0 +1,78 @@ +MlKem1024 | @hpke/ml-kem

Class MlKem1024

The ML-KEM-1024 for HPKE KEM implementing KemInterface.

+

The instance of this class can be specified to the +CipherSuiteParams as follows:

+
import { Aes256Gcm, CipherSuite, HkdfSha512 } from "@hpke/core";
import { MlKem768 } from "@hpke/ml-kem";
const suite = new CipherSuite({
kem: new MlKem1024(),
kdf: new HkdfSha512(),
aead: new Aes256Gcm(),
}); +
+ +

Hierarchy

  • MlKemBase
    • MlKem1024

Constructors

Properties

_prim: MlKemInterface = undefined
auth: boolean = false
encSize: number = 1568
id: KemId = KemId.MlKem1024
name: string = "ML-KEM-1024"
privateKeySize: number = 64
publicKeySize: number = 1568
secretSize: number = 32

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

    If the error occurred, throws DecapError.

    +

    Parameters

    • params: RecipientContextParams

      A set of parameters for the recipient context.

      +

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    +

    DecapError

    +
  • Derives a key pair from the byte string ikm.

    +

    If the error occurred, throws DeriveKeyPairError.

    +

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

      +

    Returns Promise<CryptoKeyPair>

    A key pair derived.

    +

    DeriveKeyPairError

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • key: ArrayBuffer

      A key as bytes.

      +

    Returns Promise<CryptoKey>

    A CryptoKey.

    +

    DeserializeError

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • key: ArrayBuffer

      A key as bytes.

      +

    Returns Promise<CryptoKey>

    A CryptoKey.

    +

    DeserializeError

    +
  • Generates an ephemeral, fixed-length symmetric key and +a fixed-length encapsulation of the key that can be decapsulated +by the holder of the private key corresponding to pkR.

    +

    If the error occurred, throws EncapError.

    +

    Parameters

    • params: SenderContextParams

      A set of parameters for the sender context.

      +

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    +

    EncapError

    +
  • Generates a key pair.

    +

    If the error occurred, throws NotSupportedError.

    +

    Returns Promise<CryptoKeyPair>

    A key pair generated.

    +

    NotSupportedError

    +
  • Imports a public or private key and converts to a CryptoKey.

    +

    Since key parameters for createSenderContext or createRecipientContext +are CryptoKey format, you have to use this function to convert provided keys +to CryptoKey.

    +

    Basically, this is a thin wrapper function of +SubtleCrypto.importKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • format: "raw" | "jwk"

      For now, 'raw' and 'jwk' are supported.

      +
    • key: ArrayBuffer | JsonWebKeyExtended

      A byte string of a raw key or A JsonWebKey object.

      +
    • isPublic: boolean = true

      The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

      +

    Returns Promise<CryptoKey>

    A public or private CryptoKey.

    +

    DeserializeError

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +

    If the error occurred, throws SerializeError.

    +

    Parameters

    • key: CryptoKey

      A CryptoKey.

      +

    Returns Promise<ArrayBuffer>

    A key as bytes.

    +

    SerializeError

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +

    If the error occurred, throws SerializeError.

    +

    Parameters

    • key: CryptoKey

      A CryptoKey.

      +

    Returns Promise<ArrayBuffer>

    A key as bytes.

    +

    SerializeError

    +
diff --git a/ml-kem/docs/classes/MlKem512.html b/ml-kem/docs/classes/MlKem512.html new file mode 100644 index 000000000..ff4c10d48 --- /dev/null +++ b/ml-kem/docs/classes/MlKem512.html @@ -0,0 +1,78 @@ +MlKem512 | @hpke/ml-kem

Class MlKem512

The ML-KEM-512 for HPKE KEM implementing KemInterface.

+

The instance of this class can be specified to the +CipherSuiteParams as follows:

+
import { Aes128Gcm, CipherSuite, HkdfSha256 } from "@hpke/core";
import { MlKem768 } from "@hpke/ml-kem";
const suite = new CipherSuite({
kem: new MlKem512(),
kdf: new HkdfSha256(),
aead: new Aes128Gcm(),
}); +
+ +

Hierarchy

  • MlKemBase
    • MlKem512

Constructors

Properties

_prim: MlKemInterface = undefined
auth: boolean = false
encSize: number = 768
id: KemId = KemId.MlKem512
name: string = "ML-KEM-512"
privateKeySize: number = 64
publicKeySize: number = 800
secretSize: number = 32

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

    If the error occurred, throws DecapError.

    +

    Parameters

    • params: RecipientContextParams

      A set of parameters for the recipient context.

      +

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    +

    DecapError

    +
  • Derives a key pair from the byte string ikm.

    +

    If the error occurred, throws DeriveKeyPairError.

    +

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

      +

    Returns Promise<CryptoKeyPair>

    A key pair derived.

    +

    DeriveKeyPairError

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • key: ArrayBuffer

      A key as bytes.

      +

    Returns Promise<CryptoKey>

    A CryptoKey.

    +

    DeserializeError

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • key: ArrayBuffer

      A key as bytes.

      +

    Returns Promise<CryptoKey>

    A CryptoKey.

    +

    DeserializeError

    +
  • Generates an ephemeral, fixed-length symmetric key and +a fixed-length encapsulation of the key that can be decapsulated +by the holder of the private key corresponding to pkR.

    +

    If the error occurred, throws EncapError.

    +

    Parameters

    • params: SenderContextParams

      A set of parameters for the sender context.

      +

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    +

    EncapError

    +
  • Generates a key pair.

    +

    If the error occurred, throws NotSupportedError.

    +

    Returns Promise<CryptoKeyPair>

    A key pair generated.

    +

    NotSupportedError

    +
  • Imports a public or private key and converts to a CryptoKey.

    +

    Since key parameters for createSenderContext or createRecipientContext +are CryptoKey format, you have to use this function to convert provided keys +to CryptoKey.

    +

    Basically, this is a thin wrapper function of +SubtleCrypto.importKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • format: "raw" | "jwk"

      For now, 'raw' and 'jwk' are supported.

      +
    • key: ArrayBuffer | JsonWebKeyExtended

      A byte string of a raw key or A JsonWebKey object.

      +
    • isPublic: boolean = true

      The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

      +

    Returns Promise<CryptoKey>

    A public or private CryptoKey.

    +

    DeserializeError

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +

    If the error occurred, throws SerializeError.

    +

    Parameters

    • key: CryptoKey

      A CryptoKey.

      +

    Returns Promise<ArrayBuffer>

    A key as bytes.

    +

    SerializeError

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +

    If the error occurred, throws SerializeError.

    +

    Parameters

    • key: CryptoKey

      A CryptoKey.

      +

    Returns Promise<ArrayBuffer>

    A key as bytes.

    +

    SerializeError

    +
diff --git a/ml-kem/docs/classes/MlKem768.html b/ml-kem/docs/classes/MlKem768.html new file mode 100644 index 000000000..041010afa --- /dev/null +++ b/ml-kem/docs/classes/MlKem768.html @@ -0,0 +1,78 @@ +MlKem768 | @hpke/ml-kem

Class MlKem768

The ML-KEM-768 for HPKE KEM implementing KemInterface.

+

The instance of this class can be specified to the +CipherSuiteParams as follows:

+
import { Aes256Gcm, CipherSuite, HkdfSha384 } from "@hpke/core";
import { MlKem768 } from "@hpke/ml-kem";
const suite = new CipherSuite({
kem: new MlKem768(),
kdf: new HkdfSha384(),
aead: new Aes256Gcm(),
}); +
+ +

Hierarchy

  • MlKemBase
    • MlKem768

Constructors

Properties

_prim: MlKemInterface = undefined
auth: boolean = false
encSize: number = 1088
id: KemId = KemId.MlKem768
name: string = "ML-KEM-768"
privateKeySize: number = 64
publicKeySize: number = 1184
secretSize: number = 32

Methods

  • Recovers the ephemeral symmetric key from its encapsulated representation enc.

    +

    If the error occurred, throws DecapError.

    +

    Parameters

    • params: RecipientContextParams

      A set of parameters for the recipient context.

      +

    Returns Promise<ArrayBuffer>

    A shared secret as the output of the decapsulation step.

    +

    DecapError

    +
  • Derives a key pair from the byte string ikm.

    +

    If the error occurred, throws DeriveKeyPairError.

    +

    Parameters

    • ikm: ArrayBuffer

      An input keying material.

      +

    Returns Promise<CryptoKeyPair>

    A key pair derived.

    +

    DeriveKeyPairError

    +
  • Deserializes a private key as a byte string of length Nsk to CryptoKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • key: ArrayBuffer

      A key as bytes.

      +

    Returns Promise<CryptoKey>

    A CryptoKey.

    +

    DeserializeError

    +
  • Deserializes a public key as a byte string of length Npk to CryptoKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • key: ArrayBuffer

      A key as bytes.

      +

    Returns Promise<CryptoKey>

    A CryptoKey.

    +

    DeserializeError

    +
  • Generates an ephemeral, fixed-length symmetric key and +a fixed-length encapsulation of the key that can be decapsulated +by the holder of the private key corresponding to pkR.

    +

    If the error occurred, throws EncapError.

    +

    Parameters

    • params: SenderContextParams

      A set of parameters for the sender context.

      +

    Returns Promise<{
        enc: ArrayBuffer;
        sharedSecret: ArrayBuffer;
    }>

    A shared secret and an encapsulated key as the output of the encapsulation step.

    +

    EncapError

    +
  • Generates a key pair.

    +

    If the error occurred, throws NotSupportedError.

    +

    Returns Promise<CryptoKeyPair>

    A key pair generated.

    +

    NotSupportedError

    +
  • Imports a public or private key and converts to a CryptoKey.

    +

    Since key parameters for createSenderContext or createRecipientContext +are CryptoKey format, you have to use this function to convert provided keys +to CryptoKey.

    +

    Basically, this is a thin wrapper function of +SubtleCrypto.importKey.

    +

    If the error occurred, throws DeserializeError.

    +

    Parameters

    • format: "raw" | "jwk"

      For now, 'raw' and 'jwk' are supported.

      +
    • key: ArrayBuffer | JsonWebKeyExtended

      A byte string of a raw key or A JsonWebKey object.

      +
    • isPublic: boolean = true

      The indicator whether the provided key is a public key or not, which is used only for 'raw' format.

      +

    Returns Promise<CryptoKey>

    A public or private CryptoKey.

    +

    DeserializeError

    +
  • Serializes a private key as CryptoKey to a byte string of length Nsk.

    +

    If the error occurred, throws SerializeError.

    +

    Parameters

    • key: CryptoKey

      A CryptoKey.

      +

    Returns Promise<ArrayBuffer>

    A key as bytes.

    +

    SerializeError

    +
  • Serializes a public key as CryptoKey to a byte string of length Npk.

    +

    If the error occurred, throws SerializeError.

    +

    Parameters

    • key: CryptoKey

      A CryptoKey.

      +

    Returns Promise<ArrayBuffer>

    A key as bytes.

    +

    SerializeError

    +
diff --git a/ml-kem/docs/index.html b/ml-kem/docs/index.html new file mode 100644 index 000000000..054bde0ae --- /dev/null +++ b/ml-kem/docs/index.html @@ -0,0 +1,67 @@ +@hpke/ml-kem

@hpke/ml-kem

@hpke/ml-kem

+
+JSR +
+ +

+ +

An example of use:

+
import { Aes256Gcm, CipherSuite, HkdfSha256 } from "@hpke/core";
import { MlKem768 } from "@hpke/ml-kem"; // MlKem512 and MlKem1024 are also available.

async function doHpke() {
const suite = new CipherSuite({
kem: new MlKem768(),
kdf: new HkdfSha256(),
aead: new Aes256Gcm(),
});

// NOTE: The following support for JWKs with the AKP key type is experimental.
// Please be aware that the specifications are subject to change without notice.
const jwkPub = {
kty: "AKP",
kid: "01",
alg: "X-Wing",
pub:
"4iNrNajCSzmxCqEyOpapGaLO2IQAYzp7BxMXE_wUsrWxnPw9pfoaksSfJVE-D9MNaxYRyauWNdcIZyekt9IdNCROZpac8Vs7KnhTKfYbCWsnfqA3ODR5prVW3nIx_kt_qcmsJMBpmgAYpSU0AbrPqQXKgWVz5WotLgZ-m3KHUzuhOpN97bMfpEus7UB2mSNhADSuMeYZoXAkUZmzxcOYZIWf4bTJcXoHwwSVvfuYoKACzPVsEobO9QQd7ePETPFr9WLHRIUYAms9i5lAaAq9OKFXX9J7WNoGO_rDLDnDCGk3TAXBrrGJi2swPMaL5FU0buCvaZY2IkoUjKKuoQRjERxwn2m2nHDOhTh0ZpjExgqa7wAwx5JM7sQqXTaBb1RerhMpNGCzrLN-oOE9cOSqeGhto5ioOXwI6vloghE_5Pe61NpAsFAeHHU-_nMFPIcBToZhwzCZr-i-3kFKWxqifYOSs-Ex6acMEFWHgkDK0PQNX-PN-FI26tl-KpdEg2OygIyq_VFs0lBSxcNiVDwlF-Ss0OYOwHFjAJtkJfwyJ3rO5xwkurU-2fKedMZqCjVklVmY12uWqai1DRY1pNemfrQt9WRNMwRXKTqAQvU8x6aSiPF-1Vgn6Cso6CZlqGoU-9lmReyoFywET4O8DYwLTIYmmFYxyoevgpBo8TWJY8szNmTKSCdjujs7sghXf5umrGLCX3ZZJ0O2S-UZMXcUy0ECy3svmiWytPBhXeMd7NnKVQJtbaC2URGxb-Uv7tikh-FERiptupNyj1ALb_xJ5RVWnvJf7Rev9SBQc2glNSWGD1i-O-YclkYEpqyBTmk1WWQCpSCkZws9KEMYhmWT0VpLsBw14-WH7gxn0ogNbyQH-3pwcSuDjeuWxde_K0S89gOMy-M_vPUaVKWE_pAIPJHHptQ9T7FfSMYML9ZuCoqtStZOXEK7iHfA6-wrXjh8ipiP3CO-ueFsh1d4HgoUmcYeE4wh8hbCnQdpeYccqmlCuvwJBUS-6ZtUsWy5qaNk1iRtn0LM5TxmtZxFyPmukpmnXRUYDDyVIVGpG3oQdyQp3Ey65vzGIvqAGMY0OfiQYwuZKNtrt_lDiuQGXtNNc9SG8_UvkPCAfciN_djHKOlU8aw1wGwADOQaBYJYDju1e2cpcokKxeeYjnhQZXEW8bV9CAmq7ewL7eGuFIFIMRxvfjFzRuUYn7jNY1uYb4wL3SdkHFhLd4s6kRqAvhyWkquOG7sSg5VzzOGd8YO0WDW7tVBS-fxmoWeO8qNt6nhBHmyNYFAbTmBZLRNpipQ7UJGF25EuLqEL4GFxI2syfHFxYJTJZKaLAzd_UToFvNmcHzRlg7sFKXehChKt_HWANOVhfaTBJ2WF5XdOHzuZeLCdDpxE07yGFRxDqtGFcScXNAIjrDgdIRUKBClOl7sTu9ohtaGCttqWnhmn_QcnN_qOiApTwkKOPQSbfSGXQFKW3bNhkSp7z0gnztYR0Men2hBN3kMiCVM59kph1bsQj_C_TXgMrlCfsiwlaRQZP_c0kEJYEjfVIoKIJO4739B_sD8flC0uoXn-ci8GzAPeW2mFntsG7_OJsn3OWYRFcCFiI1k9S6MtmrrIzQSQQO9lNA",
key_ops: [],
};
const pk = await suite.kem.importKey("jwk", jwkPub, true);
// In addition to importing keys from external sources, you can also generate keys as follows:
// const rkp = await suite.kem.generateKeyPair();
// const rkp = await suite.kem.deriveKeyPair(random32bytesValue);

const sender = await suite.createSenderContext({ recipientPublicKey: pk });

const jwkPriv = {
kty: "AKP",
kid: "01",
alg: "X-Wing",
priv: "f5wrpOiPgn1hYEVQdgWFPtc7gJP277yI6xpurPpm7yY",
key_ops: ["deriveBits"],
};
const sk = await suite.kem.importKey("jwk", jwkPriv, false);
const recipient = await suite.createRecipientContext({
recipientKey: sk,
enc: sender.enc,
});
const encrypted = await sender.seal(
new TextEncoder().encode("Hellow world!"),
);
const pt = await recipient.open(encrypted);

// Hello world!
console.log(new TextDecoder().decode(pt));
}

try {
doHpke();
} catch (err: unknown) {
console.log("failed:", (err as Error).message);
} +
+ + +

@hpke/ml-kem needs to be used with +@hpke/core, +which can be installed in the same manner as desribed below.

+

You can install the package with npm, yarn or pnpm.

+
# Using npm:
npm install @hpke/ml-kem
yarn add @hpke/ml-kem
pnpm install @hpke/ml-kem
# Using jsr:
npx jsr add @hpke/ml-kem
yarn dlx jsr add @hpke/ml-kem
pnpm dlx jsr add @@hpke/ml-kem +
+ +

The above manner can be used with other JavaScript runtimes that support npm, +such as Cloudflare Workers and Bun.

+

Then, you can use the module from code like this:

+
import { Aes256Gcm, CipherSuite, HkdfSha256 } from "@hpke/core";
import { MlKem768 } from "@hpke/ml-kem"; +
+ +

For Deno, it is recommended to use the jsr.io registry.

+
deno add jsr:@hpke/ml-kem
+
+ +

Followings are how to use this module with typical CDNs. Other CDNs can be used +as well.

+

Using esm.sh:

+
<!-- use a specific version -->
<script type="module">
import {
Aes256Gcm,
CipherSuite,
HkdfSha256,
} from "https://esm.sh/@hpke/core@<SEMVER>";
import { MlKem768 } from "https://esm.sh/@hpke/ml-kem@<SEMVER>";
// ...
</script>

<!-- use the latest stable version -->
<script type="module">
import {
Aes256Gcm,
CipherSuite,
HkdfSha256,
} from "https://esm.sh/@hpke/core";
import { MlKem768 } from "https://esm.sh/@hpke/ml-kem";
// ...
</script> +
+ +

Using unpkg:

+
<!-- use a specific version -->
<script type="module">
import {
Aes256Gcm,
CipherSuite,
HkdfSha256,
} from "https://unpkg.com/@hpke/core@<SEMVER>/esm/mod.js";
import { MlKem768 } from "https://unpkg.com/@hpke/ml-kem@<SEMVER>/esm/mod.js";
// ...
</script> +
+ +

This section shows some typical usage examples.

+
import { Aes256Gcm, CipherSuite, HkdfSha256 } from "@hpke/core";
import { MlKem768 } from "@hpke/ml-kem";

async function doHpke() {
// setup
const suite = new CipherSuite({
kem: new MlKem768(),
kdf: new HkdfSha256(),
aead: new Aes256Gcm(),
});

const rkp = await suite.kem.generateKeyPair();

// Note that the `ct` (ciphertext) resulting from X-Wing Encapsulate() is set to `sender.enc`.
const sender = await suite.createSenderContext({
recipientPublicKey: rkp.publicKey,
});

// encrypt
const encrypted = await sender.seal(new TextEncoder().encode("Hello world!"));

const recipient = await suite.createRecipientContext({
recipientKey: rkp.privateKey,
enc: sender.enc, // == `ct` (ciphertext) in the context of X-Wing
});

// decrypt
const pt = await recipient.open(encrypted);

// Hello world!
console.log(new TextDecoder().decode(pt));
}

try {
doHpke();
} catch (err) {
console.log("failed:", err.message);
} +
+ +
import { Aes256Gcm, CipherSuite, HkdfSha256 } from "@hpke/core";
import { MlKem768 } from "@hpke/ml-kem";

async function doHpke() {
// setup
const suite = new CipherSuite({
kem: new MlKem768(),
kdf: new HkdfSha256(),
aead: new Aes256Gcm(),
});

const rkp = await suite.kem.generateKeyPair();

// Note that the `ct` (ciphertext) resulting from X-Wing::Encapsulate() is set to `sender.enc`.
const sender = await suite.createSenderContext({
recipientPublicKey: rkp.publicKey,
});

// encrypt
const encrypted = await sender.seal(new TextEncoder().encode("Hello world!"));

const recipient = await suite.createRecipientContext({
recipientKey: rkp.privateKey,
enc: sender.enc, // == `ct` (ciphertext) in the context of X-Wing
});

// decrypt
const pt = await recipient.open(encrypted);

// Hello world!
console.log(new TextDecoder().decode(pt));
}

try {
doHpke();
} catch (_err: unknown) {
console.log("failed.");
} +
+ +
<html>
<head></head>
<body>
<script type="module">
import {
Aes256Gcm,
CipherSuite,
HkdfSha256,
} from "https://esm.sh/@hpke/core";
import { MlKem768 } from "https://esm.sh/@hpke/ml-kem";

globalThis.doHpke = async () => {
try {
const suite = new CipherSuite({
kem: new MlKem768(),
kdf: new HkdfSha256(),
aead: new Aes256Gcm(),
});

const rkp = await suite.kem.generateKeyPair();

// Note that the `ct` resulting from X-Wing::Encapsulate() is set to `sender.enc`.
const sender = await suite.createSenderContext({
recipientPublicKey: rkp.publicKey,
});
// encrypt
const encrypted = await sender.seal(
new TextEncoder().encode("Hello world!"),
);

const recipient = await suite.createRecipientContext({
recipientKey: rkp.privateKey, // rkp (CryptoKeyPair) is also acceptable.
enc: sender.enc, // == `ct` (ciphertext) in the context of X-Wing
});

// decrypt
const pt = await recipient.open(encrypted);

// Hello world!
alert(new TextDecoder().decode(pt));
} catch (err) {
alert("failed:", err.message);
}
};
</script>
<button type="button" onclick="doHpke()">do HPKE</button>
</body>
</html> +
+ +

We welcome all kind of contributions, filing issues, suggesting new features or +sending PRs.

+
diff --git a/ml-kem/docs/modules.html b/ml-kem/docs/modules.html new file mode 100644 index 000000000..83ab934fd --- /dev/null +++ b/ml-kem/docs/modules.html @@ -0,0 +1,4 @@ +@hpke/ml-kem

@hpke/ml-kem

Index

Classes

diff --git a/ml-kem/index.html b/ml-kem/index.html new file mode 100644 index 000000000..9e9acd4b0 --- /dev/null +++ b/ml-kem/index.html @@ -0,0 +1,107 @@ + + @hpke/ml-kem test + + + +

+ @hpke/ml-kem + test +

+ +
+ + +
+ +
+ +
+ + + + + + + + + +
pass:-
fail:-
+
+ + diff --git a/ml-kem/src/.gitkeep b/ml-kem/src/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/ml-kem/src/hpke-common.js b/ml-kem/src/hpke-common.js new file mode 100644 index 000000000..c63ec3ace --- /dev/null +++ b/ml-kem/src/hpke-common.js @@ -0,0 +1 @@ +var l=class extends Error{constructor(e){let t;e instanceof Error?t=e.message:typeof e=="string"?t=e:t="",super(t),this.name=this.constructor.name}},w=class extends l{},F=class extends l{},p=class extends l{},y=class extends l{},I=class extends l{},L=class extends l{},$=class extends l{},X=class extends l{},Y=class extends l{},W=class extends l{},D=class extends l{},m=class extends l{};var Z={},g=q(globalThis,Z);function q(i,e){return new Proxy(i,{get(t,r,n){return r in e?e[r]:i[r]},set(t,r,n){return r in e&&delete e[r],i[r]=n,!0},deleteProperty(t,r){let n=!1;return r in e&&(delete e[r],n=!0),r in i&&(delete i[r],n=!0),n},ownKeys(t){let r=Reflect.ownKeys(i),n=Reflect.ownKeys(e),a=new Set(n);return[...r.filter(s=>!a.has(s)),...n]},defineProperty(t,r,n){return r in e&&delete e[r],Reflect.defineProperty(i,r,n),!0},getOwnPropertyDescriptor(t,r){return r in e?Reflect.getOwnPropertyDescriptor(e,r):Reflect.getOwnPropertyDescriptor(i,r)},has(t,r){return r in e||r in i}})}async function Q(){if(g!==void 0&&globalThis.crypto!==void 0)return globalThis.crypto.subtle;try{let{webcrypto:i}=await import("crypto");return i.subtle}catch(i){throw new m(i)}}var K=class{constructor(){Object.defineProperty(this,"_api",{enumerable:!0,configurable:!0,writable:!0,value:void 0})}async _setup(){this._api===void 0&&(this._api=await Q())}};var ee={Base:0,Psk:1,Auth:2,AuthPsk:3},d={NotAssigned:0,DhkemP256HkdfSha256:16,DhkemP384HkdfSha384:17,DhkemP521HkdfSha512:18,DhkemSecp256k1HkdfSha256:19,DhkemX25519HkdfSha256:32,DhkemX448HkdfSha512:33,HybridkemX25519Kyber768:48,MlKem512:64,MlKem768:65,MlKem1024:66,XWing:25722},v={HkdfSha256:1,HkdfSha384:2,HkdfSha512:3},te={Aes128Gcm:1,Aes256Gcm:2,Chacha20Poly1305:3,ExportOnly:65535};var T=8192,re=32,h=new Uint8Array(0);var k=new Uint8Array([75,69,77,0,0]);var ie=()=>g.process===void 0;function ne(){return g.process===void 0?!0:g.process?.versions?.deno!==void 0}var b=i=>typeof i=="object"&&i!==null&&typeof i.privateKey=="object"&&typeof i.publicKey=="object";function P(i,e){if(e<=0)throw new Error("i2Osp: too small size");if(i>=256**e)throw new Error("i2Osp: too large integer");let t=new Uint8Array(e);for(let r=0;r>8;return t}function c(i,e){let t=new Uint8Array(i.length+e.length);return t.set(i,0),t.set(e,i.length),t}function C(i){let e=i.replace(/-/g,"+").replace(/_/g,"/"),t=atob(e),r=new Uint8Array(t.length);for(let n=0;n8192)throw new w("Too long ikm");return await this._prim.deriveKeyPair(e)}async encap(e){let t;e.ekm===void 0?t=await this.generateKeyPair():b(e.ekm)?t=e.ekm:t=await this.deriveKeyPair(e.ekm);let r=await this._prim.serializePublicKey(t.publicKey),n=await this._prim.serializePublicKey(e.recipientPublicKey);try{let a;if(e.senderKey===void 0)a=new Uint8Array(await this._prim.dh(t.privateKey,e.recipientPublicKey));else{let u=b(e.senderKey)?e.senderKey.privateKey:e.senderKey,f=new Uint8Array(await this._prim.dh(t.privateKey,e.recipientPublicKey)),x=new Uint8Array(await this._prim.dh(u,e.recipientPublicKey));a=c(f,x)}let s;if(e.senderKey===void 0)s=c(new Uint8Array(r),new Uint8Array(n));else{let u=b(e.senderKey)?e.senderKey.publicKey:await this._prim.derivePublicKey(e.senderKey),f=await this._prim.serializePublicKey(u);s=fe(new Uint8Array(r),new Uint8Array(n),new Uint8Array(f))}let o=await this._generateSharedSecret(a,s);return{enc:r,sharedSecret:o}}catch(a){throw new I(a)}}async decap(e){let t=await this._prim.deserializePublicKey(e.enc),r=b(e.recipientKey)?e.recipientKey.privateKey:e.recipientKey,n=b(e.recipientKey)?e.recipientKey.publicKey:await this._prim.derivePublicKey(e.recipientKey),a=await this._prim.serializePublicKey(n);try{let s;if(e.senderPublicKey===void 0)s=new Uint8Array(await this._prim.dh(r,t));else{let u=new Uint8Array(await this._prim.dh(r,t)),f=new Uint8Array(await this._prim.dh(r,e.senderPublicKey));s=c(u,f)}let o;if(e.senderPublicKey===void 0)o=c(new Uint8Array(e.enc),new Uint8Array(a));else{let u=await this._prim.serializePublicKey(e.senderPublicKey);o=new Uint8Array(e.enc.byteLength+a.byteLength+u.byteLength),o.set(new Uint8Array(e.enc),0),o.set(new Uint8Array(a),e.enc.byteLength),o.set(new Uint8Array(u),e.enc.byteLength+a.byteLength)}return await this._generateSharedSecret(s,o)}catch(s){throw new L(s)}}async _generateSharedSecret(e,t){let r=this._kdf.buildLabeledIkm(ce,e),n=this._kdf.buildLabeledInfo(he,t,this.secretSize);return await this._kdf.extractAndExpand(h,r,n,this.secretSize)}};var S=["deriveBits"],E=new Uint8Array([100,107,112,95,112,114,107]),O=new Uint8Array([115,107]);var H=class{constructor(e){Object.defineProperty(this,"_num",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._num=new Uint8Array(e)}val(){return this._num}reset(){this._num.fill(0)}set(e){if(e.length!==this._num.length)throw new Error("Bignum.set: invalid argument");this._num.set(e)}isZero(){for(let e=0;ee[t])return!1}return!1}};var ye=new Uint8Array([99,97,110,100,105,100,97,116,101]),de=new Uint8Array([255,255,255,255,0,0,0,0,255,255,255,255,255,255,255,255,188,230,250,173,167,23,158,132,243,185,202,194,252,99,37,81]),be=new Uint8Array([255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,199,99,77,129,244,55,45,223,88,26,13,178,72,176,167,122,236,236,25,106,204,197,41,115]),we=new Uint8Array([1,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,250,81,134,135,131,191,47,150,107,127,204,1,72,247,9,165,208,59,181,201,184,137,156,71,174,187,111,183,30,145,56,100,9]),pe=new Uint8Array([48,65,2,1,0,48,19,6,7,42,134,72,206,61,2,1,6,8,42,134,72,206,61,3,1,7,4,39,48,37,2,1,1,4,32]),xe=new Uint8Array([48,78,2,1,0,48,16,6,7,42,134,72,206,61,2,1,6,5,43,129,4,0,34,4,55,48,53,2,1,1,4,48]),_e=new Uint8Array([48,96,2,1,0,48,16,6,7,42,134,72,206,61,2,1,6,5,43,129,4,0,35,4,73,48,71,2,1,1,4,66]),j=class extends K{constructor(e,t){switch(super(),Object.defineProperty(this,"_hkdf",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_alg",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nPk",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nSk",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nDh",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_order",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_bitmask",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_pkcs8AlgId",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._hkdf=t,e){case d.DhkemP256HkdfSha256:this._alg={name:"ECDH",namedCurve:"P-256"},this._nPk=65,this._nSk=32,this._nDh=32,this._order=de,this._bitmask=255,this._pkcs8AlgId=pe;break;case d.DhkemP384HkdfSha384:this._alg={name:"ECDH",namedCurve:"P-384"},this._nPk=97,this._nSk=48,this._nDh=48,this._order=be,this._bitmask=255,this._pkcs8AlgId=xe;break;default:this._alg={name:"ECDH",namedCurve:"P-521"},this._nPk=133,this._nSk=66,this._nDh=66,this._order=we,this._bitmask=1,this._pkcs8AlgId=_e;break}}async serializePublicKey(e){await this._setup();try{return await this._api.exportKey("raw",e)}catch(t){throw new p(t)}}async deserializePublicKey(e){await this._setup();try{return await this._importRawKey(e,!0)}catch(t){throw new y(t)}}async serializePrivateKey(e){await this._setup();try{let t=await this._api.exportKey("jwk",e);if(!("d"in t))throw new Error("Not private key");return C(t.d)}catch(t){throw new p(t)}}async deserializePrivateKey(e){await this._setup();try{return await this._importRawKey(e,!1)}catch(t){throw new y(t)}}async importKey(e,t,r){await this._setup();try{if(e==="raw")return await this._importRawKey(t,r);if(t instanceof ArrayBuffer)throw new Error("Invalid jwk key format");return await this._importJWK(t,r)}catch(n){throw new y(n)}}async generateKeyPair(){await this._setup();try{return await this._api.generateKey(this._alg,!0,S)}catch(e){throw new m(e)}}async deriveKeyPair(e){await this._setup();try{let t=await this._hkdf.labeledExtract(h,E,new Uint8Array(e)),r=new H(this._nSk);for(let a=0;r.isZero()||!r.lessThan(this._order);a++){if(a>255)throw new Error("Faild to derive a key pair");let s=new Uint8Array(await this._hkdf.labeledExpand(t,ye,P(a,1),this._nSk));s[0]=s[0]&this._bitmask,r.set(s)}let n=await this._deserializePkcs8Key(r.val());return r.reset(),{privateKey:n,publicKey:await this.derivePublicKey(n)}}catch(t){throw new D(t)}}async derivePublicKey(e){await this._setup();try{let t=await this._api.exportKey("jwk",e);return delete t.d,delete t.key_ops,await this._api.importKey("jwk",t,this._alg,!0,[])}catch(t){throw new y(t)}}async dh(e,t){try{return await this._setup(),await this._api.deriveBits({name:"ECDH",public:t},e,this._nDh*8)}catch(r){throw new p(r)}}async _importRawKey(e,t){if(t&&e.byteLength!==this._nPk)throw new Error("Invalid public key for the ciphersuite");if(!t&&e.byteLength!==this._nSk)throw new Error("Invalid private key for the ciphersuite");return t?await this._api.importKey("raw",e,this._alg,!0,[]):await this._deserializePkcs8Key(new Uint8Array(e))}async _importJWK(e,t){if(typeof e.crv>"u"||e.crv!==this._alg.namedCurve)throw new Error(`Invalid crv: ${e.crv}`);if(t){if(typeof e.d<"u")throw new Error("Invalid key: `d` should not be set");return await this._api.importKey("jwk",e,this._alg,!0,[])}if(typeof e.d>"u")throw new Error("Invalid key: `d` not found");return await this._api.importKey("jwk",e,this._alg,!0,S)}async _deserializePkcs8Key(e){let t=new Uint8Array(this._pkcs8AlgId.length+e.length);return t.set(this._pkcs8AlgId,0),t.set(e,this._pkcs8AlgId.length),await this._api.importKey("pkcs8",t,this._alg,!0,S)}};var A=class{constructor(e,t,r,n=[]){Object.defineProperty(this,"key",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"type",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"extractable",{enumerable:!0,configurable:!0,writable:!0,value:!0}),Object.defineProperty(this,"algorithm",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"usages",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this.key=t,this.type=r,this.algorithm={name:e},this.usages=n,r==="public"&&(this.usages=[])}};var M=class{constructor(e,t,r,n){Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:d.NotAssigned}),Object.defineProperty(this,"name",{enumerable:!0,configurable:!0,writable:!0,value:""}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:0}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:0}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:0}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:0}),Object.defineProperty(this,"_a",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_b",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_kdf",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this.id=e,this._a=t,this._b=r,this._kdf=n;let a=new Uint8Array(k);a.set(P(this.id,2),3),this._kdf.init(a)}async serializePublicKey(e){try{return await this._serializePublicKey(e)}catch(t){throw new p(t)}}async deserializePublicKey(e){try{return await this._deserializePublicKey(e)}catch(t){throw new y(t)}}async serializePrivateKey(e){try{return await this._serializePrivateKey(e)}catch(t){throw new p(t)}}async deserializePrivateKey(e){try{return await this._deserializePrivateKey(e)}catch(t){throw new y(t)}}async generateKeyPair(){let e=await this._a.generateKeyPair(),t=await this._b.generateKeyPair(),r=await this._a.serializePublicKey(e.publicKey),n=await this._a.serializePrivateKey(e.privateKey),a=await this._b.serializePublicKey(t.publicKey),s=await this._b.serializePrivateKey(t.privateKey);return{publicKey:await this.deserializePublicKey(c(new Uint8Array(r),new Uint8Array(a))),privateKey:await this.deserializePrivateKey(c(new Uint8Array(n),new Uint8Array(s)))}}async deriveKeyPair(e){let t=await this._kdf.labeledExtract(h,E,new Uint8Array(e)),r=new Uint8Array(await this._kdf.labeledExpand(t,O,h,96)),n=r.slice(0,32),a=r.slice(32,96),s=await this._a.deriveKeyPair(n),o=await this._b.deriveKeyPair(a),u=await this._a.serializePublicKey(s.publicKey),f=await this._a.serializePrivateKey(s.privateKey),x=await this._b.serializePublicKey(o.publicKey),z=await this._b.serializePrivateKey(o.privateKey);return{publicKey:await this.deserializePublicKey(c(new Uint8Array(u),new Uint8Array(x))),privateKey:await this.deserializePrivateKey(c(new Uint8Array(f),new Uint8Array(z)))}}async importKey(e,t,r=!0){if(e!=="raw")throw new m("'jwk' is not supported");if(!(t instanceof ArrayBuffer))throw new w("Invalid type of key");return r?await this.deserializePublicKey(t):await this.deserializePrivateKey(t)}async encap(e){let t,r;if(e.ekm!==void 0&&!b(e.ekm)){if(e.ekm.byteLength!==64)throw new w("ekm must be 64 bytes in length");t=e.ekm.slice(0,32),r=e.ekm.slice(32)}let n=new Uint8Array(await this.serializePublicKey(e.recipientPublicKey)),a=await this._a.deserializePublicKey(n.slice(0,this._a.publicKeySize)),s=await this._b.deserializePublicKey(n.slice(this._a.publicKeySize)),o=await this._a.encap({recipientPublicKey:a,ekm:t}),u=await this._b.encap({recipientPublicKey:s,ekm:r});return{sharedSecret:c(new Uint8Array(o.sharedSecret),new Uint8Array(u.sharedSecret)),enc:c(new Uint8Array(o.enc),new Uint8Array(u.enc))}}async decap(e){let t=b(e.recipientKey)?e.recipientKey.privateKey:e.recipientKey,r=new Uint8Array(await this.serializePrivateKey(t)),n=await this._a.deserializePrivateKey(r.slice(0,this._a.privateKeySize)),a=await this._b.deserializePrivateKey(r.slice(this._a.privateKeySize)),s=await this._a.decap({recipientKey:n,enc:e.enc.slice(0,this._a.encSize)}),o=await this._b.decap({recipientKey:a,enc:e.enc.slice(this._a.encSize)});return c(new Uint8Array(s),new Uint8Array(o))}_serializePublicKey(e){return new Promise((t,r)=>{e.type!=="public"&&r(new Error("Not public key")),e.algorithm.name!==this.name&&r(new Error(`Invalid algorithm name: ${e.algorithm.name}`)),e.key.byteLength!==this.publicKeySize&&r(new Error(`Invalid key length: ${e.key.byteLength}`)),t(e.key.buffer)})}_deserializePublicKey(e){return new Promise((t,r)=>{e.byteLength!==this.publicKeySize&&r(new Error(`Invalid key length: ${e.byteLength}`)),t(new A(this.name,new Uint8Array(e),"public"))})}_serializePrivateKey(e){return new Promise((t,r)=>{e.type!=="private"&&r(new Error("Not private key")),e.algorithm.name!==this.name&&r(new Error(`Invalid algorithm name: ${e.algorithm.name}`)),e.key.byteLength!==this.privateKeySize&&r(new Error(`Invalid key length: ${e.key.byteLength}`)),t(e.key.buffer)})}_deserializePrivateKey(e){return new Promise((t,r)=>{e.byteLength!==this.privateKeySize&&r(new Error(`Invalid key length: ${e.byteLength}`)),t(new A(this.name,new Uint8Array(e),"private",["deriveBits"]))})}};var V=new Uint8Array([72,80,75,69,45,118,49]),U=class extends K{constructor(){super(),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:v.HkdfSha256}),Object.defineProperty(this,"hashSize",{enumerable:!0,configurable:!0,writable:!0,value:0}),Object.defineProperty(this,"_suiteId",{enumerable:!0,configurable:!0,writable:!0,value:h}),Object.defineProperty(this,"algHash",{enumerable:!0,configurable:!0,writable:!0,value:{name:"HMAC",hash:"SHA-256",length:256}})}init(e){this._suiteId=e}buildLabeledIkm(e,t){this._checkInit();let r=new Uint8Array(7+this._suiteId.byteLength+e.byteLength+t.byteLength);return r.set(V,0),r.set(this._suiteId,7),r.set(e,7+this._suiteId.byteLength),r.set(t,7+this._suiteId.byteLength+e.byteLength),r}buildLabeledInfo(e,t,r){this._checkInit();let n=new Uint8Array(9+this._suiteId.byteLength+e.byteLength+t.byteLength);return n.set(new Uint8Array([0,r]),0),n.set(V,2),n.set(this._suiteId,9),n.set(e,9+this._suiteId.byteLength),n.set(t,9+this._suiteId.byteLength+e.byteLength),n}async extract(e,t){if(await this._setup(),e.byteLength===0&&(e=new ArrayBuffer(this.hashSize)),e.byteLength!==this.hashSize)throw new w("The salt length must be the same as the hashSize");let r=await this._api.importKey("raw",e,this.algHash,!1,["sign"]);return await this._api.sign("HMAC",r,t)}async expand(e,t,r){await this._setup();let n=await this._api.importKey("raw",e,this.algHash,!1,["sign"]),a=new ArrayBuffer(r),s=new Uint8Array(a),o=h,u=new Uint8Array(t),f=new Uint8Array(1);if(r>255*this.hashSize)throw new Error("Entropy limit reached");let x=new Uint8Array(this.hashSize+u.length+1);for(let z=1,_=0;_=o.length?(s.set(o,_),_+=o.length):(s.set(o.slice(0,s.length-_),_),_+=s.length-_);return a}async extractAndExpand(e,t,r,n){await this._setup();let a=await this._api.importKey("raw",t,"HKDF",!1,["deriveBits"]);return await this._api.deriveBits({name:"HKDF",hash:this.algHash.hash,salt:e,info:r},a,n*8)}async labeledExtract(e,t,r){return await this.extract(e,this.buildLabeledIkm(t,r))}async labeledExpand(e,t,r,n){return await this.expand(e,this.buildLabeledInfo(t,r,n),n)}_checkInit(){if(this._suiteId===h)throw new Error("Not initialized. Call init()")}},R=class extends U{constructor(){super(...arguments),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:v.HkdfSha256}),Object.defineProperty(this,"hashSize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"algHash",{enumerable:!0,configurable:!0,writable:!0,value:{name:"HMAC",hash:"SHA-256",length:256}})}},G=class extends U{constructor(){super(...arguments),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:v.HkdfSha384}),Object.defineProperty(this,"hashSize",{enumerable:!0,configurable:!0,writable:!0,value:48}),Object.defineProperty(this,"algHash",{enumerable:!0,configurable:!0,writable:!0,value:{name:"HMAC",hash:"SHA-384",length:384}})}},N=class extends U{constructor(){super(...arguments),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:v.HkdfSha512}),Object.defineProperty(this,"hashSize",{enumerable:!0,configurable:!0,writable:!0,value:64}),Object.defineProperty(this,"algHash",{enumerable:!0,configurable:!0,writable:!0,value:{name:"HMAC",hash:"SHA-512",length:512}})}};var me=["encrypt","decrypt"];export{me as AEAD_USAGES,te as AeadId,L as DecapError,D as DeriveKeyPairError,y as DeserializeError,B as Dhkem,h as EMPTY,j as Ec,I as EncapError,$ as ExportError,R as HkdfSha256Native,G as HkdfSha384Native,N as HkdfSha512Native,l as HpkeError,M as Hybridkem,T as INPUT_LENGTH_LIMIT,w as InvalidParamError,S as KEM_USAGES,v as KdfId,d as KemId,E as LABEL_DKP_PRK,O as LABEL_SK,re as MINIMUM_PSK_LENGTH,W as MessageLimitReachedError,ee as Mode,K as NativeAlgorithm,m as NotSupportedError,Y as OpenError,k as SUITE_ID_HEADER_KEM,X as SealError,p as SerializeError,F as ValidationError,A as XCryptoKey,C as base64UrlToBytes,c as concat,ae as hexToBytes,P as i2Osp,b as isCryptoKeyPair,ne as isDeno,ie as isDenoV1,se as kemToKeyGenAlgorithm,ue as loadCrypto,oe as loadSubtleCrypto,le as xor}; diff --git a/ml-kem/src/hpke-core.js b/ml-kem/src/hpke-core.js new file mode 100644 index 000000000..78fa449f1 --- /dev/null +++ b/ml-kem/src/hpke-core.js @@ -0,0 +1 @@ +var p=class extends Error{constructor(e){let t;e instanceof Error?t=e.message:typeof e=="string"?t=e:t="",super(t),this.name=this.constructor.name}},d=class extends p{},ue=class extends p{},f=class extends p{},h=class extends p{},B=class extends p{},C=class extends p{},M=class extends p{},R=class extends p{},G=class extends p{},X=class extends p{},K=class extends p{},y=class extends p{};var Le={},ce=je(globalThis,Le);function je(i,e){return new Proxy(i,{get(t,r,n){return r in e?e[r]:i[r]},set(t,r,n){return r in e&&delete e[r],i[r]=n,!0},deleteProperty(t,r){let n=!1;return r in e&&(delete e[r],n=!0),r in i&&(delete i[r],n=!0),n},ownKeys(t){let r=Reflect.ownKeys(i),n=Reflect.ownKeys(e),a=new Set(n);return[...r.filter(o=>!a.has(o)),...n]},defineProperty(t,r,n){return r in e&&delete e[r],Reflect.defineProperty(i,r,n),!0},getOwnPropertyDescriptor(t,r){return r in e?Reflect.getOwnPropertyDescriptor(e,r):Reflect.getOwnPropertyDescriptor(i,r)},has(t,r){return r in e||r in i}})}async function Oe(){if(ce!==void 0&&globalThis.crypto!==void 0)return globalThis.crypto.subtle;try{let{webcrypto:i}=await import("crypto");return i.subtle}catch(i){throw new y(i)}}var b=class{constructor(){Object.defineProperty(this,"_api",{enumerable:!0,configurable:!0,writable:!0,value:void 0})}async _setup(){this._api===void 0&&(this._api=await Oe())}};var P={Base:0,Psk:1,Auth:2,AuthPsk:3},u={NotAssigned:0,DhkemP256HkdfSha256:16,DhkemP384HkdfSha384:17,DhkemP521HkdfSha512:18,DhkemSecp256k1HkdfSha256:19,DhkemX25519HkdfSha256:32,DhkemX448HkdfSha512:33,HybridkemX25519Kyber768:48,MlKem512:64,MlKem768:65,MlKem1024:66,XWing:25722},U={HkdfSha256:1,HkdfSha384:2,HkdfSha512:3},v={Aes128Gcm:1,Aes256Gcm:2,Chacha20Poly1305:3,ExportOnly:65535};var s=new Uint8Array(0);var q=new Uint8Array([75,69,77,0,0]);var E=i=>typeof i=="object"&&i!==null&&typeof i.privateKey=="object"&&typeof i.publicKey=="object";function _(i,e){if(e<=0)throw new Error("i2Osp: too small size");if(i>=256**e)throw new Error("i2Osp: too large integer");let t=new Uint8Array(e);for(let r=0;r>8;return t}function L(i,e){let t=new Uint8Array(i.length+e.length);return t.set(i,0),t.set(e,i.length),t}function j(i){let e=i.replace(/-/g,"+").replace(/_/g,"/"),t=atob(e),r=new Uint8Array(t.length);for(let n=0;n8192)throw new d("Too long ikm");return await this._prim.deriveKeyPair(e)}async encap(e){let t;e.ekm===void 0?t=await this.generateKeyPair():E(e.ekm)?t=e.ekm:t=await this.deriveKeyPair(e.ekm);let r=await this._prim.serializePublicKey(t.publicKey),n=await this._prim.serializePublicKey(e.recipientPublicKey);try{let a;if(e.senderKey===void 0)a=new Uint8Array(await this._prim.dh(t.privateKey,e.recipientPublicKey));else{let l=E(e.senderKey)?e.senderKey.privateKey:e.senderKey,g=new Uint8Array(await this._prim.dh(t.privateKey,e.recipientPublicKey)),k=new Uint8Array(await this._prim.dh(l,e.recipientPublicKey));a=L(g,k)}let o;if(e.senderKey===void 0)o=L(new Uint8Array(r),new Uint8Array(n));else{let l=E(e.senderKey)?e.senderKey.publicKey:await this._prim.derivePublicKey(e.senderKey),g=await this._prim.serializePublicKey(l);o=Te(new Uint8Array(r),new Uint8Array(n),new Uint8Array(g))}let c=await this._generateSharedSecret(a,o);return{enc:r,sharedSecret:c}}catch(a){throw new B(a)}}async decap(e){let t=await this._prim.deserializePublicKey(e.enc),r=E(e.recipientKey)?e.recipientKey.privateKey:e.recipientKey,n=E(e.recipientKey)?e.recipientKey.publicKey:await this._prim.derivePublicKey(e.recipientKey),a=await this._prim.serializePublicKey(n);try{let o;if(e.senderPublicKey===void 0)o=new Uint8Array(await this._prim.dh(r,t));else{let l=new Uint8Array(await this._prim.dh(r,t)),g=new Uint8Array(await this._prim.dh(r,e.senderPublicKey));o=L(l,g)}let c;if(e.senderPublicKey===void 0)c=L(new Uint8Array(e.enc),new Uint8Array(a));else{let l=await this._prim.serializePublicKey(e.senderPublicKey);c=new Uint8Array(e.enc.byteLength+a.byteLength+l.byteLength),c.set(new Uint8Array(e.enc),0),c.set(new Uint8Array(a),e.enc.byteLength),c.set(new Uint8Array(l),e.enc.byteLength+a.byteLength)}return await this._generateSharedSecret(o,c)}catch(o){throw new C(o)}}async _generateSharedSecret(e,t){let r=this._kdf.buildLabeledIkm(De,e),n=this._kdf.buildLabeledInfo(He,t,this.secretSize);return await this._kdf.extractAndExpand(s,r,n,this.secretSize)}};var w=["deriveBits"],z=new Uint8Array([100,107,112,95,112,114,107]),H=new Uint8Array([115,107]);var Y=class{constructor(e){Object.defineProperty(this,"_num",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._num=new Uint8Array(e)}val(){return this._num}reset(){this._num.fill(0)}set(e){if(e.length!==this._num.length)throw new Error("Bignum.set: invalid argument");this._num.set(e)}isZero(){for(let e=0;ee[t])return!1}return!1}};var Ne=new Uint8Array([99,97,110,100,105,100,97,116,101]),Be=new Uint8Array([255,255,255,255,0,0,0,0,255,255,255,255,255,255,255,255,188,230,250,173,167,23,158,132,243,185,202,194,252,99,37,81]),Ce=new Uint8Array([255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,199,99,77,129,244,55,45,223,88,26,13,178,72,176,167,122,236,236,25,106,204,197,41,115]),Me=new Uint8Array([1,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,250,81,134,135,131,191,47,150,107,127,204,1,72,247,9,165,208,59,181,201,184,137,156,71,174,187,111,183,30,145,56,100,9]),Re=new Uint8Array([48,65,2,1,0,48,19,6,7,42,134,72,206,61,2,1,6,8,42,134,72,206,61,3,1,7,4,39,48,37,2,1,1,4,32]),Ge=new Uint8Array([48,78,2,1,0,48,16,6,7,42,134,72,206,61,2,1,6,5,43,129,4,0,34,4,55,48,53,2,1,1,4,48]),Xe=new Uint8Array([48,96,2,1,0,48,16,6,7,42,134,72,206,61,2,1,6,5,43,129,4,0,35,4,73,48,71,2,1,1,4,66]),O=class extends b{constructor(e,t){switch(super(),Object.defineProperty(this,"_hkdf",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_alg",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nPk",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nSk",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nDh",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_order",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_bitmask",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_pkcs8AlgId",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._hkdf=t,e){case u.DhkemP256HkdfSha256:this._alg={name:"ECDH",namedCurve:"P-256"},this._nPk=65,this._nSk=32,this._nDh=32,this._order=Be,this._bitmask=255,this._pkcs8AlgId=Re;break;case u.DhkemP384HkdfSha384:this._alg={name:"ECDH",namedCurve:"P-384"},this._nPk=97,this._nSk=48,this._nDh=48,this._order=Ce,this._bitmask=255,this._pkcs8AlgId=Ge;break;default:this._alg={name:"ECDH",namedCurve:"P-521"},this._nPk=133,this._nSk=66,this._nDh=66,this._order=Me,this._bitmask=1,this._pkcs8AlgId=Xe;break}}async serializePublicKey(e){await this._setup();try{return await this._api.exportKey("raw",e)}catch(t){throw new f(t)}}async deserializePublicKey(e){await this._setup();try{return await this._importRawKey(e,!0)}catch(t){throw new h(t)}}async serializePrivateKey(e){await this._setup();try{let t=await this._api.exportKey("jwk",e);if(!("d"in t))throw new Error("Not private key");return j(t.d)}catch(t){throw new f(t)}}async deserializePrivateKey(e){await this._setup();try{return await this._importRawKey(e,!1)}catch(t){throw new h(t)}}async importKey(e,t,r){await this._setup();try{if(e==="raw")return await this._importRawKey(t,r);if(t instanceof ArrayBuffer)throw new Error("Invalid jwk key format");return await this._importJWK(t,r)}catch(n){throw new h(n)}}async generateKeyPair(){await this._setup();try{return await this._api.generateKey(this._alg,!0,w)}catch(e){throw new y(e)}}async deriveKeyPair(e){await this._setup();try{let t=await this._hkdf.labeledExtract(s,z,new Uint8Array(e)),r=new Y(this._nSk);for(let a=0;r.isZero()||!r.lessThan(this._order);a++){if(a>255)throw new Error("Faild to derive a key pair");let o=new Uint8Array(await this._hkdf.labeledExpand(t,Ne,_(a,1),this._nSk));o[0]=o[0]&this._bitmask,r.set(o)}let n=await this._deserializePkcs8Key(r.val());return r.reset(),{privateKey:n,publicKey:await this.derivePublicKey(n)}}catch(t){throw new K(t)}}async derivePublicKey(e){await this._setup();try{let t=await this._api.exportKey("jwk",e);return delete t.d,delete t.key_ops,await this._api.importKey("jwk",t,this._alg,!0,[])}catch(t){throw new h(t)}}async dh(e,t){try{return await this._setup(),await this._api.deriveBits({name:"ECDH",public:t},e,this._nDh*8)}catch(r){throw new f(r)}}async _importRawKey(e,t){if(t&&e.byteLength!==this._nPk)throw new Error("Invalid public key for the ciphersuite");if(!t&&e.byteLength!==this._nSk)throw new Error("Invalid private key for the ciphersuite");return t?await this._api.importKey("raw",e,this._alg,!0,[]):await this._deserializePkcs8Key(new Uint8Array(e))}async _importJWK(e,t){if(typeof e.crv>"u"||e.crv!==this._alg.namedCurve)throw new Error(`Invalid crv: ${e.crv}`);if(t){if(typeof e.d<"u")throw new Error("Invalid key: `d` should not be set");return await this._api.importKey("jwk",e,this._alg,!0,[])}if(typeof e.d>"u")throw new Error("Invalid key: `d` not found");return await this._api.importKey("jwk",e,this._alg,!0,w)}async _deserializePkcs8Key(e){let t=new Uint8Array(this._pkcs8AlgId.length+e.length);return t.set(this._pkcs8AlgId,0),t.set(e,this._pkcs8AlgId.length),await this._api.importKey("pkcs8",t,this._alg,!0,w)}};var Ae=new Uint8Array([72,80,75,69,45,118,49]),F=class extends b{constructor(){super(),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:U.HkdfSha256}),Object.defineProperty(this,"hashSize",{enumerable:!0,configurable:!0,writable:!0,value:0}),Object.defineProperty(this,"_suiteId",{enumerable:!0,configurable:!0,writable:!0,value:s}),Object.defineProperty(this,"algHash",{enumerable:!0,configurable:!0,writable:!0,value:{name:"HMAC",hash:"SHA-256",length:256}})}init(e){this._suiteId=e}buildLabeledIkm(e,t){this._checkInit();let r=new Uint8Array(7+this._suiteId.byteLength+e.byteLength+t.byteLength);return r.set(Ae,0),r.set(this._suiteId,7),r.set(e,7+this._suiteId.byteLength),r.set(t,7+this._suiteId.byteLength+e.byteLength),r}buildLabeledInfo(e,t,r){this._checkInit();let n=new Uint8Array(9+this._suiteId.byteLength+e.byteLength+t.byteLength);return n.set(new Uint8Array([0,r]),0),n.set(Ae,2),n.set(this._suiteId,9),n.set(e,9+this._suiteId.byteLength),n.set(t,9+this._suiteId.byteLength+e.byteLength),n}async extract(e,t){if(await this._setup(),e.byteLength===0&&(e=new ArrayBuffer(this.hashSize)),e.byteLength!==this.hashSize)throw new d("The salt length must be the same as the hashSize");let r=await this._api.importKey("raw",e,this.algHash,!1,["sign"]);return await this._api.sign("HMAC",r,t)}async expand(e,t,r){await this._setup();let n=await this._api.importKey("raw",e,this.algHash,!1,["sign"]),a=new ArrayBuffer(r),o=new Uint8Array(a),c=s,l=new Uint8Array(t),g=new Uint8Array(1);if(r>255*this.hashSize)throw new Error("Entropy limit reached");let k=new Uint8Array(this.hashSize+l.length+1);for(let $=1,m=0;m=c.length?(o.set(c,m),m+=c.length):(o.set(c.slice(0,o.length-m),m),m+=o.length-m);return a}async extractAndExpand(e,t,r,n){await this._setup();let a=await this._api.importKey("raw",t,"HKDF",!1,["deriveBits"]);return await this._api.deriveBits({name:"HKDF",hash:this.algHash.hash,salt:e,info:r},a,n*8)}async labeledExtract(e,t,r){return await this.extract(e,this.buildLabeledIkm(t,r))}async labeledExpand(e,t,r,n){return await this.expand(e,this.buildLabeledInfo(t,r,n),n)}_checkInit(){if(this._suiteId===s)throw new Error("Not initialized. Call init()")}},S=class extends F{constructor(){super(...arguments),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:U.HkdfSha256}),Object.defineProperty(this,"hashSize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"algHash",{enumerable:!0,configurable:!0,writable:!0,value:{name:"HMAC",hash:"SHA-256",length:256}})}},D=class extends F{constructor(){super(...arguments),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:U.HkdfSha384}),Object.defineProperty(this,"hashSize",{enumerable:!0,configurable:!0,writable:!0,value:48}),Object.defineProperty(this,"algHash",{enumerable:!0,configurable:!0,writable:!0,value:{name:"HMAC",hash:"SHA-384",length:384}})}},A=class extends F{constructor(){super(...arguments),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:U.HkdfSha512}),Object.defineProperty(this,"hashSize",{enumerable:!0,configurable:!0,writable:!0,value:64}),Object.defineProperty(this,"algHash",{enumerable:!0,configurable:!0,writable:!0,value:{name:"HMAC",hash:"SHA-512",length:512}})}};var he=["encrypt","decrypt"];var fe=class extends b{constructor(e){super(),Object.defineProperty(this,"_rawKey",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_key",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._rawKey=e}async seal(e,t,r){await this._setupKey();let n={name:"AES-GCM",iv:e,additionalData:r};return await this._api.encrypt(n,this._key,t)}async open(e,t,r){await this._setupKey();let n={name:"AES-GCM",iv:e,additionalData:r};return await this._api.decrypt(n,this._key,t)}async _setupKey(){if(this._key!==void 0)return;await this._setup();let e=await this._importKey(this._rawKey);new Uint8Array(this._rawKey).fill(0),this._key=e}async _importKey(e){return await this._api.importKey("raw",e,{name:"AES-GCM"},!0,he)}},W=class{constructor(){Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:v.Aes128Gcm}),Object.defineProperty(this,"keySize",{enumerable:!0,configurable:!0,writable:!0,value:16}),Object.defineProperty(this,"nonceSize",{enumerable:!0,configurable:!0,writable:!0,value:12}),Object.defineProperty(this,"tagSize",{enumerable:!0,configurable:!0,writable:!0,value:16})}createEncryptionContext(e){return new fe(e)}},ye=class extends W{constructor(){super(...arguments),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:v.Aes256Gcm}),Object.defineProperty(this,"keySize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"nonceSize",{enumerable:!0,configurable:!0,writable:!0,value:12}),Object.defineProperty(this,"tagSize",{enumerable:!0,configurable:!0,writable:!0,value:16})}};var pe=class{constructor(){Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:v.ExportOnly}),Object.defineProperty(this,"keySize",{enumerable:!0,configurable:!0,writable:!0,value:0}),Object.defineProperty(this,"nonceSize",{enumerable:!0,configurable:!0,writable:!0,value:0}),Object.defineProperty(this,"tagSize",{enumerable:!0,configurable:!0,writable:!0,value:0})}createEncryptionContext(e){throw new y("Export only")}};function be(){return new Promise((i,e)=>{e(new y("Not supported"))})}var $e=new Uint8Array([115,101,99]),T=class{constructor(e,t,r){Object.defineProperty(this,"_api",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"exporterSecret",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_kdf",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._api=e,this._kdf=t,this.exporterSecret=r}async seal(e,t){return await be()}async open(e,t){return await be()}async export(e,t){if(e.byteLength>8192)throw new d("Too long exporter context");try{return await this._kdf.labeledExpand(this.exporterSecret,$e,new Uint8Array(e),t)}catch(r){throw new M(r)}}},J=class extends T{},V=class extends T{constructor(e,t,r,n){super(e,t,r),Object.defineProperty(this,"enc",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this.enc=n}};var N=class extends T{constructor(e,t,r){if(super(e,t,r.exporterSecret),Object.defineProperty(this,"_aead",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nK",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nN",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nT",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_ctx",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),r.key===void 0||r.baseNonce===void 0||r.seq===void 0)throw new Error("Required parameters are missing");this._aead=r.aead,this._nK=this._aead.keySize,this._nN=this._aead.nonceSize,this._nT=this._aead.tagSize;let n=this._aead.createEncryptionContext(r.key);this._ctx={key:n,baseNonce:r.baseNonce,seq:r.seq}}computeNonce(e){let t=_(e.seq,e.baseNonce.byteLength);return le(e.baseNonce,t)}incrementSeq(e){if(e.seq>Number.MAX_SAFE_INTEGER)throw new X("Message limit reached");e.seq+=1}};var Z=class extends N{async open(e,t=s){let r;try{r=await this._ctx.key.open(this.computeNonce(this._ctx),e,t)}catch(n){throw new G(n)}return this.incrementSeq(this._ctx),r}};var Q=class extends N{constructor(e,t,r,n){super(e,t,r),Object.defineProperty(this,"enc",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this.enc=n}async seal(e,t=s){let r;try{r=await this._ctx.key.seal(this.computeNonce(this._ctx),e,t)}catch(n){throw new R(n)}return this.incrementSeq(this._ctx),r}};var qe=new Uint8Array([98,97,115,101,95,110,111,110,99,101]),Ye=new Uint8Array([101,120,112]),We=new Uint8Array([105,110,102,111,95,104,97,115,104]),Je=new Uint8Array([107,101,121]),Ve=new Uint8Array([112,115,107,95,105,100,95,104,97,115,104]),Ze=new Uint8Array([115,101,99,114,101,116]),Qe=new Uint8Array([72,80,75,69,0,0,0,0,0,0]),ee=class extends b{constructor(e){if(super(),Object.defineProperty(this,"_kem",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_kdf",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_aead",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_suiteId",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),typeof e.kem=="number")throw new d("KemId cannot be used");if(this._kem=e.kem,typeof e.kdf=="number")throw new d("KdfId cannot be used");if(this._kdf=e.kdf,typeof e.aead=="number")throw new d("AeadId cannot be used");this._aead=e.aead,this._suiteId=new Uint8Array(Qe),this._suiteId.set(_(this._kem.id,2),4),this._suiteId.set(_(this._kdf.id,2),6),this._suiteId.set(_(this._aead.id,2),8),this._kdf.init(this._suiteId)}get kem(){return this._kem}get kdf(){return this._kdf}get aead(){return this._aead}async createSenderContext(e){this._validateInputLength(e),await this._setup();let t=await this._kem.encap(e),r;return e.psk!==void 0?r=e.senderKey!==void 0?P.AuthPsk:P.Psk:r=e.senderKey!==void 0?P.Auth:P.Base,await this._keyScheduleS(r,t.sharedSecret,t.enc,e)}async createRecipientContext(e){this._validateInputLength(e),await this._setup();let t=await this._kem.decap(e),r;return e.psk!==void 0?r=e.senderPublicKey!==void 0?P.AuthPsk:P.Psk:r=e.senderPublicKey!==void 0?P.Auth:P.Base,await this._keyScheduleR(r,t,e)}async seal(e,t,r=s){let n=await this.createSenderContext(e);return{ct:await n.seal(t,r),enc:n.enc}}async open(e,t,r=s){return await(await this.createRecipientContext(e)).open(t,r)}async _keySchedule(e,t,r){let n=r.psk===void 0?s:new Uint8Array(r.psk.id),a=await this._kdf.labeledExtract(s,Ve,n),o=r.info===void 0?s:new Uint8Array(r.info),c=await this._kdf.labeledExtract(s,We,o),l=new Uint8Array(1+a.byteLength+c.byteLength);l.set(new Uint8Array([e]),0),l.set(new Uint8Array(a),1),l.set(new Uint8Array(c),1+a.byteLength);let g=r.psk===void 0?s:new Uint8Array(r.psk.key),k=this._kdf.buildLabeledIkm(Ze,g),$=this._kdf.buildLabeledInfo(Ye,l,this._kdf.hashSize),m=await this._kdf.extractAndExpand(t,k,$,this._kdf.hashSize);if(this._aead.id===v.ExportOnly)return{aead:this._aead,exporterSecret:m};let Ee=this._kdf.buildLabeledInfo(Je,l,this._aead.keySize),Ie=await this._kdf.extractAndExpand(t,k,Ee,this._aead.keySize),ze=this._kdf.buildLabeledInfo(qe,l,this._aead.nonceSize),Ue=await this._kdf.extractAndExpand(t,k,ze,this._aead.nonceSize);return{aead:this._aead,exporterSecret:m,key:Ie,baseNonce:new Uint8Array(Ue),seq:0}}async _keyScheduleS(e,t,r,n){let a=await this._keySchedule(e,t,n);return a.key===void 0?new V(this._api,this._kdf,a.exporterSecret,r):new Q(this._api,this._kdf,a,r)}async _keyScheduleR(e,t,r){let n=await this._keySchedule(e,t,r);return n.key===void 0?new J(this._api,this._kdf,n.exporterSecret):new Z(this._api,this._kdf,n)}_validateInputLength(e){if(e.info!==void 0&&e.info.byteLength>8192)throw new d("Too long info");if(e.psk!==void 0){if(e.psk.key.byteLength<32)throw new d(`PSK must have at least ${32} bytes`);if(e.psk.key.byteLength>8192)throw new d("Too long psk.key");if(e.psk.id.byteLength>8192)throw new d("Too long psk.id")}}};var te=class extends x{constructor(){let e=new S,t=new O(u.DhkemP256HkdfSha256,e);super(u.DhkemP256HkdfSha256,t,e),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:u.DhkemP256HkdfSha256}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:65}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:65}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:32})}},re=class extends x{constructor(){let e=new D,t=new O(u.DhkemP384HkdfSha384,e);super(u.DhkemP384HkdfSha384,t,e),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:u.DhkemP384HkdfSha384}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:48}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:97}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:97}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:48})}},ie=class extends x{constructor(){let e=new A,t=new O(u.DhkemP521HkdfSha512,e);super(u.DhkemP521HkdfSha512,t,e),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:u.DhkemP521HkdfSha512}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:64}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:133}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:133}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:64})}};var we=class extends ee{},_e=class extends te{},me=class extends re{},xe=class extends ie{},ge=class extends S{},ke=class extends D{},Pe=class extends A{};var ne="X25519",et=new Uint8Array([48,46,2,1,0,48,5,6,3,43,101,110,4,34,4,32]),ae=class extends b{constructor(e){super(),Object.defineProperty(this,"_hkdf",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_alg",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nPk",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nSk",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nDh",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_pkcs8AlgId",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._alg={name:ne},this._hkdf=e,this._nPk=32,this._nSk=32,this._nDh=32,this._pkcs8AlgId=et}async serializePublicKey(e){await this._setup();try{return await this._api.exportKey("raw",e)}catch(t){throw new f(t)}}async deserializePublicKey(e){await this._setup();try{return await this._importRawKey(e,!0)}catch(t){throw new h(t)}}async serializePrivateKey(e){await this._setup();try{let t=await this._api.exportKey("jwk",e);if(!("d"in t))throw new Error("Not private key");return j(t.d)}catch(t){throw new f(t)}}async deserializePrivateKey(e){await this._setup();try{return await this._importRawKey(e,!1)}catch(t){throw new h(t)}}async importKey(e,t,r){await this._setup();try{if(e==="raw")return await this._importRawKey(t,r);if(t instanceof ArrayBuffer)throw new Error("Invalid jwk key format");return await this._importJWK(t,r)}catch(n){throw new h(n)}}async generateKeyPair(){await this._setup();try{return await this._api.generateKey(ne,!0,w)}catch(e){throw new y(e)}}async deriveKeyPair(e){await this._setup();try{let t=await this._hkdf.labeledExtract(s,z,new Uint8Array(e)),r=await this._hkdf.labeledExpand(t,H,s,this._nSk),n=new Uint8Array(r),a=await this._deserializePkcs8Key(n);return n.fill(0),{privateKey:a,publicKey:await this.derivePublicKey(a)}}catch(t){throw new K(t)}}async derivePublicKey(e){await this._setup();try{let t=await this._api.exportKey("jwk",e);return delete t.d,delete t.key_ops,await this._api.importKey("jwk",t,this._alg,!0,[])}catch(t){throw new h(t)}}async dh(e,t){await this._setup();try{return await this._api.deriveBits({name:ne,public:t},e,this._nDh*8)}catch(r){throw new f(r)}}async _importRawKey(e,t){if(t&&e.byteLength!==this._nPk)throw new Error("Invalid public key for the ciphersuite");if(!t&&e.byteLength!==this._nSk)throw new Error("Invalid private key for the ciphersuite");return t?await this._api.importKey("raw",e,this._alg,!0,[]):await this._deserializePkcs8Key(new Uint8Array(e))}async _importJWK(e,t){if(typeof e.kty>"u"||e.kty!=="OKP")throw new Error(`Invalid kty: ${e.crv}`);if(typeof e.crv>"u"||e.crv!==ne)throw new Error(`Invalid crv: ${e.crv}`);if(t){if(typeof e.d<"u")throw new Error("Invalid key: `d` should not be set");return await this._api.importKey("jwk",e,this._alg,!0,[])}if(typeof e.d>"u")throw new Error("Invalid key: `d` not found");return await this._api.importKey("jwk",e,this._alg,!0,w)}async _deserializePkcs8Key(e){let t=new Uint8Array(this._pkcs8AlgId.length+e.length);return t.set(this._pkcs8AlgId,0),t.set(e,this._pkcs8AlgId.length),await this._api.importKey("pkcs8",t,this._alg,!0,w)}};var Ke=class extends x{constructor(){let e=new S;super(u.DhkemX25519HkdfSha256,new ae(e),e),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:u.DhkemX25519HkdfSha256}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:32})}};var se="X448",tt=new Uint8Array([48,70,2,1,0,48,5,6,3,43,101,111,4,58,4,56]),oe=class extends b{constructor(e){super(),Object.defineProperty(this,"_hkdf",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_alg",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nPk",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nSk",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_nDh",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),Object.defineProperty(this,"_pkcs8AlgId",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._alg={name:se},this._hkdf=e,this._nPk=56,this._nSk=56,this._nDh=56,this._pkcs8AlgId=tt}async serializePublicKey(e){await this._setup();try{return await this._api.exportKey("raw",e)}catch(t){throw new f(t)}}async deserializePublicKey(e){await this._setup();try{return await this._importRawKey(e,!0)}catch(t){throw new h(t)}}async serializePrivateKey(e){await this._setup();try{let t=await this._api.exportKey("jwk",e);if(!("d"in t))throw new Error("Not private key");return j(t.d)}catch(t){throw new f(t)}}async deserializePrivateKey(e){await this._setup();try{return await this._importRawKey(e,!1)}catch(t){throw new h(t)}}async importKey(e,t,r){await this._setup();try{if(e==="raw")return await this._importRawKey(t,r);if(t instanceof ArrayBuffer)throw new Error("Invalid jwk key format");return await this._importJWK(t,r)}catch(n){throw new h(n)}}async generateKeyPair(){await this._setup();try{return await this._api.generateKey(se,!0,w)}catch(e){throw new y(e)}}async deriveKeyPair(e){await this._setup();try{let t=await this._hkdf.labeledExtract(s,z,new Uint8Array(e)),r=await this._hkdf.labeledExpand(t,H,s,this._nSk),n=new Uint8Array(r),a=await this._deserializePkcs8Key(n);return n.fill(0),{privateKey:a,publicKey:await this.derivePublicKey(a)}}catch(t){throw new K(t)}}async derivePublicKey(e){await this._setup();try{let t=await this._api.exportKey("jwk",e);return delete t.d,delete t.key_ops,await this._api.importKey("jwk",t,this._alg,!0,[])}catch(t){throw new h(t)}}async dh(e,t){await this._setup();try{return await this._api.deriveBits({name:se,public:t},e,this._nDh*8)}catch(r){throw new f(r)}}async _importRawKey(e,t){if(t&&e.byteLength!==this._nPk)throw new Error("Invalid public key for the ciphersuite");if(!t&&e.byteLength!==this._nSk)throw new Error("Invalid private key for the ciphersuite");return t?await this._api.importKey("raw",e,this._alg,!0,[]):await this._deserializePkcs8Key(new Uint8Array(e))}async _importJWK(e,t){if(typeof e.kty>"u"||e.kty!=="OKP")throw new Error(`Invalid kty: ${e.crv}`);if(typeof e.crv>"u"||e.crv!==se)throw new Error(`Invalid crv: ${e.crv}`);if(t){if(typeof e.d<"u")throw new Error("Invalid key: `d` should not be set");return await this._api.importKey("jwk",e,this._alg,!0,[])}if(typeof e.d>"u")throw new Error("Invalid key: `d` not found");return await this._api.importKey("jwk",e,this._alg,!0,w)}async _deserializePkcs8Key(e){let t=new Uint8Array(this._pkcs8AlgId.length+e.length);return t.set(this._pkcs8AlgId,0),t.set(e,this._pkcs8AlgId.length),await this._api.importKey("pkcs8",t,this._alg,!0,w)}};var ve=class extends x{constructor(){let e=new A;super(u.DhkemX448HkdfSha512,new oe(e),e),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:u.DhkemX448HkdfSha512}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:64}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:56}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:56}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:56})}};export{v as AeadId,W as Aes128Gcm,ye as Aes256Gcm,we as CipherSuite,C as DecapError,K as DeriveKeyPairError,h as DeserializeError,_e as DhkemP256HkdfSha256,me as DhkemP384HkdfSha384,xe as DhkemP521HkdfSha512,Ke as DhkemX25519HkdfSha256,ve as DhkemX448HkdfSha512,B as EncapError,M as ExportError,pe as ExportOnly,ge as HkdfSha256,ke as HkdfSha384,Pe as HkdfSha512,p as HpkeError,d as InvalidParamError,U as KdfId,u as KemId,X as MessageLimitReachedError,y as NotSupportedError,G as OpenError,R as SealError,f as SerializeError,ue as ValidationError}; diff --git a/ml-kem/src/hpke-ml-kem.js b/ml-kem/src/hpke-ml-kem.js new file mode 100644 index 000000000..b848b5f27 --- /dev/null +++ b/ml-kem/src/hpke-ml-kem.js @@ -0,0 +1,6 @@ +var v=class extends Error{constructor(e){let i;e instanceof Error?i=e.message:typeof e=="string"?i=e:i="",super(i),this.name=this.constructor.name}};var Y=[2285,2571,2970,1812,1493,1422,287,202,3158,622,1577,182,962,2127,1855,1468,573,2004,264,383,2500,1458,1727,3199,2648,1017,732,608,1787,411,3124,1758,1223,652,2777,1015,2036,1491,3047,1785,516,3321,3009,2663,1711,2167,126,1469,2476,3239,3058,830,107,1908,3082,2378,2931,961,1821,2604,448,2264,677,2054,2226,430,555,843,2078,871,1550,105,422,587,177,3094,3038,2869,1574,1653,3083,778,1159,3182,2552,1483,2727,1119,1739,644,2457,349,418,329,3173,3254,817,1097,603,610,1322,2044,1864,384,2114,3193,1218,1994,2455,220,2142,1670,2144,1799,2051,794,1819,2475,2459,478,3221,3021,996,991,958,1869,1522,1628],se=[1701,1807,1460,2371,2338,2333,308,108,2851,870,854,1510,2535,1278,1530,1185,1659,1187,3109,874,1335,2111,136,1215,2945,1465,1285,2007,2719,2726,2232,2512,75,156,3e3,2911,2980,872,2685,1590,2210,602,1846,777,147,2170,2551,246,1676,1755,460,291,235,3152,2742,2907,3224,1779,2458,1251,2486,2774,2899,1103,1275,2652,1065,2881,725,1508,2368,398,951,247,1421,3222,2499,271,90,853,1860,3203,1162,1618,666,320,8,2813,1544,282,1838,1293,2314,552,2677,2106,1571,205,2918,1542,2721,2597,2312,681,130,1602,1871,829,2946,3065,1325,2756,1861,1474,1202,2367,3147,1752,2707,171,3127,3042,1907,1836,1517,359,758,1441];function ae(r){if(!Number.isSafeInteger(r)||r<0)throw new Error(`positive integer expected, not ${r}`)}function nt(r){return r instanceof Uint8Array||r!=null&&typeof r=="object"&&r.constructor.name==="Uint8Array"}function T(r,...e){if(!nt(r))throw new Error("Uint8Array expected");if(e.length>0&&!e.includes(r.length))throw new Error(`Uint8Array expected of length ${e}, not of length=${r.length}`)}function oe(r,e=!0){if(r.destroyed)throw new Error("Hash instance has been destroyed");if(e&&r.finished)throw new Error("Hash#digest() has already been called")}function Pe(r,e){T(r);let i=e.outputLen;if(r.length>Ke&Z)}:{h:Number(r>>Ke&Z)|0,l:Number(r&Z)|0}}function Ae(r,e=!1){let i=new Uint32Array(r.length),t=new Uint32Array(r.length);for(let n=0;nr<>>32-i,ze=(r,e,i)=>e<>>32-i,Ee=(r,e,i)=>e<>>64-i,Ue=(r,e,i)=>r<>>64-i;var Le=r=>new Uint32Array(r.buffer,r.byteOffset,Math.floor(r.byteLength/4));var ue=new Uint8Array(new Uint32Array([287454020]).buffer)[0]===68,at=r=>r<<24&4278190080|r<<8&16711680|r>>>8&65280|r>>>24&255;function ce(r){for(let e=0;er().update(q(t)).digest(),i=r();return e.outputLen=i.outputLen,e.blockLen=i.blockLen,e.create=()=>r(),e}function Oe(r){let e=(t,n)=>r(n).update(q(t)).digest(),i=r({});return e.outputLen=i.outputLen,e.blockLen=i.blockLen,e.create=t=>r(t),e}var je=[],He=[],Me=[],ut=BigInt(0),j=BigInt(1),ct=BigInt(2),lt=BigInt(7),ht=BigInt(256),ft=BigInt(113);for(let r=0,e=j,i=1,t=0;r<24;r++){[i,t]=[t,(2*i+3*t)%5],je.push(2*(5*t+i)),He.push((r+1)*(r+2)/2%64);let n=ut;for(let s=0;s<7;s++)e=(e<>lt)*ft)%ht,e&ct&&(n^=j<<(j<i>32?Ee(r,e,i):Se(r,e,i),Te=(r,e,i)=>i>32?Ue(r,e,i):ze(r,e,i);function dt(r,e=24){let i=new Uint32Array(10);for(let t=24-e;t<24;t++){for(let a=0;a<10;a++)i[a]=r[a]^r[a+10]^r[a+20]^r[a+30]^r[a+40];for(let a=0;a<10;a+=2){let o=(a+8)%10,h=(a+2)%10,m=i[h],c=i[h+1],_=Be(m,c,1)^i[o],B=Te(m,c,1)^i[o+1];for(let w=0;w<50;w+=10)r[a+w]^=_,r[a+w+1]^=B}let n=r[2],s=r[3];for(let a=0;a<24;a++){let o=He[a],h=Be(n,s,o),m=Te(n,s,o),c=je[a];n=r[c],s=r[c+1],r[c]=h,r[c+1]=m}for(let a=0;a<50;a+=10){for(let o=0;o<10;o++)i[o]=r[a+o];for(let o=0;o<10;o++)r[a+o]^=~i[(o+2)%10]&i[(o+4)%10]}r[0]^=yt[t],r[1]^=pt[t]}i.fill(0)}var ee=class r extends J{constructor(e,i,t,n=!1,s=24){if(super(),this.blockLen=e,this.suffix=i,this.outputLen=t,this.enableXOF=n,this.rounds=s,this.pos=0,this.posOut=0,this.finished=!1,this.destroyed=!1,ae(t),0>=this.blockLen||this.blockLen>=200)throw new Error("Sha3 supports only keccak-f1600 function");this.state=new Uint8Array(200),this.state32=Le(this.state)}keccak(){ue||ce(this.state32),dt(this.state32,this.rounds),ue||ce(this.state32),this.posOut=0,this.pos=0}update(e){oe(this);let{blockLen:i,state:t}=this;e=q(e);let n=e.length;for(let s=0;s=t&&this.keccak();let a=Math.min(t-this.posOut,s-n);e.set(i.subarray(this.posOut,this.posOut+a),n),this.posOut+=a,n+=a}return e}xofInto(e){if(!this.enableXOF)throw new Error("XOF is not possible for this instance");return this.writeInto(e)}xof(e){return ae(e),this.xofInto(new Uint8Array(e))}digestInto(e){if(Pe(e,this),this.finished)throw new Error("digest() was already called");return this.writeInto(e),this.destroy(),e}digest(){return this.digestInto(new Uint8Array(this.outputLen))}destroy(){this.destroyed=!0,this.state.fill(0)}_cloneInto(e){let{blockLen:i,suffix:t,outputLen:n,rounds:s,enableXOF:a}=this;return e||(e=new r(i,t,n,a,s)),e.state32.set(this.state32),e.pos=this.pos,e.posOut=this.posOut,e.finished=this.finished,e.rounds=s,e.suffix=t,e.outputLen=n,e.enableXOF=a,e.destroyed=this.destroyed,e}},P=(r,e,i)=>Ie(()=>new ee(e,r,i)),Nt=P(6,144,224/8),le=P(6,136,256/8),Rt=P(6,104,384/8),he=P(6,72,512/8),Ft=P(1,144,224/8),Gt=P(1,136,256/8),Vt=P(1,104,384/8),$t=P(1,72,512/8),De=(r,e,i)=>Oe((t={})=>new ee(e,r,t.dkLen===void 0?i:t.dkLen,!0)),fe=De(31,168,128/8),H=De(31,136,256/8);var bt={},Ce=wt(globalThis,bt);function wt(r,e){return new Proxy(r,{get(i,t,n){return t in e?e[t]:r[t]},set(i,t,n){return t in e&&delete e[t],r[t]=n,!0},deleteProperty(i,t){let n=!1;return t in e&&(delete e[t],n=!0),t in r&&(delete r[t],n=!0),n},ownKeys(i){let t=Reflect.ownKeys(r),n=Reflect.ownKeys(e),s=new Set(n);return[...t.filter(a=>!s.has(a)),...n]},defineProperty(i,t,n){return t in e&&delete e[t],Reflect.defineProperty(r,t,n),!0},getOwnPropertyDescriptor(i,t){return t in e?Reflect.getOwnPropertyDescriptor(e,t):Reflect.getOwnPropertyDescriptor(r,t)},has(i,t){return t in e||t in r}})}function f(r){return r%256}function b(r){return r>=-32768&&r<=32767?r:r<-32768?(r=r+32769,r=r%65536,32767+r):(r=r-32768,r=r%65536,-32768+r)}function u(r){return r%65536}function te(r){return r>=-2147483648&&r<=2147483647?r:r<-2147483648?(r=r+2147483649,r=r%4294967296,2147483647+r):(r=r-2147483648,r=r%4294967296,-2147483648+r)}function d(r){return r%4294967296}function Ne(r,e){if(r.length!=e.length)return 0;let i=new Uint8Array([0]);for(let n=0;n>4,t[0]&=t[0]>>2,t[0]&=t[0]>>1,t[0]}function Re(r,e){if(r.length!=e.length)return!1;for(let i=0;i>0),e[n++]=f(t[0]>>8|t[1]<<2),e[n++]=f(t[1]>>6|t[2]<<4),e[n++]=f(t[2]>>4|t[3]<<6),e[n++]=f(t[3]>>2)}return e}_compressV(e,i){let t=new Uint8Array(8);for(let n=0,s=0;s<256/8;s++){for(let a=0;a<8;a++)t[a]=f(((i[8*s+a]<<4)+3329/2)/3329)&15;e[n++]=t[0]|t[1]<<4,e[n++]=t[2]|t[3]<<4,e[n++]=t[4]|t[5]<<4,e[n++]=t[6]|t[7]<<4}return e}_decompressU(e){let i=new Array(this._k);for(let n=0;n>0|u(e[n+1])<<8,t[1]=u(e[n+1])>>2|u(e[n+2])<<6,t[2]=u(e[n+2])>>4|u(e[n+3])<<4,t[3]=u(e[n+3])>>6|u(e[n+4])<<2,n=n+5;for(let o=0;o<4;o++)i[s][4*a+o]=b(d(t[o]&1023)*d(3329)+512>>10)}return i}_decompressV(e){let i=new Array(384);for(let t=0,n=0;n<256/2;n++,t++)i[2*n+0]=b(u(e[t]&15)*u(3329)+8>>4),i[2*n+1]=b(u(e[t]>>4)*u(3329)+8>>4);return i}};function ye(r,e){let i=he.create().update(r);e!==void 0&&i.update(e);let t=i.digest();return[t.subarray(0,32),t.subarray(32,64)]}function $e(r){return le.create().update(r).digest()}function gt(r,e){let i=H.create({dkLen:32}).update(r);return e!==void 0&&i.update(e),i.digest()}function xt(r,e){return fe.create({dkLen:672}).update(r).update(e).digest()}function pe(r){let e=0,i=0,t=new Uint8Array(384),n=et(r);for(let s=0;s<256/2;s++)e=u(n[2*s]),i=u(n[2*s+1]),t[3*s+0]=f(e>>0),t[3*s+1]=f(e>>8)|f(i<<4),t[3*s+2]=f(i>>4);return t}function Xe(r){let e=new Array(384).fill(0);for(let i=0;i<256/2;i++)e[2*i]=b((u(r[3*i+0])>>0|u(r[3*i+1])<<8)&4095),e[2*i+1]=b((u(r[3*i+1])>>4|u(r[3*i+2])<<4)&4095);return e}function kt(r){let e=new Uint8Array(32),i,t=et(r);for(let n=0;n<256/8;n++){e[n]=0;for(let s=0;s<8;s++)i=((u(t[8*n+s])<<1)+u(3329/2))/u(3329)&1,e[n]|=f(i<>n&1),e[8*t+n]=i&b(3330/2);return e}function We(r,e,i){let t=new Array(384).fill(0),n=0,s,a;for(let o=0;n>0)|u(r[o+1])<<8)&4095,a=(u(r[o+1]>>4)|u(r[o+2])<<4)&4095,o=o+3,s<3329&&(t[n]=s,n=n+1),n>1&1431655765);for(let h=0;h<8;h++)n=b(t>>4*h+0&3),s=b(t>>4*h+e&3),a[8*o+h]=n-s}return a}function re(r){for(let e=0,i=1,t=128;t>=2;t>>=1)for(let n=0;n<256;n=e+t){let s=Y[i];for(i=i+1,e=n;e>24;return i=i*3329,r-i}function qe(r){let i=b(te(r)*62209)*3329;return i=r-i,i>>=16,b(i)}function Pt(r){for(let i=0;i<256;i++)r[i]=qe(te(r[i])*te(1353));return r}function ie(r,e){let i=Ye(r[0],e[0]),t;for(let n=1;n>31&3329;return r}var C=class extends A{constructor(){super(),Object.defineProperty(this,"_k",{enumerable:!0,configurable:!0,writable:!0,value:2}),Object.defineProperty(this,"_du",{enumerable:!0,configurable:!0,writable:!0,value:10}),Object.defineProperty(this,"_dv",{enumerable:!0,configurable:!0,writable:!0,value:4}),Object.defineProperty(this,"_eta1",{enumerable:!0,configurable:!0,writable:!0,value:3}),Object.defineProperty(this,"_eta2",{enumerable:!0,configurable:!0,writable:!0,value:2}),this._skSize=12*this._k*256/8,this._pkSize=this._skSize+32,this._compressedUSize=this._k*this._du*256/8,this._compressedVSize=this._dv*256/8}_sampleNoise1(e,i,t){let n=new Array(t);for(let s=0;s>1&2396745),t=t+(i>>2&2396745);for(let h=0;h<4;h++)n=b(t>>6*h+0&7),s=b(t>>6*h+e&7),a[4*o+h]=n-s}return a}var N=class extends A{constructor(){super(),Object.defineProperty(this,"_k",{enumerable:!0,configurable:!0,writable:!0,value:3}),Object.defineProperty(this,"_du",{enumerable:!0,configurable:!0,writable:!0,value:10}),Object.defineProperty(this,"_dv",{enumerable:!0,configurable:!0,writable:!0,value:4}),Object.defineProperty(this,"_eta1",{enumerable:!0,configurable:!0,writable:!0,value:2}),Object.defineProperty(this,"_eta2",{enumerable:!0,configurable:!0,writable:!0,value:2}),this._skSize=12*this._k*256/8,this._pkSize=this._skSize+32,this._compressedUSize=this._k*this._du*256/8,this._compressedVSize=this._dv*256/8}};var R=class extends A{constructor(){super(),Object.defineProperty(this,"_k",{enumerable:!0,configurable:!0,writable:!0,value:4}),Object.defineProperty(this,"_du",{enumerable:!0,configurable:!0,writable:!0,value:11}),Object.defineProperty(this,"_dv",{enumerable:!0,configurable:!0,writable:!0,value:5}),Object.defineProperty(this,"_eta1",{enumerable:!0,configurable:!0,writable:!0,value:2}),Object.defineProperty(this,"_eta2",{enumerable:!0,configurable:!0,writable:!0,value:2}),this._skSize=12*this._k*256/8,this._pkSize=this._skSize+32,this._compressedUSize=this._k*this._du*256/8,this._compressedVSize=this._dv*256/8}_compressU(e,i){let t=new Array(8);for(let n=0,s=0;s>0),e[n++]=f(t[0]>>8|t[1]<<3),e[n++]=f(t[1]>>5|t[2]<<6),e[n++]=f(t[2]>>2),e[n++]=f(t[2]>>10|t[3]<<1),e[n++]=f(t[3]>>7|t[4]<<4),e[n++]=f(t[4]>>4|t[5]<<7),e[n++]=f(t[5]>>1),e[n++]=f(t[5]>>9|t[6]<<2),e[n++]=f(t[6]>>6|t[7]<<5),e[n++]=f(t[7]>>3)}return e}_compressV(e,i){let t=new Uint8Array(8);for(let n=0,s=0;s<256/8;s++){for(let a=0;a<8;a++)t[a]=f(((d(i[8*s+a])<<5)+d(3329/2))/d(3329))&31;e[n++]=f(t[0]>>0|t[1]<<5),e[n++]=f(t[1]>>3|t[2]<<2|t[3]<<7),e[n++]=f(t[3]>>1|t[4]<<4),e[n++]=f(t[4]>>4|t[5]<<1|t[6]<<6),e[n++]=f(t[6]>>2|t[7]<<3)}return e}_decompressU(e){let i=new Array(this._k);for(let n=0;n>0|u(e[n+1])<<8,t[1]=u(e[n+1])>>3|u(e[n+2])<<5,t[2]=u(e[n+2])>>6|u(e[n+3])<<2|u(e[n+4])<<10,t[3]=u(e[n+4])>>1|u(e[n+5])<<7,t[4]=u(e[n+5])>>4|u(e[n+6])<<4,t[5]=u(e[n+6])>>7|u(e[n+7])<<1|u(e[n+8])<<9,t[6]=u(e[n+8])>>2|u(e[n+9])<<6,t[7]=u(e[n+9])>>5|u(e[n+10])<<3,n=n+11;for(let o=0;o<8;o++)i[s][8*a+o]=d(t[o]&2047)*3329+1024>>11}return i}_decompressV(e){let i=new Array(384),t=new Array(8);for(let n=0,s=0;s<256/8;s++){t[0]=e[n+0]>>0,t[1]=e[n+0]>>5|e[n+1]<<3,t[2]=e[n+1]>>2,t[3]=e[n+1]>>7|e[n+2]<<1,t[4]=e[n+2]>>4|e[n+3]<<4,t[5]=e[n+3]>>1,t[6]=e[n+3]>>6|e[n+4]<<2,t[7]=e[n+4]>>3,n=n+5;for(let a=0;a<8;a++)i[8*s+a]=b(d(t[a]&31)*d(3329)+16>>5)}return i}};var x=class extends Error{constructor(e){let i;e instanceof Error?i=e.message:typeof e=="string"?i=e:i="",super(i),this.name=this.constructor.name}},g=class extends x{};var L=class extends x{},S=class extends x{},F=class extends x{},G=class extends x{};var O=class extends x{},I=class extends x{};var St={},be=zt(globalThis,St);function zt(r,e){return new Proxy(r,{get(i,t,n){return t in e?e[t]:r[t]},set(i,t,n){return t in e&&delete e[t],r[t]=n,!0},deleteProperty(i,t){let n=!1;return t in e&&(delete e[t],n=!0),t in r&&(delete r[t],n=!0),n},ownKeys(i){let t=Reflect.ownKeys(r),n=Reflect.ownKeys(e),s=new Set(n);return[...t.filter(a=>!s.has(a)),...n]},defineProperty(i,t,n){return t in e&&delete e[t],Reflect.defineProperty(r,t,n),!0},getOwnPropertyDescriptor(i,t){return t in e?Reflect.getOwnPropertyDescriptor(e,t):Reflect.getOwnPropertyDescriptor(r,t)},has(i,t){return t in e||t in r}})}var z={NotAssigned:0,DhkemP256HkdfSha256:16,DhkemP384HkdfSha384:17,DhkemP521HkdfSha512:18,DhkemSecp256k1HkdfSha256:19,DhkemX25519HkdfSha256:32,DhkemX448HkdfSha512:33,HybridkemX25519Kyber768:48,MlKem512:64,MlKem768:65,MlKem1024:66,XWing:25722};var V=new Uint8Array(0);var we=new Uint8Array([75,69,77,0,0]);var $=r=>typeof r=="object"&&r!==null&&typeof r.privateKey=="object"&&typeof r.publicKey=="object";function X(r,e){let i=new Uint8Array(r.length+e.length);return i.set(r,0),i.set(e,r.length),i}function W(r){let e=r.replace(/-/g,"+").replace(/_/g,"/"),i=atob(e),t=new Uint8Array(i.length);for(let n=0;n{e.type!=="public"&&t(new Error("Not public key")),e.algorithm.name!==this.name&&t(new Error(`Invalid algorithm name: ${e.algorithm.name}`)),e.key.byteLength!==this.publicKeySize&&t(new Error(`Invalid key length: ${e.key.byteLength}`)),i(e.key.buffer)})}_deserializePublicKey(e){return new Promise((i,t)=>{e.byteLength!==this.publicKeySize&&t(new Error(`Invalid key length: ${e.byteLength}`)),i(new E(this.name,new Uint8Array(e),"public"))})}_serializePrivateKey(e){return new Promise((i,t)=>{e.type!=="private"&&t(new Error("Not private key")),e.algorithm.name!==this.name&&t(new Error(`Invalid algorithm name: ${e.algorithm.name}`)),e.key.byteLength!==this.privateKeySize&&t(new Error(`Invalid key length: ${e.key.byteLength}`)),i(e.key.buffer)})}_deserializePrivateKey(e){return new Promise((i,t)=>{e.byteLength!==this.privateKeySize&&t(new Error(`Invalid key length: ${e.byteLength}`)),i(new E(this.name,new Uint8Array(e),"private",["deriveBits"]))})}_importJWK(e,i){return new Promise((t,n)=>{(typeof e.kty>"u"||e.kty!=="AKP")&&n(new Error(`Invalid kty: ${e.kty}`)),(typeof e.alg>"u"||e.alg!==this.name)&&n(new Error(`Invalid alg: ${e.alg}`)),i||(typeof e.priv>"u"&&n(new Error("Invalid key: `priv` not found")),typeof e.key_ops<"u"&&(e.key_ops.length!==1||e.key_ops[0]!=="deriveBits")&&n(new Error("Invalid key: `key_ops` should be ['deriveBits']")),t(W(e.priv))),typeof e.priv<"u"&&n(new Error("Invalid key: `priv` should not be set")),typeof e.pub>"u"&&n(new Error("Invalid key: `pub` not found")),typeof e.key_ops<"u"&&e.key_ops.length>0&&n(new Error("Invalid key: `key_ops` should not be set")),t(W(e.pub))})}},xe=class extends Q{constructor(){super(),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:z.MlKem512}),Object.defineProperty(this,"name",{enumerable:!0,configurable:!0,writable:!0,value:"ML-KEM-512"}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:768}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:800}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:64}),Object.defineProperty(this,"auth",{enumerable:!0,configurable:!0,writable:!0,value:!1}),Object.defineProperty(this,"_prim",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._prim=new C}},ke=class extends Q{constructor(){super(),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:z.MlKem768}),Object.defineProperty(this,"name",{enumerable:!0,configurable:!0,writable:!0,value:"ML-KEM-768"}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:1088}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:1184}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:64}),Object.defineProperty(this,"auth",{enumerable:!0,configurable:!0,writable:!0,value:!1}),Object.defineProperty(this,"_prim",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._prim=new N}},ve=class extends Q{constructor(){super(),Object.defineProperty(this,"id",{enumerable:!0,configurable:!0,writable:!0,value:z.MlKem1024}),Object.defineProperty(this,"name",{enumerable:!0,configurable:!0,writable:!0,value:"ML-KEM-1024"}),Object.defineProperty(this,"secretSize",{enumerable:!0,configurable:!0,writable:!0,value:32}),Object.defineProperty(this,"encSize",{enumerable:!0,configurable:!0,writable:!0,value:1568}),Object.defineProperty(this,"publicKeySize",{enumerable:!0,configurable:!0,writable:!0,value:1568}),Object.defineProperty(this,"privateKeySize",{enumerable:!0,configurable:!0,writable:!0,value:64}),Object.defineProperty(this,"auth",{enumerable:!0,configurable:!0,writable:!0,value:!1}),Object.defineProperty(this,"_prim",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this._prim=new R}};export{ve as MlKem1024,xe as MlKem512,ke as MlKem768}; +/*! Bundled license information: + +@noble/hashes/esm/utils.js: + (*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) *) +*/