Skip to main content
Using Deno in production at your company? Earn free Deno merch.
Give us feedback
Module

x/hpke/core/mod.ts>KemInterface

A Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API.
dajiaji/hpke-js
Latest
interface KemInterface
import { type KemInterface } from "https://deno.land/x/hpke@1.2.7/core/mod.ts";

The KEM interface.

Properties

readonly
id: KemId

The KEM identifier.

readonly
secretSize: number

The length in bytes of a KEM shared secret produced by this KEM (Nsecret).

readonly
encSize: number

The length in bytes of an encapsulated key produced by this KEM (Nenc).

readonly
publicKeySize: number

The length in bytes of an encoded public key for this KEM (Npk).

readonly
privateKeySize: number

The length in bytes of an encoded private key for this KEM (Nsk).

Methods

serializePublicKey(key: CryptoKey): Promise<ArrayBuffer>

Serializes a public key as CryptoKey to a byte string of length Npk.

If the error occurred, throws SerializeError.

deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey>

Deserializes a public key as a byte string of length Npk to CryptoKey.

If the error occurred, throws DeserializeError.

serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer>

Serializes a private key as CryptoKey to a byte string of length Nsk.

If the error occurred, throws SerializeError.

deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey>

Deserializes a private key as a byte string of length Nsk to CryptoKey.

If the error occurred, throws DeserializeError.

importKey(
format: "raw" | "jwk",
key: ArrayBuffer | JsonWebKey,
isPublic?: boolean,
): Promise<CryptoKey>

Imports a public or private key and converts to a CryptoKey.

Since key parameters for createSenderContext or createRecipientContext are CryptoKey format, you have to use this function to convert provided keys to CryptoKey.

Basically, this is a thin wrapper function of SubtleCrypto.importKey.

If the error occurred, throws DeserializeError.

generateKeyPair(): Promise<CryptoKeyPair>

Generates a key pair.

If the error occurred, throws NotSupportedError.

deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair>

Derives a key pair from the byte string ikm.

If the error occurred, throws DeriveKeyPairError.

encap(params: SenderContextParams): Promise<{ sharedSecret: ArrayBuffer; enc: ArrayBuffer; }>

Generates an ephemeral, fixed-length symmetric key and a fixed-length encapsulation of the key that can be decapsulated by the holder of the private key corresponding to pkR.

If the error occurred, throws EncapError.

decap(params: RecipientContextParams): Promise<ArrayBuffer>

Recovers the ephemeral symmetric key from its encapsulated representation enc.

If the error occurred, throws DecapError.