Merge pull request #223 from dajiaji/bump-to-1_0_0

Bump version up to 1.0.0.

.github/workflows/publish.yml

@@ -16,11 +16,10 @@ jobs:
       - uses: denoland/setup-deno@v1
         with:
           deno-version: v1.x
-      - name: Run dnt & minify
+      - name: Run dnt
         run: |
           npm install -g esbuild
           deno task dnt
-          deno task minify > ./npm/hpke.min.js
       - working-directory: ./npm
         run: npm publish
         env:
@@ -37,12 +36,11 @@ jobs:
       - uses: denoland/setup-deno@v1
         with:
           deno-version: v1.x
-      - name: Run dnt & minify
+      - name: Run dnt
         working-directory: ./core
         run: |
           npm install -g esbuild
           deno task dnt
-          deno task minify > ./npm/hpke-core.min.js
       - working-directory: ./core/npm
         run: npm publish
         env:
@@ -59,12 +57,11 @@ jobs:
       - uses: denoland/setup-deno@v1
         with:
           deno-version: v1.x
-      - name: Run dnt & minify
+      - name: Run dnt
         working-directory: ./x/dhkem-x25519
         run: |
           npm install -g esbuild
           deno task dnt
-          deno task minify > ./npm/hpke-dhkem-x25519.min.js
       - working-directory: ./x/dhkem-x25519/npm
         run: npm publish
         env:
@@ -81,12 +78,11 @@ jobs:
       - uses: denoland/setup-deno@v1
         with:
           deno-version: v1.x
-      - name: Run dnt & minify
+      - name: Run dnt
         working-directory: ./x/dhkem-x448
         run: |
           npm install -g esbuild
           deno task dnt
-          deno task minify > ./npm/hpke-dhkem-x448.min.js
       - working-directory: ./x/dhkem-x448/npm
         run: npm publish
         env:
@@ -103,12 +99,11 @@ jobs:
       - uses: denoland/setup-deno@v1
         with:
           deno-version: v1.x
-      - name: Run dnt & minify
+      - name: Run dnt
         working-directory: ./x/chacha20poly1305
         run: |
           npm install -g esbuild
           deno task dnt
-          deno task minify > ./npm/hpke-chacha20poly1305.min.js
       - working-directory: ./x/chacha20poly1305/npm
         run: npm publish
         env:
@@ -125,12 +120,11 @@ jobs:
       - uses: denoland/setup-deno@v1
         with:
           deno-version: v1.x
-      - name: Run dnt & minify
+      - name: Run dnt
         working-directory: ./x/dhkem-secp256k1
         run: |
           npm install -g esbuild
           deno task dnt
-          deno task minify > ./npm/hpke-dhkem-secp256k1.min.js
       - working-directory: ./x/dhkem-secp256k1/npm
         run: npm publish
         env:

CHANGES.md

@@ -1,5 +1,31 @@
 # Changes
 
+## Version 1.0.0
+
+Released 2023-08-05
+
+- [(#222) Increase the input limits from 128 bytes to 8192 bytes.](https://github.com/dajiaji/hpke-js/pull/222)
+  by @snorp
+- [(#220) Add hpke/chacha20poly1305.](https://github.com/dajiaji/hpke-js/pull/220)
+- [(#219) Add hpke/dhkem-x448.](https://github.com/dajiaji/hpke-js/pull/219)
+- [(#218) Update dhkem-secp256k1 test to use hpke/core.](https://github.com/dajiaji/hpke-js/pull/218)
+- [(#217) Add hpke/dhkem-x25519.](https://github.com/dajiaji/hpke-js/pull/217)
+- [(#216) Add hpke/core.](https://github.com/dajiaji/hpke-js/pull/216)
+- [(#215) Expose CipherSuiteNative class for hpke-js.](https://github.com/dajiaji/hpke-js/pull/215)
+- [(#214) BREAKING CHANGES for 1.0.0.](https://github.com/dajiaji/hpke-js/pull/214)
+  - Change CipherSuite.kem/kdf/aead to CipherSuite.kem.id/kdf.id/aead.id.
+  - Remove KemId.DhkemSecp256"K"1HkdfSha256.
+  - Remove CipherSuite.kemContext(). (Use CipherSuite.kem)
+  - Remove CipherSuite.kdfContext(). (Use CipherSuite.kdf)
+  - Remove createAeadKey from CipherSuite. (Use
+    CipherSuite.aead.createEncryptionContext())
+  - Rename AeadKey to AeadEncryptionContext.
+  - Simplify AeadEncryptionContext interface.
+  - Drop support for bi-drectional encryption.
+- [(#213) Update x/dhkem-secp256k1/deno.json.](https://github.com/dajiaji/hpke-js/pull/213)
+- [(#212) Separate the HKDF classes dependent on external modules from the independent base class.](https://github.com/dajiaji/hpke-js/pull/212)
+- [(#211) Separate dhkemPrimitives from dhkem classes.](https://github.com/dajiaji/hpke-js/pull/211)
+
 ## Version 0.22.2
 
 Released 2023-07-28

SECURITY.md

@@ -4,6 +4,7 @@
 
 | Version | Supported          |
 | ------- | ------------------ |
+| 1.0.x   | :white_check_mark: |
 | 0.22.x  | :white_check_mark: |
 | < 0.22  | :x:                |
 

core/README.md

@@ -0,0 +1,231 @@
+<h1 align="center">@hpke/core</h1>
+
+<div align="center">
+A TypeScript <a href="https://datatracker.ietf.org/doc/html/rfc9180">Hybrid Public Key Encryption (HPKE)</a> core module implemented using only <a href="https://www.w3.org/TR/WebCryptoAPI/">Web Cryptography API</a>. It does not support the X25519/X448-based KEMs and the ChaCha20Poly1305 AEAD, but it has no external module dependencies and is small in size.</div>
+<p></p>
+
+<div align="center">
+
+[Documentation](https://doc.deno.land/https://deno.land/x/hpke/core/mod.ts)
+
+</div>
+
+## Index
+
+- [Installation](#installation)
+  - [Web Browser](#web-browser)
+  - [Node.js](#nodejs)
+  - [Deno](#deno)
+  - [Cloudflare Workers](#cloudflare-workers)
+- [Usage](#usage)
+- [Contributing](#contributing)
+
+## Installation
+
+### Web Browser
+
+Followings are how to use with typical CDNs. Other CDNs can be used as well.
+
+Using esm.sh:
+
+```html
+<!-- use a specific version -->
+<script type="module">
+  import * as hpke from "https://esm.sh/@hpke/[email protected]";
+  // import { KemId, KdfId, AeadId, CipherSuite } from "https://esm.sh/@hpke/[email protected]";
+</script>
+
+<!-- use the latest stable version -->
+<script type="module">
+  import * as hpke from "https://esm.sh/@hpke/core";
+  // ...
+</script>
+```
+
+Using unpkg:
+
+```html
+<!-- use a specific version -->
+<script type="module">
+  import * as hpke from "https://unpkg.com/@hpke/[email protected]/esm/mod.js";
+  import { KemId, KdfId, AeadId, CipherSuite} from "https://unpkg.com/@hpke/[email protected]/esm/mod.js";
+  // ...
+</script>
+```
+
+### Node.js
+
+Using npm:
+
+```sh
+npm install @hpke/core
+```
+
+Using yarn:
+
+```sh
+yarn add @hpke/core
+```
+
+### Deno
+
+Using deno.land:
+
+```js
+// use a specific version
+import * as hpke from "https://deno.land/x/[email protected]/core/mod.ts";
+
+// use the latest stable version
+import * as hpke from "https://deno.land/x/hpke/core/mod.ts";
+```
+
+### Cloudflare Workers
+
+```sh
+git clone [email protected]:dajiaji/hpke-js.git
+cd hpke-js/core
+npm install -g esbuild
+deno task dnt
+deno task minify > $YOUR_SRC_PATH/hpke-core.js
+```
+
+## Usage
+
+This section shows some typical usage examples.
+
+### Browsers
+
+```html
+<html>
+  <head></head>
+  <body>
+    <script type="module">
+      // import * as hpke from "https://esm.sh/[email protected]";
+      import { KemId, KdfId, AeadId, CipherSuite } from "https://esm.sh/@hpke/[email protected]";
+
+      globalThis.doHpke = async () => {
+
+        const suite = new CipherSuite({
+          kem: KemId.DhkemP256HkdfSha256,
+          kdf: KdfId.HkdfSha256,
+          aead: AeadId.Aes128Gcm
+        });
+ 
+        const rkp = await suite.generateKeyPair();
+      
+        const sender = await suite.createSenderContext({
+          recipientPublicKey: rkp.publicKey
+        });
+
+        const recipient = await suite.createRecipientContext({
+          recipientKey: rkp.privateKey, // rkp (CryptoKeyPair) is also acceptable.
+          enc: sender.enc,
+        });
+
+        // encrypt
+        const ct = await sender.seal(new TextEncoder().encode("hello world!"));
+      
+        // decrypt
+        try {
+          const pt = await recipient.open(ct);
+
+          // hello world!
+          alert(new TextDecoder().decode(pt));
+        } catch (err) {
+          alert("failed to decrypt.");
+        }
+      }
+      
+    </script>
+    <button type="button" onclick="doHpke()">do HPKE</button>
+  </body>
+</html>
+```
+
+### Node.js
+
+```js
+import { AeadId, CipherSuite, KdfId, KemId } from "@hpke/core";
+// const { KemId, KdfId, AeadId, CipherSuite } = require("@hpke/core");
+
+async function doHpke() {
+  // setup
+  const suite = new CipherSuite({
+    kem: KemId.DhkemP256HkdfSha256,
+    kdf: KdfId.HkdfSha256,
+    aead: AeadId.Aes128Gcm,
+  });
+
+  const rkp = await suite.generateKeyPair();
+
+  const sender = await suite.createSenderContext({
+    recipientPublicKey: rkp.publicKey,
+  });
+
+  const recipient = await suite.createRecipientContext({
+    recipientKey: rkp.privateKey,
+    enc: sender.enc,
+  });
+
+  // encrypt
+  const ct = await sender.seal(new TextEncoder().encode("my-secret-message"));
+
+  // decrypt
+  try {
+    const pt = await recipient.open(ct);
+
+    console.log("decrypted: ", new TextDecoder().decode(pt));
+    // decrypted: my-secret-message
+  } catch (err) {
+    console.log("failed to decrypt.");
+  }
+}
+
+doHpke();
+```
+
+### Deno
+
+```js
+import { KdfId, AeadId, CipherSuite } from "https://deno.land/x/[email protected]/core/mod.ts";
+
+async function doHpke() {
+  // setup
+  const suite = new CipherSuite({
+    kem: KemId.DhkemP256HkdfSha256,
+    kdf: KdfId.HkdfSha256,
+    aead: AeadId.Aes128Gcm,
+  });
+
+  const rkp = await suite.generateKeyPair();
+
+  const sender = await suite.createSenderContext({
+    recipientPublicKey: rkp.publicKey,
+  });
+
+  const recipient = await suite.createRecipientContext({
+    recipientKey: rkp.privateKey,
+    enc: sender.enc,
+  });
+
+  // encrypt
+  const ct = await sender.seal(new TextEncoder().encode("my-secret-message"));
+
+  try {
+    // decrypt
+    const pt = await recipient.open(ct);
+
+    console.log("decrypted: ", new TextDecoder().decode(pt));
+    // decrypted: my-secret-message
+  } catch (_err: unknown) {
+    console.log("failed to decrypt.");
+  }
+}
+
+doHpke();
+```
+
+## Contributing
+
+We welcome all kind of contributions, filing issues, suggesting new features or
+sending PRs.

samples/browser/index.html

@@ -2,33 +2,31 @@
   <head></head>
   <body>
     <script type="module">
-      // import * as hpke from "https://esm.sh/hpke-js";
-      import { Kem, Kdf, Aead, CipherSuite } from "https://esm.sh/hpke-js";
+      // import { KemId, KdfId, AeadId, CipherSuite } from "https://esm.sh/hpke-js";
+      import { KemId, KdfId, AeadId, CipherSuite } from "https://esm.sh/@hpke/core";
 
       globalThis.doHpke = async () => {
 
         const suite = new CipherSuite({
-          kem: Kem.DhkemP256HkdfSha256,
-          kdf: Kdf.HkdfSha256,
-          aead: Aead.Aes128Gcm
+          kem: KemId.DhkemP256HkdfSha256,
+          kdf: KdfId.HkdfSha256,
+          aead: AeadId.Aes128Gcm
         });
 
         const rkp = await suite.generateKeyPair();
 
+        // A sender encrypts a message.
         const sender = await suite.createSenderContext({
           recipientPublicKey: rkp.publicKey
         });
+        const ct = await sender.seal(new TextEncoder().encode("hello world!"));
 
+        // A recipient decripts it.
         const recipient = await suite.createRecipientContext({
-          recipientKey: rkp,
+          recipientKey: rkp.secretKey,
           enc: sender.enc,
         });
-
-        // encrypt
-        const ct = await sender.seal(new TextEncoder().encode("hello world!"));
-
         try {
-          // decrypt
           const pt = await recipient.open(ct);
 
           // hello world!