diff --git a/x/dhkem-secp256k1/README.md b/x/dhkem-secp256k1/README.md
index 836c1c739..0f37b6459 100644
--- a/x/dhkem-secp256k1/README.md
+++ b/x/dhkem-secp256k1/README.md
@@ -1,7 +1,7 @@
@hpke/dhkem-secp256k1
-A TypeScript
Hybrid Public Key Encryption (HPKE) module extension for DH-KEM with secp256k1 curve, which is implemented by using [@noble/curves/secp256k1](https://github.com/paulmillr/noble-curves). Note that the extension is EXPERIMENTAL and NOT STANDARDIZED.
diff --git a/x/dhkem-secp256k1/src/dhkem-secp256k1.ts b/x/dhkem-secp256k1/src/dhkem-secp256k1.ts
index b9d565566..6863aa7a2 100644
--- a/x/dhkem-secp256k1/src/dhkem-secp256k1.ts
+++ b/x/dhkem-secp256k1/src/dhkem-secp256k1.ts
@@ -131,11 +131,28 @@ class Secp256k1 extends Algorithm implements KemPrimitives {
}
}
+/**
+ * The class of the DH-KEM with secp256k1 curve.
+ *
+ * The public keys are assumed to be compressed.
+ * Note that it is experimental and not standardized.
+ *
+ * The instance of this class can be specified to the CipherSuiteParams as follows:
+ *
+ * @example
+ * import { KdfId, AeadId, CipherSuite } from "http://deno.land/x/hpke/mod.ts";
+ * import { DhkemSecp256k1HkdfSha256} from "https://deno.land/x/hpke/x/dhkem-secp256k1/mod.ts";
+ * const suite = new CipherSuite({
+ * kem: new DhkemSecp256k1HkdfSha256(),
+ * kdf: KdfId.HkdfSha256,
+ * aead: AeadId.Aes128Gcm,
+ * });
+ */
export class DhkemSecp256k1HkdfSha256 extends Dhkem implements KemInterface {
- public readonly id: KemId = KemId.DhkemSecp256K1HkdfSha256;
+ public readonly id: KemId = KemId.DhkemSecp256k1HkdfSha256;
public readonly secretSize: number = 32;
- public readonly encSize: number = 65;
- public readonly publicKeySize: number = 65;
+ public readonly encSize: number = 33;
+ public readonly publicKeySize: number = 33;
public readonly privateKeySize: number = 32;
constructor() {
diff --git a/x/dhkem-secp256k1/test/dhkem-secp256k1.test.ts b/x/dhkem-secp256k1/test/dhkem-secp256k1.test.ts
index 583e5a3cd..8f300121b 100644
--- a/x/dhkem-secp256k1/test/dhkem-secp256k1.test.ts
+++ b/x/dhkem-secp256k1/test/dhkem-secp256k1.test.ts
@@ -59,7 +59,7 @@ async function loadSubtleCrypto(): Promise {
}
}
-describe("DhkemP256k1Hkdf256", () => {
+describe("DhkemSecp256k1Hkdf256", () => {
describe("with valid parameters", () => {
it("should have a correct KEM object", async () => {
const api = await loadSubtleCrypto();
@@ -70,8 +70,8 @@ describe("DhkemP256k1Hkdf256", () => {
assertEquals(typeof dhkemSecp256k1, "object");
assertEquals(dhkemSecp256k1.id, KemId.DhkemSecp256K1HkdfSha256);
assertEquals(dhkemSecp256k1.secretSize, 32);
- assertEquals(dhkemSecp256k1.encSize, 65);
- assertEquals(dhkemSecp256k1.publicKeySize, 65);
+ assertEquals(dhkemSecp256k1.encSize, 33);
+ assertEquals(dhkemSecp256k1.publicKeySize, 33);
assertEquals(dhkemSecp256k1.privateKeySize, 32);
});
});
@@ -230,8 +230,8 @@ describe("CipherSuite", () => {
});
const kem = await suite.kemContext();
assertEquals(kem.secretSize, 32);
- assertEquals(kem.encSize, 65);
- assertEquals(kem.publicKeySize, 65);
+ assertEquals(kem.encSize, 33);
+ assertEquals(kem.publicKeySize, 33);
assertEquals(kem.privateKeySize, 32);
// assert
@@ -247,8 +247,9 @@ describe("CipherSuite", () => {
describe("A README example of Base mode (DhkemSecp256k1HkdfSha256/KdfId.HkdfSha256)", () => {
it("should work normally", async () => {
// setup
+ const kemInstance = new DhkemSecp256k1HkdfSha256();
const suite = new CipherSuite({
- kem: new DhkemSecp256k1HkdfSha256(),
+ kem: kemInstance,
kdf: KdfId.HkdfSha256,
aead: AeadId.Aes128Gcm,
});
@@ -263,6 +264,8 @@ describe("CipherSuite", () => {
recipientKey: rkp,
enc: sender.enc,
});
+ assertEquals(sender.enc.byteLength, kemInstance.encSize);
+ assertEquals(sender.enc.byteLength, kemInstance.publicKeySize);
// encrypt
const ct = await sender.seal(