diff --git a/core/src/native.ts b/core/src/native.ts index ace58424d..7432f3130 100644 --- a/core/src/native.ts +++ b/core/src/native.ts @@ -20,9 +20,9 @@ import { * which supports only the ciphersuites that can be implemented on the native * {@link https://www.w3.org/TR/WebCryptoAPI/ | Web Cryptography API}. * Therefore, the following cryptographic algorithms are not supported for now: - * - DHKEM(X25519, HKDF-SHA256) - * - DHKEM(X448, HKDF-SHA512) - * - ChaCha20Poly1305 + * - `DHKEM(X25519, HKDF-SHA256)` + * - `DHKEM(X448, HKDF-SHA512)` + * - `ChaCha20Poly1305` * * In addtion, the HKDF functions contained in this `CipherSuiteNative` * class can only derive keys of the same length as the `hashSize`. @@ -34,11 +34,11 @@ import { * This class provides following functions: * * - Creates encryption contexts both for senders and recipients. - * - {@link createSenderContext} - * - {@link createRecipientContext} + * - {@link createSenderContext} + * - {@link createRecipientContext} * - Provides single-shot encryption API. - * - {@link seal} - * - {@link open} + * - {@link seal} + * - {@link open} * * The calling of the constructor of this class is the starting * point for HPKE operations for both senders and recipients. @@ -74,9 +74,167 @@ import { */ export class CipherSuite extends CipherSuiteNative {} +/** + * The DHKEM(P-256, HKDF-SHA256) for HPKE KEM implementing {@link KemInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `kem` parameter of {@link CipherSuiteParams} instead of `KemId.DhkemP256HkdfSha256` + * as follows: + * + * @example + * + * ```ts + * import { + * Aes128Gcm, + * CipherSuite, + * DhkemP256HkdfSha256, + * HkdfSha256, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP256HkdfSha256(), + * kdf: new HkdfSha256(), + * aead: new Aes128Gcm(), + * }); + * ``` + */ export class DhkemP256HkdfSha256 extends DhkemP256HkdfSha256Native {} + +/** + * The DHKEM(P-384, HKDF-SHA384) for HPKE KEM implementing {@link KemInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `kem` parameter of {@link CipherSuiteParams} instead of `KemId.DhkemP384HkdfSha384` + * as follows: + * + * @example + * + * ```ts + * import { + * Aes128Gcm, + * CipherSuite, + * DhkemP384HkdfSha384, + * HkdfSha384, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP384HkdfSha384(), + * kdf: new HkdfSha384(), + * aead: new Aes128Gcm(), + * }); + * ``` + */ export class DhkemP384HkdfSha384 extends DhkemP384HkdfSha384Native {} + +/** + * The DHKEM(P-521, HKDF-SHA512) for HPKE KEM implementing {@link KemInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `kem` parameter of {@link CipherSuiteParams} instead of `KemId.DhkemP521HkdfSha512` + * as follows: + * + * @example + * + * ```ts + * import { + * Aes256Gcm, + * CipherSuite, + * DhkemP521HkdfSha512, + * HkdfSha512, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP521HkdfSha512(), + * kdf: new HkdfSha512(), + * aead: new Aes256Gcm(), + * }); + * ``` + */ export class DhkemP521HkdfSha512 extends DhkemP521HkdfSha512Native {} + +/** + * The HKDF-SHA256 for HPKE KDF implementing {@link KdfInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `kem` parameter of {@link CipherSuiteParams} instead of `KdfId.HkdfSha256`. + * + * The KDF class can only derive keys of the same length as the `hashSize`. + * If you want to derive keys longer than the `hashSize`, + * please use {@link https://deno.land/x/hpke/mod.ts?s=CipherSuite | hpke-js#CipherSuite}. + * + * @example + * + * ```ts + * import { + * Aes128Gcm, + * CipherSuite, + * DhkemP256HkdfSha256, + * HkdfSha256, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP256HkdfSha256(), + * kdf: new HkdfSha256(), + * aead: new Aes128Gcm(), + * }); + * ``` + */ export class HkdfSha256 extends HkdfSha256Native {} + +/** + * The HKDF-SHA384 for HPKE KDF implementing {@link KdfInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `kem` parameter of {@link CipherSuiteParams} instead of `KdfId.HkdfSha384`. + * + * The KDF class can only derive keys of the same length as the `hashSize`. + * If you want to derive keys longer than the `hashSize`, + * please use {@link https://deno.land/x/hpke/mod.ts?s=CipherSuite | hpke-js#CipherSuite}. + * + * @example + * + * ```ts + * import { + * Aes128Gcm, + * CipherSuite, + * DhkemP384HkdfSha384, + * HkdfSha384, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP384HkdfSha384(), + * kdf: new HkdfSha384(), + * aead: new Aes128Gcm(), + * }); + * ``` + */ export class HkdfSha384 extends HkdfSha384Native {} + +/** + * The HKDF-SHA512 for HPKE KDF implementing {@link KdfInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `kem` parameter of {@link CipherSuiteParams} instead of `KdfId.HkdfSha512`. + * + * The KDF class can only derive keys of the same length as the `hashSize`. + * If you want to derive keys longer than the `hashSize`, + * please use {@link https://deno.land/x/hpke/mod.ts?s=CipherSuite | hpke-js#CipherSuite}. + * + * @example + * + * ```ts + * import { + * Aes256Gcm, + * CipherSuite, + * DhkemP521HkdfSha512, + * HkdfSha512, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP521HkdfSha512(), + * kdf: new HkdfSha512(), + * aead: new Aes256Gcm(), + * }); + * ``` + */ export class HkdfSha512 extends HkdfSha512Native {} diff --git a/src/aeads/aesGcm.ts b/src/aeads/aesGcm.ts index 30212b65f..74353e5e4 100644 --- a/src/aeads/aesGcm.ts +++ b/src/aeads/aesGcm.ts @@ -75,10 +75,37 @@ export class AesGcmContext extends NativeAlgorithm } } +/** + * The AES-128-GCM for HPKE AEAD implementing {@link AeadInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `aead` parameter of {@link CipherSuiteParams} instead of `AeadId.Aes128Gcm`. + * + * @example + * + * ```ts + * import { + * Aes128Gcm, + * CipherSuite, + * DhkemP256HkdfSha256, + * HkdfSha256, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP256HkdfSha256(), + * kdf: new HkdfSha256(), + * aead: new Aes128Gcm(), + * }); + * ``` + */ export class Aes128Gcm implements AeadInterface { + /** AeadId.Aes128Gcm (0x0001) */ public readonly id: AeadId = AeadId.Aes128Gcm; + /** 16 */ public readonly keySize: number = 16; + /** 12 */ public readonly nonceSize: number = 12; + /** 16 */ public readonly tagSize: number = 16; public createEncryptionContext(key: ArrayBuffer): AeadEncryptionContext { @@ -86,9 +113,37 @@ export class Aes128Gcm implements AeadInterface { } } +/** + * The AES-256-GCM for HPKE AEAD implementing {@link AeadInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `aead` parameter of {@link CipherSuiteParams} instead of `AeadId.Aes256Gcm` + * as follows: + * + * @example + * + * ```ts + * import { + * Aes256Gcm, + * CipherSuite, + * DhkemP256HkdfSha256, + * HkdfSha256, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP256HkdfSha256(), + * kdf: new HkdfSha256(), + * aead: new Aes256Gcm(), + * }); + * ``` + */ export class Aes256Gcm extends Aes128Gcm { + /** AeadId.Aes256Gcm (0x0002) */ public readonly id: AeadId = AeadId.Aes256Gcm; + /** 32 */ public readonly keySize: number = 32; + /** 12 */ public readonly nonceSize: number = 12; + /** 16 */ public readonly tagSize: number = 16; } diff --git a/src/aeads/chacha20Poly1305.ts b/src/aeads/chacha20Poly1305.ts index 29d29a2c7..e19d959b5 100644 --- a/src/aeads/chacha20Poly1305.ts +++ b/src/aeads/chacha20Poly1305.ts @@ -61,30 +61,42 @@ export class Chacha20Poly1305Context implements AeadEncryptionContext { } /** - * The ChaCha20Poly1305 AEAD. + * The ChaCha20Poly1305 for HPKE AEAD implementing {@link AeadInterface}. * - * This class is implemented using - * {@link https://github.com/paulmillr/noble-ciphers | @noble/ciphers}. - * - * The instance of this class can be specified to the - * {@link https://deno.land/x/hpke/core/mod.ts?s=CipherSuiteParams | CipherSuiteParams} as follows: + * When using `@hpke/core`, the instance of this class can be specified + * to the `aead` parameter of {@link CipherSuiteParams} instead of `AeadId.Chacha20Poly1305` + * as follows: * * @example * * ```ts - * import { CipherSuite, DhkemP256HkdfSha256, HkdfSha256 } from "http://deno.land/x/hpke/core/mod.ts"; - * import { Chacha20Poly1305 } from "https://deno.land/x/hpke/x/chach20poly1305/mod.ts"; + * import { + * CipherSuite, + * DhkemP256HkdfSha256, + * HkdfSha256, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * import { + * Chacha20Poly1305, + * } from "https://deno.land/x/hpke/x/chach20poly1305/mod.ts"; + * * const suite = new CipherSuite({ * kem: new DhkemP256HkdfSha256(), * kdf: new HkdfSha256(), * aead: new Chacha20Poly1305(), * }); * ``` + * + * This class is implemented using + * {@link https://github.com/paulmillr/noble-ciphers | @noble/ciphers}. */ export class Chacha20Poly1305 implements AeadInterface { + /** AeadId.Chacha20Poly1305 (0x0003) */ public readonly id: AeadId = AeadId.Chacha20Poly1305; + /** 32 */ public readonly keySize: number = 32; + /** 12 */ public readonly nonceSize: number = 12; + /** 16 */ public readonly tagSize: number = 16; public createEncryptionContext(key: ArrayBuffer): AeadEncryptionContext { diff --git a/src/aeads/exportOnly.ts b/src/aeads/exportOnly.ts index 72e75f0ea..51679cca5 100644 --- a/src/aeads/exportOnly.ts +++ b/src/aeads/exportOnly.ts @@ -5,6 +5,30 @@ import { AeadId } from "../identifiers.ts"; import { NotSupportedError } from "../errors.ts"; +/** + * The ExportOnly mode for HPKE AEAD implementing {@link AeadInterface}. + * + * When using `@hpke/core`, the instance of this class must be specified + * to the `aead` parameter of {@link CipherSuiteParams} instead of `AeadId.ExportOnly` + * as follows: + * + * @example + * + * ```ts + * import { + * CipherSuite, + * DhkemP256HkdfSha256, + * ExportOnly, + * HkdfSha256, + * } from "http://deno.land/x/hpke/core/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemP256HkdfSha256(), + * kdf: new HkdfSha256(), + * aead: new ExportOnly(), + * }); + * ``` + */ export class ExportOnly implements AeadInterface { public readonly id: AeadId = AeadId.ExportOnly; public readonly keySize: number = 0; diff --git a/src/cipherSuite.ts b/src/cipherSuite.ts index 0539d6372..dc1002f64 100644 --- a/src/cipherSuite.ts +++ b/src/cipherSuite.ts @@ -22,7 +22,6 @@ import { CipherSuiteNative } from "./cipherSuiteNative.ts"; * {@link https://datatracker.ietf.org/doc/html/rfc9180 | RFC9180}. * * The class consists of the {@link https://deno.land/x/hpke/core/mod.ts | @hpke/core}, - * {@link https://deno.land/x/hpke/core/mod.ts | @hpke/core}, * {@link https://deno.land/x/hpke/x/chacha20Poly1305/mod.ts | @hpke/chcha20poly1305}, * {@link https://deno.land/x/hpke/x/dhkem-x25519/mod.ts | @hpke/dhkem-x25519} and * {@link https://deno.land/x/hpke/x/dhkem-x448/mod.ts | @hpke/dhkem-x448} internally. @@ -33,11 +32,11 @@ import { CipherSuiteNative } from "./cipherSuiteNative.ts"; * - [DEPRECATED] Derives a key pair for the cipher suite. * - [DEPRECATED] Imports and converts a key to a CryptoKey. * - Creates encryption contexts both for senders and recipients. - * - {@link createSenderContext} - * - {@link createRecipientContext} + * - {@link createSenderContext} + * - {@link createRecipientContext} * - Provides single-shot encryption API. - * - {@link seal} - * - {@link open} + * - {@link seal} + * - {@link open} * * The calling of the constructor of this class is the starting * point for HPKE operations for both senders and recipients. diff --git a/src/kdfs/hkdf.ts b/src/kdfs/hkdf.ts index 1ad2025e8..cb38a49bc 100644 --- a/src/kdfs/hkdf.ts +++ b/src/kdfs/hkdf.ts @@ -181,8 +181,11 @@ export class HkdfNative extends NativeAlgorithm implements KdfInterface { } export class HkdfSha256Native extends HkdfNative { + /** KdfId.HkdfSha256 (0x0001) */ public readonly id: KdfId = KdfId.HkdfSha256; + /** 32 */ public readonly hashSize: number = 32; + /** The parameters for Web Cryptography API */ protected readonly algHash: HmacKeyGenParams = { name: "HMAC", hash: "SHA-256", @@ -191,8 +194,11 @@ export class HkdfSha256Native extends HkdfNative { } export class HkdfSha384Native extends HkdfNative { + /** KdfId.HkdfSha384 (0x0002) */ public readonly id: KdfId = KdfId.HkdfSha384; + /** 48 */ public readonly hashSize: number = 48; + /** The parameters for Web Cryptography API */ protected readonly algHash: HmacKeyGenParams = { name: "HMAC", hash: "SHA-384", @@ -201,8 +207,11 @@ export class HkdfSha384Native extends HkdfNative { } export class HkdfSha512Native extends HkdfNative { + /** KdfId.HkdfSha512 (0x0003) */ public readonly id: KdfId = KdfId.HkdfSha512; + /** 64 */ public readonly hashSize: number = 64; + /** The parameters for Web Cryptography API */ protected readonly algHash: HmacKeyGenParams = { name: "HMAC", hash: "SHA-512", diff --git a/src/kems/dhkemSecp256k1.ts b/src/kems/dhkemSecp256k1.ts index 3ae6a31d9..eef3bc931 100644 --- a/src/kems/dhkemSecp256k1.ts +++ b/src/kems/dhkemSecp256k1.ts @@ -4,7 +4,7 @@ import { Dhkem } from "./dhkem.ts"; import { Secp256k1 } from "./dhkemPrimitives/secp256k1.ts"; /** - * The DHKEM(secp256k1, HKDF-SHA256). + * The DHKEM(secp256k1, HKDF-SHA256) for HPKE KEM implementing {@link KemInterface}. * * This class is implemented using * {@link https://github.com/paulmillr/noble-curves | @noble/curves}. @@ -14,11 +14,12 @@ import { Secp256k1 } from "./dhkemPrimitives/secp256k1.ts"; * The instance of this class can be specified to the * {@link https://deno.land/x/hpke/core/mod.ts?s=CipherSuiteParams | CipherSuiteParams} as follows: * - * @example + * @example Use with `hpke-js` (`https://deno.land/x/hpke/mod.ts`). * * ```ts - * import { KdfId, AeadId, CipherSuite } from "http://deno.land/x/hpke/core/mod.ts"; - * import { DhkemSecp256k1HkdfSha256} from "https://deno.land/x/hpke/x/dhkem-secp256k1/mod.ts"; + * import { AeadId, CipherSuite, KdfId } from "https://deno.land/x/hpke/mod.ts"; + * import { DhkemSecp256k1HkdfSha256 } from "https://deno.land/x/hpke/x/dhkem-secp256k1/mod.ts"; + * * const suite = new CipherSuite({ * kem: new DhkemSecp256k1HkdfSha256(), * kdf: KdfId.HkdfSha256, @@ -26,13 +27,38 @@ import { Secp256k1 } from "./dhkemPrimitives/secp256k1.ts"; * }); * ``` * + * When using `hpke-js` (`https://deno.land/x/hpke/mod.ts`), `KemId.DhkemSecp256k1HkdfSha256` + * cannot be used as well. So you need to specify the instance of this class as follows: + * + * @example Use with `@hpke/core` (`https://deno.land/x/hpke/core/mod.ts`). + * + * ```ts + * import { + * Aes128Gcm, + * CipherSuite, + * HkdfSha256, + * } from "https://deno.land/x/hpke/core/mod.ts"; + * import { DhkemSecp256k1HkdfSha256 } from "https://deno.land/x/hpke/x/dhkem-secp256k1/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemSecp256k1HkdfSha256(), + * kdf: new HkdfSha256(), + * aead: new Aes128Gcm(), + * }); + * ``` + * * @experimental Note that it is experimental and not standardized. */ export class DhkemSecp256k1HkdfSha256 extends Dhkem { + /** KemId.DhkemSecp256k1HkdfSha256 (0x0013) EXPERIMENTAL */ public readonly id: KemId = KemId.DhkemSecp256k1HkdfSha256; + /** 32 */ public readonly secretSize: number = 32; + /** 33 */ public readonly encSize: number = 33; + /** 33 */ public readonly publicKeySize: number = 33; + /** 32 */ public readonly privateKeySize: number = 32; constructor() { diff --git a/src/kems/dhkemX25519.ts b/src/kems/dhkemX25519.ts index 380e5a641..fc6564a29 100644 --- a/src/kems/dhkemX25519.ts +++ b/src/kems/dhkemX25519.ts @@ -4,7 +4,7 @@ import { Dhkem } from "./dhkem.ts"; import { X25519 } from "./dhkemPrimitives/x25519.ts"; /** - * The DHKEM(X25519, HKDF-SHA256). + * The DHKEM(X25519, HKDF-SHA256) for HPKE KEM implementing {@link KemInterface}. * * This class is implemented using * {@link https://github.com/paulmillr/noble-curves | @noble/curves}. @@ -12,22 +12,48 @@ import { X25519 } from "./dhkemPrimitives/x25519.ts"; * The instance of this class can be specified to the * {@link https://deno.land/x/hpke/core/mod.ts?s=CipherSuiteParams | CipherSuiteParams} as follows: * - * @example + * @example Use with `@hpke/core` (`https://deno.land/x/hpke/core/mod.ts`). + * * ```ts - * import { KdfId, AeadId, CipherSuite } from "http://deno.land/x/hpke/core/mod.ts"; + * import { + * Aes128Gcm, + * CipherSuite, + * HkdfSha256, + * } from "https://deno.land/x/hpke/core/mod.ts"; * import { DhkemX25519HkdfSha256 } from "https://deno.land/x/hpke/x/dhkem-x25519/mod.ts"; + * * const suite = new CipherSuite({ * kem: new DhkemX25519HkdfSha256(), + * kdf: new HkdfSha256(), + * aead: new Aes128Gcm(), + * }); + * ``` + * + * When using `hpke-js` (`https://deno.land/x/hpke/mod.ts`), `KemId.DhkemX25519HkdfSha256` + * can be used. You don't need to use this class. + * + * @example + * + * ```ts + * import { AeadId, CipherSuite, KdfId, KemId } from "https://deno.land/x/hpke/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: KemId.DhkemX25519HkdfSha256, * kdf: KdfId.HkdfSha256, * aead: AeadId.Aes128Gcm, * }); * ``` */ export class DhkemX25519HkdfSha256 extends Dhkem { + /** KemId.DhkemX25519HkdfSha256 (0x0020) */ public readonly id: KemId = KemId.DhkemX25519HkdfSha256; + /** 32 */ public readonly secretSize: number = 32; + /** 32 */ public readonly encSize: number = 32; + /** 32 */ public readonly publicKeySize: number = 32; + /** 32 */ public readonly privateKeySize: number = 32; constructor() { diff --git a/src/kems/dhkemX448.ts b/src/kems/dhkemX448.ts index 3e67719ae..e631c9adf 100644 --- a/src/kems/dhkemX448.ts +++ b/src/kems/dhkemX448.ts @@ -4,7 +4,7 @@ import { Dhkem } from "./dhkem.ts"; import { X448 } from "./dhkemPrimitives/x448.ts"; /** - * The DHKEM(X448, HKDF-SHA512). + * The DHKEM(X448, HKDF-SHA512) for HPKE KEM implementing {@link KemInterface}. * * This class is implemented using * {@link https://github.com/paulmillr/noble-curves | @noble/curves}. @@ -12,22 +12,46 @@ import { X448 } from "./dhkemPrimitives/x448.ts"; * The instance of this class can be specified to the * {@link https://deno.land/x/hpke/core/mod.ts?s=CipherSuiteParams | CipherSuiteParams} as follows: * - * @example + * @example Use with `hpke-js` (`https://deno.land/x/hpke/mod.ts`). + * * ```ts - * import { KdfId, AeadId, CipherSuite } from "http://deno.land/x/hpke/core/mod.ts"; + * import { CipherSuite, AeadId, KdfId } from "https://deno.land/x/hpke/mod.ts"; * import { DhkemX448HkdfSha512 } from "https://deno.land/x/hpke/x/dhkem-x448/mod.ts"; + * * const suite = new CipherSuite({ * kem: new DhkemX448HkdfSha512(), * kdf: KdfId.HkdfSha512, - * aead: AeadId.Aes128Gcm, + * aead: AeadId.Aes256Gcm, + * }); + * ``` + * + * @example Use with `@hpke/core` (`https://deno.land/x/hpke/core/mod.ts`). + * + * ```ts + * import { + * Aes256Gcm, + * CipherSuite, + * HkdfSha512, + * } from "https://deno.land/x/hpke/core/mod.ts"; + * import { DhkemX448HkdfSha512 } from "https://deno.land/x/hpke/x/dhkem-x448/mod.ts"; + * + * const suite = new CipherSuite({ + * kem: new DhkemX448HkdfSha512(), + * kdf: new HkdfSha512(), + * aead: new Aes256Gcm(), * }); * ``` */ export class DhkemX448HkdfSha512 extends Dhkem { + /** KemId.DhkemX448HkdfSha512 (0x0021) */ public readonly id: KemId = KemId.DhkemX448HkdfSha512; + /** 64 */ public readonly secretSize: number = 64; + /** 56 */ public readonly encSize: number = 56; + /** 56 */ public readonly publicKeySize: number = 56; + /** 56 */ public readonly privateKeySize: number = 56; constructor() {