dajiaji · dajiaji · Aug 4, 2023 · Jul 29, 2023
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -42,6 +42,11 @@ jobs:
         run: |
           deno fmt --check
           deno task test
+      - name: Run deno test for /x/chacha20poly1305
+        working-directory: ./x/chacha20poly1305
+        run: |
+          deno fmt --check
+          deno task test
       - name: Run deno test for /x/dhkem-secp256k1
         working-directory: ./x/dhkem-secp256k1
         run: |

diff --git a/.github/workflows/ci_browser.yml b/.github/workflows/ci_browser.yml
@@ -30,6 +30,8 @@ jobs:
           cp -rf x/dhkem-x25519/test/runtimes/browsers/pages/* test/runtimes/browsers/pages/dhkem-x25519
           mkdir test/runtimes/browsers/pages/dhkem-x448
           cp -rf x/dhkem-x448/test/runtimes/browsers/pages/* test/runtimes/browsers/pages/dhkem-x448
+          mkdir test/runtimes/browsers/pages/chacha20poly1305
+          cp -rf x/chacha20poly1305/test/runtimes/browsers/pages/* test/runtimes/browsers/pages/chacha20poly1305
           mkdir test/runtimes/browsers/pages/dhkem-secp256k1
           cp -rf x/dhkem-secp256k1/test/runtimes/browsers/pages/* test/runtimes/browsers/pages/dhkem-secp256k1
       - working-directory: ./core
@@ -38,6 +40,7 @@ jobs:
           deno task minify > ../test/runtimes/browsers/pages/core/src/hpke-core.js
           deno task minify > ../test/runtimes/browsers/pages/dhkem-x25519/src/hpke-core.js
           deno task minify > ../test/runtimes/browsers/pages/dhkem-x448/src/hpke-core.js
+          deno task minify > ../test/runtimes/browsers/pages/chacha20poly1305/src/hpke-core.js
           deno task minify > ../test/runtimes/browsers/pages/dhkem-secp256k1/src/hpke-core.js
       - working-directory: ./x/dhkem-x25519
         run: |
@@ -47,6 +50,10 @@ jobs:
         run: |
           deno task dnt
           deno task minify > ../../test/runtimes/browsers/pages/dhkem-x448/src/hpke-dhkem-x448.js
+      - working-directory: ./x/chacha20poly1305
+        run: |
+          deno task dnt
+          deno task minify > ../../test/runtimes/browsers/pages/chacha20poly1305/src/hpke-chacha20poly1305.js
       - working-directory: ./x/dhkem-secp256k1
         run: |
           deno task dnt
@@ -74,5 +81,7 @@ jobs:
         run: npm install && npx playwright install && npx playwright test
       - working-directory: ./x/dhkem-x448/test/runtimes/browsers
         run: npm install && npx playwright install && npx playwright test
+      - working-directory: ./x/chacha20poly1305/test/runtimes/browsers
+        run: npm install && npx playwright install && npx playwright test
       - working-directory: ./x/dhkem-secp256k1/test/runtimes/browsers
         run: npm install && npx playwright install && npx playwright test
diff --git a/.github/workflows/ci_bun.yml b/.github/workflows/ci_bun.yml
@@ -44,6 +44,7 @@ jobs:
           deno task minify > test/runtimes/hpke-core.js
           deno task minify > ../x/dhkem-x25519/test/runtimes/hpke-core.js
           deno task minify > ../x/dhkem-x448/test/runtimes/hpke-core.js
+          deno task minify > ../x/chacha20poly1305/test/runtimes/hpke-core.js
           deno task minify > ../x/dhkem-secp256k1/test/runtimes/hpke-core.js
       - name: Run test for core
         working-directory: ./core/test/runtimes/bun
@@ -71,6 +72,16 @@ jobs:
           nohup bun src/index.js &
           sleep 3
           deno test dhkem-x448.spec.ts --allow-net
+      - working-directory: ./x/chacha20poly1305
+        run: |
+          deno task dnt
+          deno task minify > test/runtimes/hpke-chacha20poly1305.js
+      - name: Run test for chacha20poly1305
+        working-directory: ./x/chacha20poly1305/test/runtimes/bun
+        run: |
+          nohup bun src/index.js &
+          sleep 3
+          deno test chacha20poly1305.spec.ts --allow-net
       - working-directory: ./x/dhkem-secp256k1/
         run: |
           deno task dnt

diff --git a/.github/workflows/ci_cloudflare.yml b/.github/workflows/ci_cloudflare.yml
@@ -37,6 +37,7 @@ jobs:
           deno task minify > test/runtimes/hpke-core.js
           deno task minify > ../x/dhkem-x25519/test/runtimes/hpke-core.js
           deno task minify > ../x/dhkem-x448/test/runtimes/hpke-core.js
+          deno task minify > ../x/chacha20poly1305/test/runtimes/hpke-core.js
           deno task minify > ../x/dhkem-secp256k1/test/runtimes/hpke-core.js
       - name: Run test for core
         working-directory: ./core/test/runtimes/cloudflare
@@ -67,6 +68,17 @@ jobs:
           nohup npm start &
           sleep 3
           deno test dhkem-x448.spec.ts --allow-net
+      - working-directory: ./x/chacha20poly1305
+        run: |
+          deno task dnt
+          deno task minify > test/runtimes/hpke-chacha20poly1305.js
+      - name: Run test for chacha20poly1305
+        working-directory: ./x/chacha20poly1305/test/runtimes/cloudflare
+        run: |
+          npm install
+          nohup npm start &
+          sleep 3
+          deno test chacha20poly1305.spec.ts --allow-net
       - working-directory: ./x/dhkem-secp256k1
         run: |
           deno task dnt

diff --git a/.github/workflows/ci_node.yml b/.github/workflows/ci_node.yml
@@ -42,6 +42,11 @@ jobs:
         run: |
           deno task dnt
           deno task minify > ./npm/hpke-dhkem-x448.min.js
+      - name: Run dnt & minify for /x/chacha20poly1305
+        working-directory: ./x/chacha20poly1305
+        run: |
+          deno task dnt
+          deno task minify > ./npm/hpke-chacha20poly1305.min.js
       - name: Run dnt & minify for /x/dhkem-secp256k1
         working-directory: ./x/dhkem-secp256k1
         run: |

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -92,6 +92,28 @@ jobs:
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
 
+  publish-chacha20poly1305:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          registry-url: https://registry.npmjs.org/
+      - uses: denoland/setup-deno@v1
+        with:
+          deno-version: v1.x
+      - name: Run dnt & minify
+        working-directory: ./x/chacha20poly1305
+        run: |
+          npm install -g esbuild
+          deno task dnt
+          deno task minify > ./npm/hpke-chacha20poly1305.min.js
+      - working-directory: ./x/chacha20poly1305/npm
+        run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
+
   publish-dhkem-secp256k1:
     runs-on: ubuntu-latest
     steps:

diff --git a/x/chacha20poly1305/README.md b/x/chacha20poly1305/README.md
@@ -0,0 +1,247 @@
+<h1 align="center">@hpke/chacha20poly1305</h1>
+
+<div align="center">
+A TypeScript <a href="https://datatracker.ietf.org/doc/html/rfc9180">Hybrid Public Key Encryption (HPKE)</a> module extension for AEAD with ChaCha20-Poly1305, which is implemented by using <a href="https://github.com/paulmillr/noble-ciphers">@noble/ciphers</a></div>
+<p></p>
+
+<div align="center">
+
+[Documentation](https://doc.deno.land/https://deno.land/x/hpke/x/chacha20poly1305/mod.ts)
+
+</div>
+
+## Index
+
+- [Supported Environments](#supported-environments)
+- [Installation](#installation)
+  - [Web Browser](#web-browser)
+  - [Node.js](#nodejs)
+  - [Deno](#deno)
+  - [Cloudflare Workers](#cloudflare-workers)
+- [Usage](#usage)
+- [Contributing](#contributing)
+
+## Supported Environments
+
+- **Web Browser**: [Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/)
+  supported browsers
+  - Confirmed: Chrome, Firefox, Edge, Safari, Opera, Vivaldi, Brave
+- **Node.js**: 16.x, 17.x, 18.x, 19.x, 20.x
+- **Deno**: 1.x (1.15-)
+- **Cloudflare Workers**
+- **bun**: 0.x (0.3.0-)
+
+## Installation
+
+### Web Browser
+
+Followings are how to use with typical CDNs. Other CDNs can be used as well.
+
+Using esm.sh:
+
+```html
+<!-- use a specific version -->
+<script type="module">
+  import * as hpke from "https://esm.sh/[email protected]";
+  import * as chacha20 from "https://esm.sh/@hpke/[email protected]";
+  // ...
+</script>
+
+<!-- use the latest stable version -->
+<script type="module">
+  import * as hpke from "https://esm.sh/hpke-js";
+  import * as chacha20 from "https://esm.sh/@hpke/chacha20poly1305";
+  // ...
+</script>
+```
+
+Using unpkg:
+
+```html
+<!-- use a specific version -->
+<script type="module">
+  import * as hpke from "https://unpkg.com/[email protected]/esm/mod.js";
+  import * as chacha20 from "https://unpkg.com/@hpke/[email protected]/esm/mod.js";
+  // ...
+</script>
+```
+
+### Node.js
+
+Using npm:
+
+```sh
+npm install @hpke/chacha20poly1305
+```
+
+Using yarn:
+
+```sh
+yarn add @hpke/chacha20poly1305
+```
+
+### Deno
+
+Using deno.land:
+
+```js
+// use a specific version
+import * as hpke from "https://deno.land/x/[email protected]/mod.ts";
+import * as chacha20 from "https://deno.land/x/[email protected]/x/chacha20poly1305/mod.ts";
+
+// use the latest stable version
+import * as hpke from "https://deno.land/x/hpke/mod.ts";
+import * as chacha20 from "https://deno.land/x/hpke/x/chacha20poly1305/mod.ts";
+```
+
+### Cloudflare Workers
+
+Downloads a single js file from esm.sh:
+
+```sh
+curl -sS -o $YOUR_SRC_PATH/hpke.min.js https://esm.sh/v86/[email protected]/es2022/hpke.min.js
+curl -sS -o $YOUR_SRC_PATH/hpke-chacha20poly1305.min.js https://esm.sh/v86/@hpke/[email protected]/es2022/hpke-chacha20poly1305.min.js
+```
+
+## Usage
+
+This section shows some typical usage examples.
+
+### Browsers
+
+```html
+<html>
+  <head></head>
+  <body>
+    <script type="module">
+      // import * as hpke from "https://esm.sh/[email protected]";
+      import { KemId, KdfId, CipherSuite } from "https://esm.sh/[email protected]";
+      import { Chacha20Poly1305 } from "https://esm.sh/@hpke/[email protected]";
+
+      globalThis.doHpke = async () => {
+
+        const suite = new CipherSuite({
+          kem: KemId.DhkemP256HkdfSha256,
+          kdf: KdfId.HkdfSha256,
+          aead: new Chacha20Poly1305()
+        });
+
+        const rkp = await suite.generateKeyPair();
+
+        const sender = await suite.createSenderContext({
+          recipientPublicKey: rkp.publicKey
+        });
+
+        const recipient = await suite.createRecipientContext({
+          recipientKey: rkp.privateKey, // rkp (CryptoKeyPair) is also acceptable.
+          enc: sender.enc,
+        });
+
+        // encrypt
+        const ct = await sender.seal(new TextEncoder().encode("hello world!"));
+
+        // decrypt
+        try {
+          const pt = await recipient.open(ct);
+
+          // hello world!
+          alert(new TextDecoder().decode(pt));
+        } catch (err) {
+          alert("failed to decrypt.");
+        }
+      }
+
+    </script>
+    <button type="button" onclick="doHpke()">do HPKE</button>
+  </body>
+</html>
+```
+
+### Node.js
+
+```js
+const { KemId, KdfId, CipherSuite } = require("hpke-js");
+const { Chacha20Poly1305 } = require("@hpke/chacha20poly1305");
+
+async function doHpke() {
+  // setup
+  const suite = new CipherSuite({
+    kem: KemId.DhkemP256HkdfSha256,
+    kdf: KdfId.HkdfSha256,
+    aead: new Chacha20Poly1305(),
+  });
+
+  const rkp = await suite.generateKeyPair();
+
+  const sender = await suite.createSenderContext({
+    recipientPublicKey: rkp.publicKey,
+  });
+
+  const recipient = await suite.createRecipientContext({
+    recipientKey: rkp.privateKey,
+    enc: sender.enc,
+  });
+
+  // encrypt
+  const ct = await sender.seal(new TextEncoder().encode("my-secret-message"));
+
+  // decrypt
+  try {
+    const pt = await recipient.open(ct);
+
+    console.log("decrypted: ", new TextDecoder().decode(pt));
+    // decrypted: my-secret-message
+  } catch (err) {
+    console.log("failed to decrypt.");
+  }
+}
+
+doHpke();
+```
+
+### Deno
+
+```js
+import { KemId, KdfId, CipherSuite } from "https://deno.land/x/[email protected]/mod.ts";
+import { Chacha20Poly1305 } from "https://deno.land/x/[email protected]/x/chacha20poly1305/mod.ts";
+
+async function doHpke() {
+  // setup
+  const suite = new CipherSuite({
+    kem: KemId.DhkemP256HkdfSha256,
+    kdf: KdfId.HkdfSha256,
+    aead: new Chacha20Poly1305(),
+  });
+
+  const rkp = await suite.generateKeyPair();
+
+  const sender = await suite.createSenderContext({
+    recipientPublicKey: rkp.publicKey,
+  });
+
+  const recipient = await suite.createRecipientContext({
+    recipientKey: rkp.privateKey,
+    enc: sender.enc,
+  });
+
+  // encrypt
+  const ct = await sender.seal(new TextEncoder().encode("my-secret-message"));
+
+  try {
+    // decrypt
+    const pt = await recipient.open(ct);
+
+    console.log("decrypted: ", new TextDecoder().decode(pt));
+    // decrypted: my-secret-message
+  } catch (_err: unknown) {
+    console.log("failed to decrypt.");
+  }
+}
+
+doHpke();
+```
+
+## Contributing
+
+We welcome all kind of contributions, filing issues, suggesting new features or
+sending PRs.