A Python implementation of HPKE.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for dajiaji from gravatar.com dajiaji

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Ajitomi Daisuke
  • Requires: Python <4.0, >=3.9
Classifiers

Project description

PyHPKE - A Python implementation of HPKE

PyPI version PyPI - Python Version Documentation Status Github CI codecov

PyHPKE is a HPKE (Hybrid Public Key Encryption) implementation written in Python.

You can install PyHPKE with pip:

$ pip install pyhpke

And then, you can use it as follows:

from pyhpke import AEADId, CipherSuite, KDFId, KEMId, KEMKey

# The sender side:
suite_s = CipherSuite.new(
    KEMId.DHKEM_P256_HKDF_SHA256, KDFId.HKDF_SHA256, AEADId.AES128_GCM
)
pkr = KEMKey.from_jwk(  # from_pem is also available.
    {
        "kid": "01",
        "kty": "EC",
        "crv": "P-256",
        "x": "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
        "y": "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
    }
)
enc, sender = suite_s.create_sender_context(pkr)
ct = sender.seal(b"Hello world!")

# The recipient side:
suite_r = CipherSuite.new(
    KEMId.DHKEM_P256_HKDF_SHA256, KDFId.HKDF_SHA256, AEADId.AES128_GCM
)
skr = KEMKey.from_jwk(
    {
        "kid": "01",
        "kty": "EC",
        "crv": "P-256",
        "x": "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
        "y": "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
        "d": "r_kHyZ-a06rmxM3yESK84r1otSg-aQcVStkRhA-iCM8",
    }
)
recipient = suite_r.create_recipient_context(enc, skr)
pt = recipient.open(ct)

assert pt == b"Hello world!"


# deriving a KEMKeyPair
keypair = suite_s.kem.derive_key_pair(b"some_ikm_bytes_used_for_key_derivation")

Index

Installation

You can install PyHPKE with pip:

$ pip install pyhpke

Supported HPKE Modes and Cipher Suites

PyHPKE supports all of the HPKE modes and cipher suites defined in RFC9180 below.

  • modes
    • ✅ Base
    • ✅ PSK
    • ✅ Auth
    • ✅ AuthPSK
  • KEMs (Key Encapsulation Machanisms)
    • ✅ DHKEM (P-256, HKDF-SHA256)
    • ✅ DHKEM (P-384, HKDF-SHA384)
    • ✅ DHKEM (P-521, HKDF-SHA512)
    • ✅ DHKEM (X25519, HKDF-SHA256)
    • ✅ DHKEM (X448, HKDF-SHA512)
  • KDFs (Key Derivation Functions)
    • ✅ HKDF-SHA256
    • ✅ HKDF-SHA384
    • ✅ HKDF-SHA512
  • AEADs (Authenticated Encryption with Associated Data)
    • ✅ AES-128-GCM
    • ✅ AES-256-GCM
    • ✅ ChaCha20Poly1305
    • ✅ Export Only

Warnings and Restrictions

Although this library has been passed all of the following official test vectors, it has not been formally audited.

Usage

from pyhpke import AEADId, CipherSuite, KDFId, KEMId, KEMKey

# The sender side:
suite_s = CipherSuite.new(
    KEMId.DHKEM_P256_HKDF_SHA256, KDFId.HKDF_SHA256, AEADId.AES128_GCM
)
pkr = KEMKey.from_jwk(
    {
        "kid": "01",
        "kty": "EC",
        "crv": "P-256",
        "x": "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
        "y": "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
    }
)
enc, sender = suite_s.create_sender_context(pkr)
ct = sender.seal(b"Hello world!")

# The recipient side:
suite_r = CipherSuite.new(
    KEMId.DHKEM_P256_HKDF_SHA256, KDFId.HKDF_SHA256, AEADId.AES128_GCM
)
skr = KEMKey.from_jwk(
    {
        "kid": "01",
        "kty": "EC",
        "crv": "P-256",
        "x": "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
        "y": "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
        "d": "r_kHyZ-a06rmxM3yESK84r1otSg-aQcVStkRhA-iCM8",
    }
)
recipient = suite_r.create_recipient_context(enc, skr)
pt = recipient.open(ct)

assert pt == b"Hello world!"

API Reference

See Documentation.

Test

You can run tests from the project root after cloning with:

$ tox

Contributing

We welcome all kind of contributions, filing issues, suggesting new features or sending PRs.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for dajiaji from gravatar.com dajiaji

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Ajitomi Daisuke
  • Requires: Python <4.0, >=3.9
Classifiers

Release history Release notifications | RSS feed

This version

0.6.0

0.5.4

0.5.3

0.5.2

0.5.1

0.5.0

0.4.2

0.4.1

0.4.0

0.3.0

0.2.0

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyhpke-0.6.0.tar.gz (1.8 MB view details)

Uploaded Source

Built Distribution

pyhpke-0.6.0-py3-none-any.whl (53.3 kB view details)

Uploaded Python 3

File details

Details for the file pyhpke-0.6.0.tar.gz.

File metadata

  • Download URL: pyhpke-0.6.0.tar.gz
  • Upload date:
  • Size: 1.8 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.8.4 CPython/3.12.7 Linux/6.5.0-1025-azure

File hashes

Hashes for pyhpke-0.6.0.tar.gz
Algorithm Hash digest
SHA256 580e1510fb05d7efbaa748a42f1ce5629122b34384cfbc159647e98d0c10ea9a
MD5 3e6b8296a05e4c2f594d8b02d7908a62
BLAKE2b-256 4a4cd854a3a0db37722c28a5bdf0efa84527c4bb24b7dd153deaefc1ba425ed1

See more details on using hashes here.

File details

Details for the file pyhpke-0.6.0-py3-none-any.whl.

File metadata

  • Download URL: pyhpke-0.6.0-py3-none-any.whl
  • Upload date:
  • Size: 53.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.8.4 CPython/3.12.7 Linux/6.5.0-1025-azure

File hashes

Hashes for pyhpke-0.6.0-py3-none-any.whl
Algorithm Hash digest
SHA256 71bd9136ae5ca6503407c75330c988e992c6123497c696f7f4670e26bb6444a8
MD5 d60789dbaddd0fc486ec4fa98cc8b865
BLAKE2b-256 70801d98f7010af79c1d6f46d6592887d66a9ea59a1559e6d5638ce55f9d0914

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page