-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Moe/add hpke encryption #294
Conversation
This pull request is automatically built and testable in CodeSandbox. To see build info of the built libraries, click here or the icon next to each commit SHA. |
80fda6b
to
2eeb3f0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great overall. Just some minor changes requested but happy to follow on with an approval right away 🚀
Some follow up items we should be aware of:
- we could soon use this in
@turnkey/sdk-browser
for passkey session creation! instead of relying onhpke-js
sdk/packages/sdk-browser/src/utils.ts
Line 10 in dfd3657
import { AeadId, CipherSuite, KdfId, KemId } from "hpke-js"; - it would be really powerful to update tkhq/passkeyapp with more of these use cases, similar to the ones that we've seen recently (trying to perform email auth/recovery, and key or wallet import/export without iframes)
9d3d2f8
to
84886fd
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No idea why tests are failing, it doesn't seem related to your PR at first glance 👀
Once you have a green build (and have fixed the minor thing I flagged in the README): ship it! 🚀
packages/crypto/README.md
Outdated
const plaintext = "Hello, this is a secure message!"; | ||
const encryptedData = hpkeEncrypt({ | ||
plainText: plaintext, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this needs to be updated now that you take a uint8array instead of a string
86a9109
to
e4ae66d
Compare
Summary & Motivation
We got decryption so we may as well have encryption! Afaik, nothing really out there that supports e2e hpke decryption and encryption that can be used with any runtime, so why not :)
How I Tested These Changes
Did you add a changeset?
If updating one of our packages, you'll likely need to add a changeset to your PR. To do so, run
pnpm changeset
.pnpm changeset
will generate a file where you should write a human friendly message about the changes. Note how this (example) includes the package name (should be auto added by the command) along with the type of semver change (major.minor.patch) (which you should set).These changes will be used at release time to determine what packages to publish and how to bump their version. For more context see this comment.