Class: Privy::Cryptography::HpkeSender

Inherits:

Object

Object
Privy::Cryptography::HpkeSender

show all

Defined in:: lib/privy/cryptography.rb

Instance Method Summary collapse

#encrypt(public_key_spki, payload) ⇒ Privy::Cryptography::HpkeEncryptedPayload

Encrypts a payload for a recipient using HPKE base mode.
#initialize ⇒ HpkeSender constructor

A new instance of HpkeSender.

Constructor Details

#initialize ⇒ `HpkeSender`

Returns a new instance of HpkeSender.



55
56
57

# File 'lib/privy/cryptography.rb', line 55

def initialize
  @hpke = HPKE.new(HPKE::DHKEM_P256_HKDF_SHA256, HPKE::HKDF_SHA256, HPKE::CHACHA20_POLY1305)
end

Instance Method Details

#encrypt(public_key_spki, payload) ⇒ `Privy::Cryptography::HpkeEncryptedPayload`

Encrypts a payload for a recipient using HPKE base mode.

Parameters:

public_key_spki (String) —

Raw DER bytes of the recipient’s SPKI-encoded public key, or a raw uncompressed P-256 public key point.
payload (String) —

Raw plaintext bytes

Returns:

(Privy::Cryptography::HpkeEncryptedPayload)

# File 'lib/privy/cryptography.rb', line 65

def encrypt(public_key_spki, payload)
  recipient_public_key = OpenSSL::PKey.read(normalize_public_key_spki(public_key_spki))
  encrypted = @hpke.setup_base_s(recipient_public_key, "")
  ciphertext = encrypted.fetch(:context_s).seal("", payload)

  HpkeEncryptedPayload.new(encapsulated_key: encrypted.fetch(:enc), ciphertext: ciphertext)
end