dajiaji
diff --git a/‎packages/dhkem-x25519/mod.ts‎
Lines changed: 1 addition & 2 deletions b/‎packages/dhkem-x25519/mod.ts‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎packages/dhkem-x25519/src/dhkemX25519.ts‎
Lines changed: 248 additions & 2 deletions b/‎packages/dhkem-x25519/src/dhkemX25519.ts‎
Lines changed: 248 additions & 2 deletions
diff --git a/‎packages/dhkem-x25519/src/x25519/x25519.ts‎ renamed to ‎packages/dhkem-x25519/src/primitives/x25519.ts‎ b/‎packages/dhkem-x25519/src/x25519/x25519.ts‎ renamed to ‎packages/dhkem-x25519/src/primitives/x25519.ts‎
@@ -1,3 +1,2 @@
-export { DhkemX25519HkdfSha256 } from "./src/dhkemX25519.ts";
+export { DhkemX25519HkdfSha256, X25519 } from "./src/dhkemX25519.ts";
 export { HkdfSha256 } from "./src/hkdfSha256.ts";
-export { X25519 } from "./src/x25519.ts";
@@ -1,7 +1,253 @@
-import { Dhkem, KemId } from "@hpke/common";
+import type { DhkemPrimitives, KdfInterface } from "@hpke/common";
 
+import {
+  base64UrlToBytes,
+  DeriveKeyPairError,
+  DeserializeError,
+  Dhkem,
+  EMPTY,
+  KEM_USAGES,
+  KemId,
+  LABEL_DKP_PRK,
+  LABEL_SK,
+  NotSupportedError,
+  SerializeError,
+  XCryptoKey,
+} from "@hpke/common";
+
+import { x25519 } from "./primitives/x25519.ts";
 import { HkdfSha256 } from "./hkdfSha256.ts";
-import { X25519 } from "./x25519.ts";
+
+const ALG_NAME = "X25519";
+
+export class X25519 implements DhkemPrimitives {
+  private _hkdf: KdfInterface;
+  private _nPk: number;
+  private _nSk: number;
+
+  constructor(hkdf: KdfInterface) {
+    this._hkdf = hkdf;
+    this._nPk = 32;
+    this._nSk = 32;
+  }
+
+  public async serializePublicKey(key: CryptoKey): Promise<ArrayBuffer> {
+    try {
+      return await this._serializePublicKey(key as XCryptoKey);
+    } catch (e: unknown) {
+      throw new SerializeError(e);
+    }
+  }
+
+  public async deserializePublicKey(key: ArrayBuffer): Promise<CryptoKey> {
+    try {
+      return await this._importRawKey(key, true);
+    } catch (e: unknown) {
+      throw new DeserializeError(e);
+    }
+  }
+
+  public async serializePrivateKey(key: CryptoKey): Promise<ArrayBuffer> {
+    try {
+      return await this._serializePrivateKey(key as XCryptoKey);
+    } catch (e: unknown) {
+      throw new SerializeError(e);
+    }
+  }
+
+  public async deserializePrivateKey(key: ArrayBuffer): Promise<CryptoKey> {
+    try {
+      return await this._importRawKey(key, false);
+    } catch (e: unknown) {
+      throw new DeserializeError(e);
+    }
+  }
+
+  public async importKey(
+    format: "raw" | "jwk",
+    key: ArrayBuffer | JsonWebKey,
+    isPublic: boolean,
+  ): Promise<CryptoKey> {
+    try {
+      if (format === "raw") {
+        return await this._importRawKey(key as ArrayBuffer, isPublic);
+      }
+      // jwk
+      if (key instanceof ArrayBuffer) {
+        throw new Error("Invalid jwk key format");
+      }
+      return await this._importJWK(key as JsonWebKey, isPublic);
+    } catch (e: unknown) {
+      throw new DeserializeError(e);
+    }
+  }
+
+  public async generateKeyPair(): Promise<CryptoKeyPair> {
+    try {
+      const rawSk = await x25519.utils.randomSecretKey();
+      const sk = new XCryptoKey(ALG_NAME, rawSk, "private", KEM_USAGES);
+      const pk = await this.derivePublicKey(sk);
+      return { publicKey: pk, privateKey: sk };
+    } catch (e: unknown) {
+      throw new NotSupportedError(e);
+    }
+  }
+
+  public async deriveKeyPair(ikm: ArrayBuffer): Promise<CryptoKeyPair> {
+    try {
+      const dkpPrk = await this._hkdf.labeledExtract(
+        EMPTY.buffer as ArrayBuffer,
+        LABEL_DKP_PRK,
+        new Uint8Array(ikm),
+      );
+      const rawSk = await this._hkdf.labeledExpand(
+        dkpPrk,
+        LABEL_SK,
+        EMPTY,
+        this._nSk,
+      );
+      const sk = new XCryptoKey(
+        ALG_NAME,
+        new Uint8Array(rawSk),
+        "private",
+        KEM_USAGES,
+      );
+      return {
+        privateKey: sk,
+        publicKey: await this.derivePublicKey(sk),
+      };
+    } catch (e: unknown) {
+      throw new DeriveKeyPairError(e);
+    }
+  }
+
+  public async derivePublicKey(key: CryptoKey): Promise<CryptoKey> {
+    try {
+      return await this._derivePublicKey(key as XCryptoKey);
+    } catch (e: unknown) {
+      throw new DeserializeError(e);
+    }
+  }
+
+  public async dh(sk: CryptoKey, pk: CryptoKey): Promise<ArrayBuffer> {
+    try {
+      return await this._dh(sk as XCryptoKey, pk as XCryptoKey);
+    } catch (e: unknown) {
+      throw new SerializeError(e);
+    }
+  }
+
+  public async derive(sk: Uint8Array, pk: Uint8Array): Promise<Uint8Array> {
+    try {
+      return await this._derive(sk, pk);
+    } catch (e: unknown) {
+      throw new SerializeError(e);
+    }
+  }
+
+  private _serializePublicKey(k: XCryptoKey): Promise<ArrayBuffer> {
+    return new Promise((resolve) => {
+      resolve(k.key.buffer as ArrayBuffer);
+    });
+  }
+
+  private _serializePrivateKey(k: XCryptoKey): Promise<ArrayBuffer> {
+    return new Promise((resolve) => {
+      resolve(k.key.buffer as ArrayBuffer);
+    });
+  }
+
+  private _importRawKey(
+    key: ArrayBuffer,
+    isPublic: boolean,
+  ): Promise<CryptoKey> {
+    return new Promise((resolve, reject) => {
+      if (isPublic && key.byteLength !== this._nPk) {
+        reject(new Error("Invalid length of the key"));
+      }
+      if (!isPublic && key.byteLength !== this._nSk) {
+        reject(new Error("Invalid length of the key"));
+      }
+      resolve(
+        new XCryptoKey(
+          ALG_NAME,
+          new Uint8Array(key),
+          isPublic ? "public" : "private",
+          isPublic ? [] : KEM_USAGES,
+        ),
+      );
+    });
+  }
+
+  private _importJWK(key: JsonWebKey, isPublic: boolean): Promise<CryptoKey> {
+    return new Promise((resolve, reject) => {
+      if (typeof key.kty === "undefined" || key.kty !== "OKP") {
+        reject(new Error(`Invalid kty: ${key.kty}`));
+      }
+      if (typeof key.crv === "undefined" || key.crv !== "X25519") {
+        reject(new Error(`Invalid crv: ${key.crv}`));
+      }
+      if (isPublic) {
+        if (typeof key.d !== "undefined") {
+          reject(new Error("Invalid key: `d` should not be set"));
+        }
+        if (typeof key.x === "undefined") {
+          reject(new Error("Invalid key: `x` not found"));
+        }
+        resolve(
+          new XCryptoKey(
+            ALG_NAME,
+            base64UrlToBytes(key.x as string),
+            "public",
+          ),
+        );
+      } else {
+        if (typeof key.d !== "string") {
+          reject(new Error("Invalid key: `d` not found"));
+        }
+        resolve(
+          new XCryptoKey(
+            ALG_NAME,
+            base64UrlToBytes(key.d as string),
+            "private",
+            KEM_USAGES,
+          ),
+        );
+      }
+    });
+  }
+
+  private _derivePublicKey(k: XCryptoKey): Promise<CryptoKey> {
+    return new Promise((resolve, reject) => {
+      try {
+        const pk = x25519.getPublicKey(k.key);
+        resolve(new XCryptoKey(ALG_NAME, pk, "public"));
+      } catch (e: unknown) {
+        reject(e);
+      }
+    });
+  }
+
+  private _dh(sk: XCryptoKey, pk: XCryptoKey): Promise<ArrayBuffer> {
+    return new Promise((resolve, reject) => {
+      try {
+        resolve(x25519.getSharedSecret(sk.key, pk.key).buffer as ArrayBuffer);
+      } catch (e: unknown) {
+        reject(e);
+      }
+    });
+  }
+
+  private _derive(sk: Uint8Array, pk: Uint8Array): Promise<Uint8Array> {
+    return new Promise((resolve, reject) => {
+      try {
+        resolve(x25519.getSharedSecret(sk, pk));
+      } catch (e: unknown) {
+        reject(e);
+      }
+    });
+  }
+}
 
 /**
  * The DHKEM(X25519, HKDF-SHA256) for HPKE KEM implementing {@link KemInterface}.