Class XChaCha20

The XChaCha20 class provides a comprehensive suite of utilities for cryptographic operations using the XChaCha20 symmetric encryption algorithm. This class includes methods for key generation, encryption, decryption, and conversions between raw byte arrays and JSON Web Key (JWK) formats. XChaCha20 is an extended nonce variant of ChaCha20, a stream cipher designed for high-speed encryption with substantial security margins.

The XChaCha20 algorithm is particularly well-suited for encrypting large volumes of data or data streams, especially where random access is required. The class adheres to standard cryptographic practices, ensuring robustness and security in its implementations.

Key Features:

Key Generation: Generate XChaCha20 symmetric keys in JWK format.
Key Conversion: Transform keys between raw byte arrays and JWK formats.
Encryption: Encrypt data using XChaCha20 with the provided symmetric key.
Decryption: Decrypt data encrypted with XChaCha20 using the corresponding symmetric key.

The methods in this class are asynchronous, returning Promises to accommodate various JavaScript environments.

Example

// Key Generation
const privateKey = await XChaCha20.generateKey();

// Encryption
const data = new TextEncoder().encode('Messsage');
const nonce = utils.randomBytes(24); // 24-byte nonce for XChaCha20
const encryptedData = await XChaCha20.encrypt({
  data,
  nonce,
  key: privateKey
});

// Decryption
const decryptedData = await XChaCha20.decrypt({
  data: encryptedData,
  nonce,
  key: privateKey
});

// Key Conversion
const privateKeyBytes = await XChaCha20.privateKeyToBytes({ privateKey });

Index

Constructors

constructor

Methods

bytesToPrivateKey decrypt encrypt generateKey privateKeyToBytes

Constructors

constructor

new XChaCha20(): XChaCha20
Returns XChaCha20

Methods

`Static` bytesToPrivateKey

bytesToPrivateKey(params): Promise<Jwk>
Converts a raw private key in bytes to its corresponding JSON Web Key (JWK) format.
Parameters
- params: {
  privateKeyBytes: Uint8Array;
  }
  The parameters for the symmetric key conversion.
  - privateKeyBytes: Uint8Array
    The raw symmetric key as a Uint8Array.
Returns Promise<Jwk>
A Promise that resolves to the symmetric key in JWK format.
Remarks
This method takes a symmetric key represented as a byte array (Uint8Array) and converts it into a JWK object for use with the XChaCha20 symmetric encryption algorithm. The conversion process involves encoding the key into base64url format and setting the appropriate JWK parameters.

The resulting JWK object includes the following properties:
- kty: Key Type, set to 'oct' for Octet Sequence (representing a symmetric key).
- k: The symmetric key, base64url-encoded.
- kid: Key ID, generated based on the JWK thumbprint.
Example
```
const privateKeyBytes = new Uint8Array([...]); // Replace with actual symmetric key bytes
const privateKey = await XChaCha20.bytesToPrivateKey({ privateKeyBytes });
```

`Static` decrypt

decrypt(params): Promise<Uint8Array>
Decrypts the provided data using XChaCha20.
Parameters
- params: {
      data: Uint8Array;
      key: Jwk;
      nonce: Uint8Array;
  }
  The parameters for the decryption operation.
  - data: Uint8Array
    The encrypted data to decrypt, represented as a Uint8Array.
  - key: Jwk
    The key to use for decryption, represented in JWK format.
  - nonce: Uint8Array
    The nonce used during the encryption process.
Returns Promise<Uint8Array>
A Promise that resolves to the decrypted data as a Uint8Array.
Remarks
This method performs XChaCha20 decryption on the given encrypted data using the specified key and nonce. The nonce should be the same as used in the encryption process and must be 24 bytes long. The method returns the decrypted data as a Uint8Array.

Example
```
const encryptedData = new Uint8Array([...]); // Encrypted data
const nonce = new Uint8Array(24); // 24-byte nonce used during encryption
const key = { ... }; // A Jwk object representing the XChaCha20 key
const decryptedData = await XChaCha20.decrypt({
  data: encryptedData,
  nonce,
  key
});
```

`Static` encrypt

encrypt(params): Promise<Uint8Array>
Encrypts the provided data using XChaCha20.
Parameters
- params: {
      data: Uint8Array;
      key: Jwk;
      nonce: Uint8Array;
  }
  The parameters for the encryption operation.
  - data: Uint8Array
    The data to encrypt, represented as a Uint8Array.
  - key: Jwk
    The key to use for encryption, represented in JWK format.
  - nonce: Uint8Array
    A 24-byte nonce for the encryption process.
Returns Promise<Uint8Array>
A Promise that resolves to the encrypted data as a Uint8Array.
Remarks
This method performs XChaCha20 encryption on the given data using the specified key and nonce. The nonce must be 24 bytes long, ensuring a high level of security through a vast nonce space, reducing the risks associated with nonce reuse. The method returns the encrypted data as a Uint8Array.

Example
```
const data = new TextEncoder().encode('Messsage');
const nonce = utils.randomBytes(24); // 24-byte nonce for XChaCha20
const key = { ... }; // A Jwk object representing an XChaCha20 key
const encryptedData = await XChaCha20.encrypt({
  data,
  nonce,
  key
});
```

`Static` generateKey

generateKey(): Promise<Jwk>
Generates a symmetric key for XChaCha20 in JSON Web Key (JWK) format.

Returns Promise<Jwk>
A Promise that resolves to the generated symmetric key in JWK format.
Remarks
This method creates a new symmetric key suitable for use with the XChaCha20 encryption algorithm. The key is generated using cryptographically secure random number generation to ensure its uniqueness and security. The XChaCha20 algorithm requires a 256-bit key (32 bytes), and this method adheres to that specification.

Key components included in the JWK:
- kty: Key Type, set to 'oct' for Octet Sequence.
- k: The symmetric key component, base64url-encoded.
- kid: Key ID, generated based on the JWK thumbprint.
Example
```
const privateKey = await XChaCha20.generateKey();
```

`Static` privateKeyToBytes

privateKeyToBytes(params): Promise<Uint8Array>
Converts a private key from JSON Web Key (JWK) format to a raw byte array (Uint8Array).
Parameters
- params: {
  privateKey: Jwk;
  }
  The parameters for the symmetric key conversion.
  - privateKey: Jwk
    The symmetric key in JWK format.
Returns Promise<Uint8Array>
A Promise that resolves to the symmetric key as a Uint8Array.
Remarks
This method takes a symmetric key in JWK format and extracts its raw byte representation. It decodes the 'k' parameter of the JWK value, which represents the symmetric key in base64url encoding, into a byte array.

Example
```
const privateKey = { ... }; // A symmetric key in JWK format
const privateKeyBytes = await XChaCha20.privateKeyToBytes({ privateKey });
```

Class XChaCha20

Example

Index

Constructors

Methods

Constructors

constructor

Returns XChaCha20

Methods

Static bytesToPrivateKey

Parameters

privateKeyBytes: Uint8Array

Returns Promise<Jwk>

Remarks

Example

Static decrypt

Parameters

data: Uint8Array

key: Jwk

nonce: Uint8Array

Returns Promise<Uint8Array>

Remarks

Example

Static encrypt

Parameters

data: Uint8Array

key: Jwk

nonce: Uint8Array

Returns Promise<Uint8Array>

Remarks

Example

Static generateKey

Returns Promise<Jwk>

Remarks

Example

Static privateKeyToBytes

Parameters

privateKey: Jwk

Returns Promise<Uint8Array>

Remarks

Example

Settings

Member Visibility

Theme

On This Page

`Static` bytesToPrivateKey

`Static` decrypt

`Static` encrypt

`Static` generateKey

`Static` privateKeyToBytes