The Hybrid Public Key Encryption (HPKE) standard in Python.
This HPKE implementation is simply a thin Python wrapper around hpke-spec, the hacspec implementation written by Franziskus Kiefer. This package mirrors the hpke-spec constructions as much as possible, to avoid any discrepancy from the HPKE standard.
The hpke-spec library has two primary advantages:
hpke-specis written inhacspecwhich can be compiled into F* for formal verification.- The cargo documentation for
hpke-specis simply the text of the HPKE RFC 9180, with all the RFC's constructions linked directly to the hacspec code that implements it.
As a result, it's much more straightforward to evaluate hpke-spec for security and correctness. Indeed, both hacspec and RFC 9180 have received thorough vetting from cryptographers in Project Everest and the Internet Research Task Force, respectively.
Wheels for various platforms and architectures can be found in the wheelhouse.zip archive from latest Github release.
THe library can also be installed from source with maturin; see below.
We use maturin to build and distribute the PyO3 extension module as a Python wheel.
For users of cmake, we provide a Makefile that includes some helpful development commands.
Other useful tips:
maturin developbuilds & installs the Python package into your Python environment (venvorcondarecommended)pytest .tests the resulting Python packagematurin build --release -o dist --sdistbuilds the extension module in release-mode and produces a wheel for your environment's OS and architecture.- The
-i/--interpreterflag formaturincan be used to swap out different Python interpreters, if you have multiple Python installations.
- hpke-py: An implementation of HPKE based on primitives from cryptography.io.