9.0
This library provides implementations of RFC 8188 and RFC 8291.
1.1 Encrypted Content-Encoding for HTTP🔗ℹ
Decrypts the contents of in to out using
secret and the provided factories. When
secret is a procedure, it receives the key id read from
the input header. It must then provide a secret based on that key id.
Encrypts the contents of in and writes the output to
out using secret and the provided factories.
The content is split into #:record-size chunks. The
#:key-id argument can be used to signal to the recipient what
key they should use to decrypt the data. The key id may be at
most 255 bytes long.
1.2 Message Encryption for Web Push🔗ℹ
| (web-push-encrypt | | in | | | | | | | | out | | | | | | | [ | #:salt salt] | | | | | | | | #:auth-secret auth-secret | | | | | | | [ | #:private-key as-private] | | | | | | | | #:user-agent-key ua-public | | | | | | | [ | #:factories factories]) | | → | | void? |
|
| in : input-port? |
| out : output-port? |
| salt : bytes? = (crypto-random-bytes 16) |
| auth-secret : bytes? |
| as-private : pk-key? = (generate-ecdh-private-key) |
| ua-public : bytes? |
| | factories | | : | | (or/c crypto-factory? (listof crypto-factory?)) | | | | | = | | (crypto-factories) |
|
Encrypts the contents of in and writes the output
to out after exchanging the as-private and
ua-public keys in order to generate a shared encryption
secret.
If #:private-key is not provided, a key is generated
automatically on every invocation. This is the normal use case.
Do not reuse keys outside of testing scenarios.