otp_crypto/encryptor library

Encryptor – Builds SecureMessage (headers+body) from plaintext

High-level symmetric encryption orchestrator:

1. Derive {encKey, macKey} via HKDF-SHA256 from the singleton config.
2. Compute current time window window.
3. Generate 8-byte random nonce nonce.
4. Derive IV = HMAC(macKey, "iv" || u64be(window) || nonce):16.
5. Encrypt plaintext with AES-256-CBC + PKCS#7 using encKey+IV → ciphertext.
6. Compute tag = HMAC(macKey, "tag" || u64be(window) || nonce || ciphertext).
7. Produce SecureMessage { version, window, nonce, ciphertext, tag }.

This class does not send HTTP. It only returns a SecureMessage. To serialize into headers/body, use ApiClient.toWire(msg).

SECURITY NOTES:

• HKDF keys are derived once per Encryptor instance and cached.
• Always verify on the recipient before decryption (Encrypt-then-MAC).
• IV is never transmitted; both sides recompute it.

HINTS:

• You may keep a single Encryptor around (stateless w.r.t. requests).
• Provide your own NonceGenerator in tests for determinism.