Skip to content

Latest commit

 

History

History
61 lines (53 loc) · 1.36 KB

HKDF.md

File metadata and controls

61 lines (53 loc) · 1.36 KB

HKDF

W3 specification

Operations

Operation Parameters Result
importKey None CryptoKey
deriveBits HkdfParams ArrayBuffer
deriveKey HkdfParams CryptoKey

Import key

const key = await crypto.subtle.importKey(
  "raw", // only raw format
  password, // BufferSource
  "HKDF",
  false, // only false
  ["deriveBits", "deriveKey"],
);

Derive bits

const salt = crypto.getRandomValues(new Uint8Array(4));
const info = crypto.getRandomValues(new Uint8Array(4));

const derivedBits = await crypto.subtle.deriveBits(
  {
    name: "HKDF",
    salt,
    info,
    hash: "SHA-256",
  },
  key,
  128,
);

Derive key

const salt = crypto.getRandomValues(new Uint8Array(4));
const info = crypto.getRandomValues(new Uint8Array(4));

const derivedKey = await crypto.subtle.deriveKey(
  {
    name: "HKDF",
    salt,
    info,
    hash: "SHA-256",
  },
  key,
  {
    name: "AES-CBC",
    length: 128,
  },
  false,
  ["encrypt", "decrypt"],
);