-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathkdf.ts
More file actions
51 lines (45 loc) · 1.21 KB
/
Copy pathkdf.ts
File metadata and controls
51 lines (45 loc) · 1.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import { buf } from './buffer'
export async function hkdfDerive(
ikm: Uint8Array,
salt: Uint8Array,
info: Uint8Array,
length: number,
): Promise<Uint8Array> {
const baseKey = await crypto.subtle.importKey(
'raw',
buf(ikm),
'HKDF',
false,
['deriveBits']
)
const derived = await crypto.subtle.deriveBits(
{ name: 'HKDF', hash: 'SHA-256', salt: buf(salt), info: buf(info) },
baseKey,
length * 8
)
return new Uint8Array(derived)
}
async function importHmacKey(raw: Uint8Array): Promise<CryptoKey> {
return crypto.subtle.importKey(
'raw',
buf(raw),
{ name: 'HMAC', hash: 'SHA-256' },
false,
['sign']
)
}
export async function hmacSign(
key: Uint8Array,
data: Uint8Array,
): Promise<Uint8Array> {
const cryptoKey = await importHmacKey(key)
const signature = await crypto.subtle.sign('HMAC', cryptoKey, buf(data))
return new Uint8Array(signature)
}
export async function kdfRatchetStep(
chainKey: Uint8Array,
): Promise<{ nextChainKey: Uint8Array; messageKey: Uint8Array }> {
const nextChainKey = await hmacSign(chainKey, new Uint8Array([0x01]))
const messageKey = await hmacSign(chainKey, new Uint8Array([0x02]))
return { nextChainKey, messageKey }
}