Missing algorithm: HKDF

Question

Missing algorithm: HKDF

LiraNuna opened this issue 6 years ago · 8 comments

The algorithm HKDF is missing from this library. (According to https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto)

I would love to create a PR to add it, however it seems like webcrypto-core does not support an HKDF provider.

Answer 1 · 2019-03-02T07:33:14.000Z

new version of webcrypto-core allows to create providers in implementing module. HKDF is standard W3 WebCrypto algorithm, I'll add it to webcrypto-core

Answer 2 · 2019-03-02T07:49:11.000Z

PeculiarVentures/webcrypto-core#21

Answer 3 · 2019-03-02T08:14:54.000Z

HKDF was added to webcrypto-core
+ webcrypto-core@1.0.8

Answer 4 · 2019-03-02T08:16:39.000Z

Nice, I'll start working on a PR.
Please note that nodejs does not have a native HKDF implementation, so I am planning to perform it manually. I am not aware of any side-channel or timing attacks that extract-and-expand algorithms are susceptible to, do you have any words of wisdom about potential gotchas I should worry about?

Answer 5 · 2019-03-02T08:25:19.000Z

I'd like @peculiar/webcrypto to be NodeJS module without C++ plugins. If you can implement HKDF via NodeJS Crypto API or JS, I think it's ok. We have node-webcrypto-ossl module (it doesn't implements HKDF too) which could implement HKDF via OpenSSL API

@rmhrisk what do you think about it?

Answer 6 · 2019-03-02T08:26:51.000Z

To make it clear, I am planning to implement HKDF in Javascript.

Answer 7 · 2019-03-02T09:06:57.000Z

@microshine Please see the comments I left on PeculiarVentures/webcrypto-core#21 - I hit those issues while implementing HKDF.

Answer 8 · 2019-03-02T09:19:27.000Z

I published updated version + webcrypto-core@1.0.10