sodium-javascript/crypto_kdf.js

var assert = require('assert')
var randombytes_buf = require('.').randombytes_buf
var blake2b = require('blake2b')

module.exports.crypto_kdf_PRIMITIVE = 'blake2b'
module.exports.crypto_kdf_BYTES_MIN = 16
module.exports.crypto_kdf_BYTES_MAX = 64
module.exports.crypto_kdf_CONTEXTBYTES = 8
module.exports.crypto_kdf_KEYBYTES = 64

function STORE64_LE(dest, int) {
  var mul = 1
  var i = 0
  dest[0] = int & 0xFF
  while (++i < 8 && (mul *= 0x100)) {
    dest[i] = (int / mul) & 0xFF
  }
}

module.exports.crypto_kdf_derive_from_key = function crypto_kdf_derive_from_key (subkey, subkey_id, ctx, key) {
  assert(subkey.length >= module.exports.crypto_kdf_BYTES_MIN, 'subkey must be')
  assert(ctx.length >= module.exports.crypto_kdf_CONTEXTBYTES, 'context must be')

  var ctx_padded = new Uint8Array(blake2b.PERSONALBYTES)
  var salt = new Uint8Array(blake2b.SALTBYTES)

  ctx_padded.set(ctx, 0, module.exports.crypto_kdf_CONTEXTBYTES)

  STORE64_LE(salt, subkey_id)

  blake2b(subkey.slice(0, Math.min(subkey.length, module.exports.crypto_kdf_BYTES_MAX)), [], key, salt, ctx_padded, true)
}

module.exports.crypto_kdf_keygen = function crypto_kdf_keygen (out) {
  assert(out.length >= module.exports.crypto_kdf_KEYBYTES)
  randombytes_buf(out, module.exports.crypto_kdf_KEYBYTES)
}
Added crypto_kdf 2017-06-07 20:38:40 +00:00			`var assert = require('assert')`
			`var randombytes_buf = require('.').randombytes_buf`
			`var blake2b = require('blake2b')`

			`module.exports.crypto_kdf_PRIMITIVE = 'blake2b'`
			`module.exports.crypto_kdf_BYTES_MIN = 16`
			`module.exports.crypto_kdf_BYTES_MAX = 64`
			`module.exports.crypto_kdf_CONTEXTBYTES = 8`
			`module.exports.crypto_kdf_KEYBYTES = 64`

			`function STORE64_LE(dest, int) {`
			`var mul = 1`
			`var i = 0`
			`dest[0] = int & 0xFF`
			`while (++i < 8 && (mul *= 0x100)) {`
			`dest[i] = (int / mul) & 0xFF`
			`}`
			`}`

			`module.exports.crypto_kdf_derive_from_key = function crypto_kdf_derive_from_key (subkey, subkey_id, ctx, key) {`
			`assert(subkey.length >= module.exports.crypto_kdf_BYTES_MIN, 'subkey must be')`
			`assert(ctx.length >= module.exports.crypto_kdf_CONTEXTBYTES, 'context must be')`

			`var ctx_padded = new Uint8Array(blake2b.PERSONALBYTES)`
			`var salt = new Uint8Array(blake2b.SALTBYTES)`

			`ctx_padded.set(ctx, 0, module.exports.crypto_kdf_CONTEXTBYTES)`

			`STORE64_LE(salt, subkey_id)`

			`blake2b(subkey.slice(0, Math.min(subkey.length, module.exports.crypto_kdf_BYTES_MAX)), [], key, salt, ctx_padded, true)`
			`}`

			`module.exports.crypto_kdf_keygen = function crypto_kdf_keygen (out) {`
			`assert(out.length >= module.exports.crypto_kdf_KEYBYTES)`
			`randombytes_buf(out, module.exports.crypto_kdf_KEYBYTES)`
			`}`