crypto.hkdfSync(digest, ikm, salt, info, keylen)
-
digest<string> 要使用的摘要算法。¥
digest<string> The digest algorithm to use. -
ikm<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> 输入键材料。必须提供,但可以是零长度。¥
ikm<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> The input keying material. Must be provided but can be zero-length. -
salt<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> 盐值。必须提供,但可以是零长度。¥
salt<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> The salt value. Must be provided but can be zero-length. -
info<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> 附加信息值。必须提供但可以是零长度,并且不能超过 1024 字节。¥
info<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> Additional info value. Must be provided but can be zero-length, and cannot be more than 1024 bytes. -
keylen<number> 要生成的密钥的长度。必须大于 0。最大允许值是所选摘要函数生成的字节数的255倍(例如,sha512生成 64 字节哈希,使最大 HKDF 输出为 16320 字节)。¥
keylen<number> The length of the key to generate. Must be greater than 0. The maximum allowable value is255times the number of bytes produced by the selected digest function (e.g.sha512generates 64-byte hashes, making the maximum HKDF output 16320 bytes). -
¥Returns: <ArrayBuffer>
提供 RFC 5869 中定义的同步 HKDF 密钥派生函数。给定的 ikm、salt 和 info 与 digest 一起使用以导出 keylen 字节的密钥。
¥Provides a synchronous HKDF key derivation function as defined in RFC 5869. The
given ikm, salt and info are used with the digest to derive a key of
keylen bytes.
成功生成的 derivedKey 将作为 <ArrayBuffer> 返回。
¥The successfully generated derivedKey will be returned as an <ArrayBuffer>.
如果任何输入参数指定无效值或类型,或者无法生成派生密钥,则会抛出错误。
¥An error will be thrown if any of the input arguments specify invalid values or types, or if the derived key cannot be generated.
import { Buffer } from 'node:buffer';
const {
hkdfSync,
} = await import('node:crypto');
const derivedKey = hkdfSync('sha512', 'key', 'salt', 'info', 64);
console.log(Buffer.from(derivedKey).toString('hex')); // '24156e2...5391653'const {
hkdfSync,
} = require('node:crypto');
const { Buffer } = require('node:buffer');
const derivedKey = hkdfSync('sha512', 'key', 'salt', 'info', 64);
console.log(Buffer.from(derivedKey).toString('hex')); // '24156e2...5391653'