WebCrypto HKDF 会话密钥派生与短期加密实践

概述HKDF 适合从主密钥派生短期会话密钥。本文展示派生与加解密流程。派生与加解密const supportsSubtle = !!(crypto && crypto.subtle);

async function deriveHKDF(secretRaw, salt, info = 'session') {

const enc = new TextEncoder();

const base = await crypto.subtle.importKey('raw', secretRaw, 'HKDF', false, ['deriveKey']);

const key = await crypto.subtle.deriveKey({ name: 'HKDF', hash: 'SHA-256', salt: enc.encode(salt), info: enc.encode(info) }, base, { name: 'AES-GCM', length: 256 }, true, ['encrypt','decrypt']);

return key;

}

async function encrypt(key, bytes) {

const iv = crypto.getRandomValues(new Uint8Array(12));

const buf = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, key, bytes);

return { iv, cipher: new Uint8Array(buf) };

}

async function decrypt(key, iv, cipher) {

const buf = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, key, cipher);

return new Uint8Array(buf);

}