Variable hkdf`Const`

hkdf: (
    hash: TArg<CHash>,
    ikm: TArg<Uint8Array>,
    salt: TArg<Uint8Array | undefined>,
    info: TArg<Uint8Array | undefined>,
    length: number,
) => TRet<Uint8Array>

HKDF (RFC 5869): derive keys from an initial input. Combines hkdf_extract + hkdf_expand in one step

Type Declaration

- (
      hash: TArg<CHash>,
      ikm: TArg<Uint8Array>,
      salt: TArg<Uint8Array | undefined>,
      info: TArg<Uint8Array | undefined>,
      length: number,
  ): TRet<Uint8Array>
- Parameters
  - hash: TArg<CHash>
    hash function that would be used (e.g. sha256)
  - ikm: TArg<Uint8Array>
    input keying material, the initial key
  - salt: TArg<Uint8Array | undefined>
    optional salt value (a non-secret random value)
  - info: TArg<Uint8Array | undefined>
    optional context and application specific information bytes
  - length: number
    length of output keying material in bytes. RFC 5869 §2.3 allows 0..255*HashLen, so 0 returns an empty OKM.
  Returns TRet<Uint8Array>
  Output keying material derived from the input key.

Throws

If the requested output length exceeds the HKDF limit for the selected hash. Error

Example

HKDF (RFC 5869): derive keys from an initial input.

import { hkdf } from '@noble/hashes/hkdf.js';
import { sha256 } from '@noble/hashes/sha2.js';
import { randomBytes, utf8ToBytes } from '@noble/hashes/utils.js';
const inputKey = randomBytes(32);
const salt = randomBytes(32);
const info = utf8ToBytes('application-key');
const okm = hkdf(sha256, inputKey, salt, info, 32);

Variable hkdfConst

Type Declaration

Parameters

Returns TRet<Uint8Array>

Throws

Example

Settings

Variable hkdf`Const`