Crypto.subtle.deriveKey
时间: 2023-11-01 17:11:30 浏览: 115
Crypto.subtle.deriveKey is a method in the Web Cryptography API that is used to derive a new key from a master key using a specified algorithm and derivation parameters.
The method takes in the following arguments:
- algorithm: The algorithm to use for key derivation, such as "PBKDF2" or "HKDF".
- baseKey: The master key to derive the new key from.
- derivedKeyType: The type of key to derive, such as "AES-GCM" or "HMAC".
- extractable (optional): A boolean indicating whether the derived key can be extracted from the CryptoKey object.
- keyUsages (optional): An array of the ways in which the derived key will be used, such as "encrypt" or "sign".
- derivationParameters (optional): An object containing any additional parameters needed for the key derivation algorithm.
The method returns a Promise that resolves with a new CryptoKey object representing the derived key. The derived key can then be used for cryptographic operations according to its specified key usage(s).
Example usage:
```
const baseKey = await crypto.subtle.importKey(
"raw",
new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8]),
{ name: "AES-CBC" },
false,
["encrypt", "decrypt"]
);
const derivedKey = await crypto.subtle.deriveKey(
{
name: "PBKDF2",
salt: new Uint8Array([9, 8, 7, 6, 5, 4, 3, 2, 1, 0]),
iterations: 1000,
hash: "SHA-256",
},
baseKey,
{ name: "AES-GCM", length: 128 },
true,
["encrypt"]
);
// Use derivedKey for encryption
```
阅读全文