Module: AtprotoAuth::Encryption::HKDF

Defined in:
lib/atproto_auth/encryption.rb

Overview

HKDF implementation based on RFC 5869

Class Method Summary collapse

Class Method Details

.derive(secret, salt:, info:, length:) ⇒ Object 



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/atproto_auth/encryption.rb', line 13

def self.derive(secret, salt:, info:, length:)
  # 1. extract
  prk = OpenSSL::HMAC.digest(
    OpenSSL::Digest.new("SHA256"),
    salt.empty? ? "\x00" * 32 : salt,
    secret.to_s
  )

  # 2. expand
  n = (length.to_f / 32).ceil
  t = [""]
  output = ""
  1.upto(n) do |i|
    t[i] = OpenSSL::HMAC.digest(
      OpenSSL::Digest.new("SHA256"),
      prk,
      t[i - 1] + info + [i].pack("C")
    )
    output += t[i]
  end
  output[0, length]
end