HkdfParams

Draft
This page is not complete.

Secure context
This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

This dictionary represents the object that should be passed as the algorithm parameter into SubtleCrypto.deriveKey(), when using the HKDF algorithm.

Properties

name
DOMString. This should be set to "HKDF".
hash

DOMString. The digest algorithm to use. This may be any of:

  • "SHA-1"
  • "SHA-256"
  • "SHA-384"
  • "SHA-512"
salt
BufferSource. The HKDF specification states that adding salt "adds significantly to the strength of HKDF". Ideally, the salt is a random or pseudorandom value the same length as the output of the digest function. Unlike the input key material passed into deriveKey(), salt does not need to be kept secret.
info
BufferSource. This property is required but may be an empty buffer. If present it represents application-specific context information. This is used to bind the derived key to an application or context, and enables you to derive different keys for different contexts while using the same input key material. It's important that this should be independent of the input key material itself.

Examples

Specifications

Specification Status Comment
Web Cryptography API
The definition of 'SubtleCrypto.HkdfParams' in that specification.
Recommendation  

Browser compatibility

No compatibility data found. Please contribute data for "api.SubtleCrypto.encrypt.algorithm-hkdf" (depth: 1) to the MDN compatibility data repository.

See also

Document Tags and Contributors

Contributors to this page: wbamberg
Last updated by: wbamberg,