Re: Using CONCAT and ECDH

On Wed, Oct 8, 2014 at 10:36 AM, Ryan Sleevi <sleevi@google.com> wrote:

>
> On Oct 8, 2014 10:22 AM, "Anders Rundgren" <anders.rundgren.net@gmail.com>
> wrote:
> >
> > Dear List;
> > I'm not particularly up-to-speed on the WebCrypto API but I at least got
> this working fairly quickly:
> >
> > // Generate ephemeral ECDH key-pair
> > var gen_alg = {name: 'ECDH', namedCurve:
> selected_card.bank_encryption_key.crv};
> > crypto.subtle.generateKey(gen_alg, false, ['deriveKey']).then
> (function(key_pair) {
> >
> > // Import static ECDH key
> > crypto.subtle.importKey('jwk', selected_card.bank_encryption_key, {name:
> 'ECDH'}, false, ['deriveKey']).then (function(public_key) {
> >
> > // Derive key using ECDH
> > var derive_alg = {name: 'ECDH', public: public_key};
> > crypto.subtle.deriveKey(derive_alg, key_pair.privateKey, {name:
> 'AES-CBC', length: 256}, false, ['encrypt']).then (function(aes_key) {
> >
> > // Encrypt using derived key
> > var encryption_algorithm = { name: 'AES-CBC',  iv:
> window.crypto.getRandomValues(new Uint8Array(16))};
> > crypto.subtle.encrypt(encryption_algorithm, aes_key,
> signed_auth_data).then (function(encrypted_auth_data) {
> >
> > Naturally I wanted to use a KDF as well but then it got a bit less
> obvious how to do.
> > There is no support for deriveKey and CONCAT?
> >
> > So the proper solution is to deriveBits() and then import() the raw
> secret for usage with symmetric encryption algorithms?
> >
> > Pardon me if I'm totally off, WebCrypto is quite different to JCA/JCE
> which is my primary tool...
> >
> > Cheers
> > Anders
> >
> >
>
> "Derive bits" is the description of the internal algorithm used to support
> both the deriveKey and deriveBits API surface.
>
> So you can use deriveKey
>
However, Anders is correct that there's no support for Concat right now
(AFAIK).  You should be able to polyfill with digest, though, if you really
need it.  You'll just have to export the secret from ECDH (or just use
deriveBits).

--Richard