Minishlink\WebPush\Encryption::hkdf PHP Method

Encryption Class Documentation Exibir arquivo Open project: minishlink/web-push

hkdf() private static method

This is used to derive a secure encryption key from a mostly-secure shared secret. This is a partial implementation of HKDF tailored to our specific purposes. In particular, for us the value of N will always be 1, and thus T always equals HMAC-Hash(PRK, info | 0x01). See {@link https://www.rfc-editor.org/rfc/rfc5869.txt} From {@link https://github.com/GoogleChrome/push-encryption-node/blob/master/src/encrypt.js}

private static hkdf ( $salt, $ikm, $info, $length ) : string
$salt		string A non-secret random value
$ikm		string Input keying material
$info		string Application-specific context
$length		int The length (in bytes) of the required output key
return	string

    private static function hkdf($salt, $ikm, $info, $length)
    {
        // extract
        $prk = hash_hmac('sha256', $ikm, $salt, true);
        // expand
        return substr(hash_hmac('sha256', $info . chr(1), $prk, true), 0, $length);
    }

Encryption

createContext

createInfo

encrypt

hkdf

padPayload