dom-examples icon indicating copy to clipboard operation
dom-examples copied to clipboard

Published 20 hours ago verified publisher icon mdn

Why ECDH derived key always starts with 00-byte?

Open determin1st opened this issue 6 years ago • 3 comments

https://github.com/mdn/dom-examples/blob/224c7f14cd824fb589404ed0048e2fd1edd5bddc/web-crypto/derive-key/ecdh.js#L85

when CryptoKey (shared secret) is made and exported, it is 32 byte sequence with first zero-byte? So,

  1. Why zero-byte?
  2. How to get full/longer byte-sequence?

Here is the keys (a is made on server, b in browser): 4

determin1st avatar Oct 26 '19 20:10 determin1st

  1. Oookey, it not always starts with zerobyte... usually first 4 bits are zeroes.
  2. These:
deriveParams: {
	name: 'HMAC'
	hash: 'SHA-512'
	length: 528
}

may be used to export full byte sequence later, but keyUsage parameter in deriveKey may not be empty, so I've used ['sign']...

Also, sometimes derived & exported key is smaller than 528, can be 520. that's strange but maybe i did something wrong again...

determin1st avatar Oct 26 '19 22:10 determin1st

@wbamberg , can you comment on this one? Thanks!

chrisdavidmills avatar Nov 04 '19 13:11 chrisdavidmills

@chrisdavidmills hey,

check this out: http://raw.githack.com/determin1st/httpFetch/master/test-7/index.html

works in firefox, but not in chrome :/

determin1st avatar Feb 03 '20 07:02 determin1st

Due to the age of this issue I'm closing it 👍

Rumyra avatar Nov 16 '23 13:11 Rumyra