Hi there,
I am currently trying to implement AES-GCM encryption based on ECDH. So far, everything up to and including the generation of the shared secret on both machines (iOS 13 and NodeJS) works fine. However, when it comes to the key derivation, I am stuck:
On the NodeJS side I am currently using the package util-js-hkdf to generate they key from the shared secret and salt as follows:
let salt = crypto.randomBytes(16);
hkdf(secret, 32, {salt: salt, info: undefined, hash: 'SHA-256'});
On the iOS side I am currently using the following code to generate and print the calculated key:
if let slt = Data(base64Encoded: salt) {
let key = (sharedSecret?.hkdfDerivedSymmetricKey(using: SHA256.self, salt: slt, sharedInfo: Data(), outputByteCount: 32))!;
// print calculated key in hex
key.withUnsafeBytes { (bytes: UnsafeRawBufferPointer) -> Void in
var key = Array(repeating: "", count: 32)
for n in 0...31 {
key[n] = String(format: "%02x", bytes[n])
}
print("KEY: \(key.joined())")
};
}
I verified multiple times that the secret is the same on the iOS device and on the NodeJS instance. I verified as well that the salt is correctly transfered from NodeJS to iOS. Furthermore, the util-js-hkdf package ensures that it is fully compliant with test vectors provided in the RFC. However, I do not receive the same keys.
Any ideas or suggestions what to try?
Thanks in advance!