Libsodium JS KDF function produces different output

Question

I've tried to use crypto_kdf_derive_from_key function on Android, iOS and JS. On Android and iOS it produces the same output but it doesn't on JS. The context, master key and the size are the same. Any ideas why?

All platforms use the same core function underneath: crypto_kdf_derive_from_key

JS:

generateKey(basedOnKey: string): Uint8Array {
    const masterKey = this.convertHexToBytes(basedOnKey);
    const context = this.textEncoder.encode('AAAAAAAA');
    const newKey = sodium.crypto_kdf_derive_from_key(sodium.crypto_secretbox_KEYBYTES, 0, context, masterKey);

    return newKey;
}

iOS:

public func getNewSecretKey(basedOn key: String) -> Data? {
    let masterKey = key.hexDecodedData().bytes
    let context = "AAAAAAAA"
    let newKey = sodium.keyDerivation.derive(secretKey: masterKey, index: 0, length: 32, context: context)

    return newKey?.data
}

score 1 · Answer 1 · answered Aug 21 '19 at 23:58

1

Do not convert the context. It is assumed to be a string.

answered Aug 21 '19 at 23:58

Frank Denis

1,388
8
11

score 0 · Answer 2 · answered Aug 21 '19 at 20:22

Frank Denis recommended not converting context i.e.:

generateKey(basedOnKey: string): Uint8Array {
    const masterKey = this.convertHexToBytes(basedOnKey);
    const context = 'AAAAAAAA';
    const newKey = sodium.crypto_kdf_derive_from_key(sodium.crypto_secretbox_KEYBYTES, 0, context, masterKey);

    return newKey;
}

Everything is working now!

Libsodium JS KDF function produces different output

2 Answers2