1# 使用SCRYPT进行密钥派生 2 3对应的算法规格请查看[密钥派生算法规格:SCRYPT](crypto-key-derivation-overview.md#scrypt算法)。 4 5## 开发步骤 6 71. 构造[ScryptSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#scryptspec18)对象,作为密钥派生参数进行密钥派生。 8 9 SCRYPTSpec是[KdfSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#kdfspec11)的子类,需要指定: 10 11 - algName:指定算法名为'SCRYPT'。 12 - passphrase:用于生成派生密钥的原始密码。 13 如果使用string类型,需要直接传入用于密钥派生的数据,而不是HexString、base64等字符串类型。同时需要确保该字符串为utf-8编码,否则派生结果会有差异。 14 - salt:盐值。 15 - n:迭代次数,需要为正整数。 16 - p:并行化参数,需要为正整数。 17 - r:块大小参数,需要为正整数。 18 - maxMemory:最大内存限制参数,需要为正整数。 19 - keySize:目标密钥的字节长度,需要为正整数。 20 212. 调用[cryptoFramework.createKdf](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatekdf11),指定字符串参数'SCRYPT',创建密钥派生算法为SCRYPT的密钥派生函数对象(Kdf)。 22 233. 输入SCRYPT对象,调用[Kdf.generateSecret](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatesecret-2)进行密钥派生。 24 25 Kdf.generateSecret的多种调用形式如表所示。 26 27 | 接口名 | 返回方式 | 28 | -------- | -------- | 29 | generateSecret(params: KdfSpec, callback: AsyncCallback<DataBlob>): void | callback异步生成 | 30 | generateSecret(params: KdfSpec): Promise<DataBlob> | Promise异步生成 | 31 | generateSecretSync(params: KdfSpec): DataBlob | 同步生成 | 32 33- 通过await返回结果: 34 35 ```ts 36 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 37 import { BusinessError } from '@kit.BasicServicesKit'; 38 39 async function ScryptAwait() { 40 try { 41 let spec: cryptoFramework.ScryptSpec = { 42 algName: 'SCRYPT', 43 salt: new Uint8Array(16), 44 passphrase: "password", 45 n:1024, 46 p:16, 47 r:8, 48 maxMemory:1024 * 16 * 8 * 10, //n * p * r * 10 49 keySize: 64 50 }; 51 let kdf = cryptoFramework.createKdf('SCRYPT'); 52 let secret = await kdf.generateSecret(spec); 53 console.info("key derivation output is " + secret.data); 54 } catch(error) { 55 let e: BusinessError = error as BusinessError; 56 console.error('key derivation failed, errCode: ' + e.code + ', errMsg: ' + e.message); 57 } 58 } 59 ``` 60 61- 通过Promise返回结果: 62 63 ```ts 64 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 65 import { BusinessError } from '@kit.BasicServicesKit'; 66 67 function ScryptPromise() { 68 let spec: cryptoFramework.ScryptSpec = { 69 algName: 'SCRYPT', 70 passphrase: '123456', 71 salt: new Uint8Array(16), 72 n:1024, 73 p:16, 74 r:8, 75 maxMemory:1024 * 16 * 8 * 10, //n * p * r * 10 76 keySize: 64 77 }; 78 let kdf = cryptoFramework.createKdf('SCRYPT'); 79 let kdfPromise = kdf.generateSecret(spec); 80 kdfPromise.then((secret) => { 81 console.info("key derivation output is " + secret.data); 82 }).catch((error: BusinessError) => { 83 console.error("key derivation error."); 84 }); 85 } 86 ``` 87 88- 通过同步方式返回结果: 89 90 ```ts 91 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 92 import { BusinessError } from '@kit.BasicServicesKit'; 93 94 function kdfSync() { 95 try { 96 let spec: cryptoFramework.ScryptSpec = { 97 algName: 'SCRYPT', 98 passphrase: '123456', 99 salt: new Uint8Array(16), 100 n:1024, 101 p:16, 102 r:8, 103 maxMemory:1024 * 16 * 8 * 10, //n * p * r * 10 104 keySize: 64 105 }; 106 let kdf = cryptoFramework.createKdf('SCRYPT'); 107 let secret = kdf.generateSecretSync(spec); 108 console.info("[Sync]key derivation output is " + secret.data); 109 } catch(error) { 110 let e: BusinessError = error as BusinessError; 111 console.error('key derivation failed, errCode: ' + e.code + ', errMsg: ' + e.message); 112 } 113 } 114 ``` 115