diff --git a/internal/handshake/initial_aead.go b/internal/handshake/initial_aead.go index 9160f25d1..f272297df 100644 --- a/internal/handshake/initial_aead.go +++ b/internal/handshake/initial_aead.go @@ -4,6 +4,8 @@ import ( "crypto" "crypto/tls" + "golang.org/x/crypto/hkdf" + "github.com/lucas-clemente/quic-go/internal/protocol" "github.com/lucas-clemente/quic-go/internal/qtls" ) @@ -49,7 +51,7 @@ func NewInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective, v p } func computeSecrets(connID protocol.ConnectionID, v protocol.VersionNumber) (clientSecret, serverSecret []byte) { - initialSecret := qtls.HkdfExtract(crypto.SHA256, connID, getSalt(v)) + initialSecret := hkdf.Extract(crypto.SHA256.New, connID, getSalt(v)) clientSecret = hkdfExpandLabel(crypto.SHA256, initialSecret, []byte{}, "client in", crypto.SHA256.Size()) serverSecret = hkdfExpandLabel(crypto.SHA256, initialSecret, []byte{}, "server in", crypto.SHA256.Size()) return diff --git a/internal/qtls/go115.go b/internal/qtls/go115.go index bec5e4ec0..6eedc497d 100644 --- a/internal/qtls/go115.go +++ b/internal/qtls/go115.go @@ -53,11 +53,6 @@ const ( EncryptionApplication = qtls.EncryptionApplication ) -// HkdfExtract generates a pseudorandom key for use with Expand from an input secret and an optional independent salt. -func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte { - return qtls.HkdfExtract(hash, newSecret, currentSecret) -} - // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { return qtls.AEADAESGCMTLS13(key, fixedNonce) diff --git a/internal/qtls/go116.go b/internal/qtls/go116.go index 66564374a..35826df4a 100644 --- a/internal/qtls/go116.go +++ b/internal/qtls/go116.go @@ -53,11 +53,6 @@ const ( EncryptionApplication = qtls.EncryptionApplication ) -// HkdfExtract generates a pseudorandom key for use with Expand from an input secret and an optional independent salt. -func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte { - return qtls.HkdfExtract(hash, newSecret, currentSecret) -} - // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { return qtls.AEADAESGCMTLS13(key, fixedNonce) diff --git a/internal/qtls/go117.go b/internal/qtls/go117.go index ae8d7a3bc..367737cf9 100644 --- a/internal/qtls/go117.go +++ b/internal/qtls/go117.go @@ -62,11 +62,6 @@ func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte { return qtls.HkdfExtract(hash, newSecret, currentSecret) } -// HkdfExpandLabel HKDF expands a label -func HkdfExpandLabel(hash crypto.Hash, secret, hashValue []byte, label string, L int) []byte { - return qtls.HkdfExpandLabel(hash, secret, hashValue, label, L) -} - // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { return qtls.AEADAESGCMTLS13(key, fixedNonce)