From 22112b7b660e90b384eb206a4408eee6308b1ecc Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Mon, 10 May 2021 16:44:08 -0700 Subject: [PATCH] use HkdfExtract from x/crypto This means we don't have to expose it in qtls any more. --- internal/handshake/initial_aead.go | 4 +++- internal/qtls/go115.go | 5 ----- internal/qtls/go116.go | 5 ----- internal/qtls/go117.go | 5 ----- 4 files changed, 3 insertions(+), 16 deletions(-) diff --git a/internal/handshake/initial_aead.go b/internal/handshake/initial_aead.go index 9160f25d1..f272297df 100644 --- a/internal/handshake/initial_aead.go +++ b/internal/handshake/initial_aead.go @@ -4,6 +4,8 @@ import ( "crypto" "crypto/tls" + "golang.org/x/crypto/hkdf" + "github.com/lucas-clemente/quic-go/internal/protocol" "github.com/lucas-clemente/quic-go/internal/qtls" ) @@ -49,7 +51,7 @@ func NewInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective, v p } func computeSecrets(connID protocol.ConnectionID, v protocol.VersionNumber) (clientSecret, serverSecret []byte) { - initialSecret := qtls.HkdfExtract(crypto.SHA256, connID, getSalt(v)) + initialSecret := hkdf.Extract(crypto.SHA256.New, connID, getSalt(v)) clientSecret = hkdfExpandLabel(crypto.SHA256, initialSecret, []byte{}, "client in", crypto.SHA256.Size()) serverSecret = hkdfExpandLabel(crypto.SHA256, initialSecret, []byte{}, "server in", crypto.SHA256.Size()) return diff --git a/internal/qtls/go115.go b/internal/qtls/go115.go index bec5e4ec0..6eedc497d 100644 --- a/internal/qtls/go115.go +++ b/internal/qtls/go115.go @@ -53,11 +53,6 @@ const ( EncryptionApplication = qtls.EncryptionApplication ) -// HkdfExtract generates a pseudorandom key for use with Expand from an input secret and an optional independent salt. -func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte { - return qtls.HkdfExtract(hash, newSecret, currentSecret) -} - // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { return qtls.AEADAESGCMTLS13(key, fixedNonce) diff --git a/internal/qtls/go116.go b/internal/qtls/go116.go index 66564374a..35826df4a 100644 --- a/internal/qtls/go116.go +++ b/internal/qtls/go116.go @@ -53,11 +53,6 @@ const ( EncryptionApplication = qtls.EncryptionApplication ) -// HkdfExtract generates a pseudorandom key for use with Expand from an input secret and an optional independent salt. -func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte { - return qtls.HkdfExtract(hash, newSecret, currentSecret) -} - // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { return qtls.AEADAESGCMTLS13(key, fixedNonce) diff --git a/internal/qtls/go117.go b/internal/qtls/go117.go index ae8d7a3bc..367737cf9 100644 --- a/internal/qtls/go117.go +++ b/internal/qtls/go117.go @@ -62,11 +62,6 @@ func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte { return qtls.HkdfExtract(hash, newSecret, currentSecret) } -// HkdfExpandLabel HKDF expands a label -func HkdfExpandLabel(hash crypto.Hash, secret, hashValue []byte, label string, L int) []byte { - return qtls.HkdfExpandLabel(hash, secret, hashValue, label, L) -} - // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { return qtls.AEADAESGCMTLS13(key, fixedNonce)