summaryrefslogtreecommitdiff
path: root/internal/cryptocore/hkdf.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/cryptocore/hkdf.go')
-rw-r--r--internal/cryptocore/hkdf.go21
1 files changed, 21 insertions, 0 deletions
diff --git a/internal/cryptocore/hkdf.go b/internal/cryptocore/hkdf.go
new file mode 100644
index 0000000..6944825
--- /dev/null
+++ b/internal/cryptocore/hkdf.go
@@ -0,0 +1,21 @@
+package cryptocore
+
+import (
+ "crypto/sha256"
+ "log"
+
+ "golang.org/x/crypto/hkdf"
+)
+
+// hkdfDerive derives "outLen" bytes from "masterkey" and "info" using
+// HKDF-SHA256.
+// It returns the derived bytes or panics.
+func hkdfDerive(masterkey []byte, info string, outLen int) (out []byte) {
+ h := hkdf.New(sha256.New, masterkey, nil, []byte(info))
+ out = make([]byte, outLen)
+ n, err := h.Read(out)
+ if n != outLen || err != nil {
+ log.Panicf("hkdfDerive: hkdf read failed, got %d bytes, error: %v", n, err)
+ }
+ return out
+}