From d6ef283c3f076ba45dd873d69e1c7d86ed29b14a Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sat, 27 May 2017 14:41:20 +0200
Subject: cryptocore: improve comments and add tests for hkdfDerive

These should make it easier to re-implement the key derivation
that was enabled with the "HKDF" feature flag.
---
 internal/cryptocore/hkdf.go | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'internal/cryptocore/hkdf.go')

diff --git a/internal/cryptocore/hkdf.go b/internal/cryptocore/hkdf.go
index 6944825..87ca1b9 100644
--- a/internal/cryptocore/hkdf.go
+++ b/internal/cryptocore/hkdf.go
@@ -7,8 +7,16 @@ import (
 	"golang.org/x/crypto/hkdf"
 )
 
+const (
+	// "info" data that HKDF mixes into the generated key to make it unique.
+	// For convenience, we use a readable string.
+	hkdfInfoEMENames   = "EME filename encryption"
+	hkdfInfoGCMContent = "AES-GCM file content encryption"
+	hkdfInfoSIVContent = "AES-SIV file content encryption"
+)
+
 // hkdfDerive derives "outLen" bytes from "masterkey" and "info" using
-// HKDF-SHA256.
+// HKDF-SHA256 (RFC 5869).
 // It returns the derived bytes or panics.
 func hkdfDerive(masterkey []byte, info string, outLen int) (out []byte) {
 	h := hkdf.New(sha256.New, masterkey, nil, []byte(info))
-- 
cgit v1.2.3