crypto/internal/hpke: use crypto/hkdf

The hpke package uses public-facing crypto packages except for hkdf, which uses crypto/internal/hkdf. We already have a public hkdf package, crypto/hkdf, so use it instead for consistency. Change-Id: Icf6afde791234dfe24dbfba715c0891f32005ca2 Reviewed-on: https://go-review.googlesource.com/c/go/+/657556 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: David Chase <drchase@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2025-03-17 11:43:32 +01:00 · 2025-03-17 11:43:32 +01:00 · 44d1d2e5ad
parent 7a8ce5e3de
commit 44d1d2e5ad
1 changed files with 11 additions and 3 deletions
--- a/src/crypto/internal/hpke/hpke.go
+++ b/src/crypto/internal/hpke/hpke.go
@ -9,7 +9,7 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/ecdh"
-	"crypto/internal/fips140/hkdf"
+	"crypto/hkdf"
 	"crypto/rand"
 	"errors"
 	"internal/byteorder"
@ -32,7 +32,11 @@ func (kdf *hkdfKDF) LabeledExtract(sid []byte, salt []byte, label string, inputK
 	labeledIKM = append(labeledIKM, sid...)
 	labeledIKM = append(labeledIKM, label...)
 	labeledIKM = append(labeledIKM, inputKey...)
-	return hkdf.Extract(kdf.hash.New, labeledIKM, salt)
+	prk, err := hkdf.Extract(kdf.hash.New, labeledIKM, salt)
+	if err != nil {
+		panic(err)
+	}
+	return prk
 }

 func (kdf *hkdfKDF) LabeledExpand(suiteID []byte, randomKey []byte, label string, info []byte, length uint16) []byte {
@ -42,7 +46,11 @@ func (kdf *hkdfKDF) LabeledExpand(suiteID []byte, randomKey []byte, label string
 	labeledInfo = append(labeledInfo, suiteID...)
 	labeledInfo = append(labeledInfo, label...)
 	labeledInfo = append(labeledInfo, info...)
-	return hkdf.Expand(kdf.hash.New, randomKey, string(labeledInfo), int(length))
+	key, err := hkdf.Expand(kdf.hash.New, randomKey, string(labeledInfo), int(length))
+	if err != nil {
+		panic(err)
+	}
+	return key
 }

 // dhKEM implements the KEM specified in RFC 9180, Section 4.1.