p2p/discover: remove use of shared hash instance for key derivation (#21673)
For some reason, using the shared hash causes a cryptographic incompatibility when using Go 1.15. I noticed this during the development of Discovery v5.1 when I added test vector verification. The go library commit that broke this is golang/go@97240d5, but the way we used HKDF is slightly dodgy anyway and it's not a regression.
This commit is contained in:
parent
6d29e192e9
commit
5e86e4ed29
@ -383,7 +383,7 @@ func (c *wireCodec) deriveKeys(n1, n2 enode.ID, priv *ecdsa.PrivateKey, pub *ecd
|
|||||||
info := []byte("discovery v5 key agreement")
|
info := []byte("discovery v5 key agreement")
|
||||||
info = append(info, n1[:]...)
|
info = append(info, n1[:]...)
|
||||||
info = append(info, n2[:]...)
|
info = append(info, n2[:]...)
|
||||||
kdf := hkdf.New(c.sha256reset, eph, challenge.IDNonce[:], info)
|
kdf := hkdf.New(sha256.New, eph, challenge.IDNonce[:], info)
|
||||||
sec := handshakeSecrets{
|
sec := handshakeSecrets{
|
||||||
writeKey: make([]byte, aesKeySize),
|
writeKey: make([]byte, aesKeySize),
|
||||||
readKey: make([]byte, aesKeySize),
|
readKey: make([]byte, aesKeySize),
|
||||||
|
Loading…
Reference in New Issue
Block a user