twofactor/vendor/github.com/sec51/cryptoengine/hkdf.go
silenteh 72a472700b Addressed issue #1 - Byte order was the problem
The counter needs to be represented in bigendian format.
Unfortunately with commit #00045cb I made the unfortunate choice to swap the endiannes from big-endian to little-endian.
This broke the functionality for certain counters.

- [x] Added Go vendoring
- [x] Bumped version of golang in travis yml file
- [x] Removed conversion files and instead used import of convert sec51 external library
2016-04-24 22:24:31 +02:00

34 lines
877 B
Go

package cryptoengine
import (
"crypto/sha256"
"errors"
"golang.org/x/crypto/hkdf"
"io"
)
// IMPORTANT !!!
// If someone changes the hash function, then the salt needs to have the exactly same lenght!
// So be careful when touching this.
func deriveNonce(masterKey [keySize]byte, salt [keySize]byte, context string, counterValue string) ([nonceSize]byte, error) {
var data24 [nonceSize]byte
// Underlying hash function to use
hash := sha256.New
// Create the key derivation function
hkdf := hkdf.New(hash, masterKey[:], salt[:], []byte(context+counterValue))
// Generate the required keys
key := make([]byte, nonceSize)
n, err := io.ReadFull(hkdf, key)
if n != len(key) || err != nil {
return data24, err
}
total := copy(data24[:], key[:nonceSize])
if total != nonceSize {
return data24, errors.New("Could not derive a nonce.")
}
return data24, nil
}