fix(identity): correctly follow extract-expand for HKDF

As @mxinden pointed out in https://github.com/libp2p/rust-libp2p/pull/4554#discussion_r1344747938, we were not correctly following the HKDF steps of extract and expand. Pull-Request: #4589.
2025-07-24 13:41:56 +00:00 · 2023-10-09 12:31:10 +11:00
parent ef9c544d4d
commit 77149f08c4
6 changed files with 31 additions and 15 deletions
--- a/identity/src/keypair.rs
+++ b/identity/src/keypair.rs
@@ -358,20 +358,30 @@ impl Keypair {
    /// let new_key = key.derive_secret(b"my encryption key").expect("can derive secret for ed25519");
    /// # }
    /// ```
-    #[allow(unused_variables, unreachable_code)]
+    ///
+    #[cfg(any(
+        feature = "ecdsa",
+        feature = "secp256k1",
+        feature = "ed25519",
+        feature = "rsa"
+    ))]
    pub fn derive_secret(&self, domain: &[u8]) -> Option<[u8; 32]> {
-        #[cfg(any(
-            feature = "ecdsa",
-            feature = "secp256k1",
-            feature = "ed25519",
-            feature = "rsa"
-        ))]
-        return Some(
-            hkdf::Hkdf::<sha2::Sha256>::extract(None, &[domain, &self.secret()?].concat())
-                .0
-                .into(),
-        );
+        let mut okm = [0u8; 32];
+        hkdf::Hkdf::<sha2::Sha256>::new(None, &self.secret()?)
+            .expand(domain, &mut okm)
+            .expect("okm.len() == 32");

+        Some(okm)
+    }
+
+    // We build docs with all features so this doesn't need to have any docs.
+    #[cfg(not(any(
+        feature = "ecdsa",
+        feature = "secp256k1",
+        feature = "ed25519",
+        feature = "rsa"
+    )))]
+    pub fn derive_secret(&self, _: &[u8]) -> Option<[u8; 32]> {
        None
    }