From 5e86e4ed291ef0133670f0974b5511618e43e297 Mon Sep 17 00:00:00 2001
From: Felix Lange <fjl@twurst.com>
Date: Thu, 8 Oct 2020 11:19:54 +0200
Subject: [PATCH] p2p/discover: remove use of shared hash instance for key
 derivation (#21673)

For some reason, using the shared hash causes a cryptographic incompatibility
when using Go 1.15. I noticed this during the development of Discovery v5.1
when I added test vector verification.

The go library commit that broke this is golang/go@97240d5, but the
way we used HKDF is slightly dodgy anyway and it's not a regression.
---
 p2p/discover/v5_encoding.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/p2p/discover/v5_encoding.go b/p2p/discover/v5_encoding.go
index 842234e79..c1a790dd2 100644
--- a/p2p/discover/v5_encoding.go
+++ b/p2p/discover/v5_encoding.go
@@ -383,7 +383,7 @@ func (c *wireCodec) deriveKeys(n1, n2 enode.ID, priv *ecdsa.PrivateKey, pub *ecd
 	info := []byte("discovery v5 key agreement")
 	info = append(info, n1[:]...)
 	info = append(info, n2[:]...)
-	kdf := hkdf.New(c.sha256reset, eph, challenge.IDNonce[:], info)
+	kdf := hkdf.New(sha256.New, eph, challenge.IDNonce[:], info)
 	sec := handshakeSecrets{
 		writeKey:    make([]byte, aesKeySize),
 		readKey:     make([]byte, aesKeySize),
-- 
GitLab