add a key expansion function

crypto/key.go

@@ -20,6 +20,7 @@ import (
 
 	"github.com/gogo/protobuf/proto"
 	sha256 "github.com/minio/sha256-simd"
+	"golang.org/x/crypto/hkdf"
 )
 
 const (
@@ -174,6 +175,20 @@ func GenerateEKeyPair(curveName string) ([]byte, GenSharedKey, error) {
 	return pubKey, done, nil
 }
 
+// ExpandKey expands the private key k to a key of length l using the info.
+func ExpandKey(k PrivKey, info []byte, l int) ([]byte, error) {
+	raw, err := k.Raw()
+	if err != nil {
+		return nil, err
+	}
+	b := make([]byte, l)
+	r := hkdf.New(sha256.New, raw, nil, info)
+	if _, err := io.ReadFull(r, b); err != nil {
+		return nil, err
+	}
+	return b, nil
+}
+
 // StretchedKeys ...
 type StretchedKeys struct {
 	IV        []byte

crypto/key_test.go

@@ -355,3 +355,17 @@ func TestPanicOnUnknownCipherType(t *testing.T) {
 	passed = true
 	KeyStretcher("Fooba", "SHA1", []byte("foo"))
 }
+
+func TestKeyExpansion(t *testing.T) {
+	priv, _, err := GenerateECDSAKeyPair(rand.Reader)
+	if err != nil {
+		t.Fatalf("err generating key:%v", err)
+	}
+	expanded, err := ExpandKey(priv, []byte("info"), 42)
+	if err != nil {
+		t.Fatalf("error expanding key: %v", err)
+	}
+	if len(expanded) != 42 {
+		t.Fatalf("unexpected expanded key length: %d", len(expanded))
+	}
+}

go.mod

@@ -15,6 +15,7 @@ require (
 	github.com/multiformats/go-multihash v0.0.13
 	github.com/multiformats/go-varint v0.0.5
 	go.opencensus.io v0.22.3
+	golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8
 )
 
 go 1.13