From 0f6e140f8bb1d3cd6afbd8f288b01c9e936a0ef4 Mon Sep 17 00:00:00 2001
From: Yawning Angel <yawning@schwanenlied.me>
Date: Fri, 17 Apr 2020 15:27:53 +0000
Subject: [PATCH] go/common/crypto/mrae/deoxysii: Use SHA512/256 for the KDF

Following 73aacaa73d7116a6be0443e70f2d10d0c7a4b76e, this should also use
the correct hash algorithm for the KDF.
---
 go/common/crypto/mrae/deoxysii/asymmetric.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/go/common/crypto/mrae/deoxysii/asymmetric.go b/go/common/crypto/mrae/deoxysii/asymmetric.go
index 6ac3f3bbbe2..f4b23589d68 100644
--- a/go/common/crypto/mrae/deoxysii/asymmetric.go
+++ b/go/common/crypto/mrae/deoxysii/asymmetric.go
@@ -2,7 +2,7 @@
 package deoxysii
 
 import (
-	"crypto/sha256"
+	"crypto/sha512"
 
 	"github.com/oasislabs/deoxysii"
 	"github.com/oasislabs/oasis-core/go/common/crypto/mrae/api"
@@ -18,7 +18,7 @@ var (
 type boxImpl struct{}
 
 func (impl *boxImpl) DeriveSymmetricKey(key []byte, publicKey, privateKey *[32]byte) {
-	api.ECDHAndTweak(key, publicKey, privateKey, sha256.New, boxKDFTweak)
+	api.ECDHAndTweak(key, publicKey, privateKey, sha512.New512_256, boxKDFTweak)
 }
 
 func (impl *boxImpl) Seal(dst, nonce, plaintext, additionalData []byte, peersPublicKey, privateKey *[32]byte) []byte {