Worth noting that calling hkdf.Read multiple times is much more slower than doing so with x/sys/hkdf because CNG doesn't properly support partial incremental reads. Instead, we have to derive the whole key on every hkdf.Read call and just return the last unread section. Luckily, deriving many keys from the same hkdf instance is very uncommon, so I don't expect it to be a real problem.
This PR adds support for HKDF, which will be used to replace https://pkg.go.dev/golang.org/x/crypto/hkdf.
Worth noting that calling
hkdf.Readmultiple times is much more slower than doing so withx/sys/hkdfbecause CNG doesn't properly support partial incremental reads. Instead, we have to derive the whole key on everyhkdf.Readcall and just return the last unread section. Luckily, deriving many keys from the same hkdf instance is very uncommon, so I don't expect it to be a real problem.