From 36ee8ffcc7d8afecff39fb78031a7d5fd3796c97 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin@nitrokey.com>
Date: Thu, 1 Dec 2022 10:44:54 +0100
Subject: [PATCH] Relax key kind check in derive_key for hmacsha256

In #38 [0], we restricted the operations for the hmacsha256 mechanism
to symmetric and shared keys.  This breaks fido-authenticator because it
uses hmacsha256 derive_key on EC keys [1].  This patch relaxes the
restrictions to allow all key kinds.

[0] https://github.com/trussed-dev/trussed/pull/38
[1] https://github.com/solokeys/fido-authenticator/issues/21
---
 src/mechanisms/hmacsha256.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/mechanisms/hmacsha256.rs b/src/mechanisms/hmacsha256.rs
index 2f2cbce2a2b..24ee704aadc 100644
--- a/src/mechanisms/hmacsha256.rs
+++ b/src/mechanisms/hmacsha256.rs
@@ -16,7 +16,9 @@ impl DeriveKey for super::HmacSha256 {
         let key_id = request.base_key;
         let key = keystore.load_key(key::Secrecy::Secret, None, &key_id)?;
         if !matches!(key.kind, key::Kind::Symmetric(..) | key::Kind::Shared(..)) {
-            return Err(Error::WrongKeyKind);
+            // We have to disable this check for compatibility with fido-authenticator, see:
+            // https://github.com/solokeys/fido-authenticator/issues/21
+            warn!("derive_key for hmacsha256 called with invalid key kind ({:?})", key.kind);
         }
         let shared_secret = key.material;