diff --git a/modules/keying/keying.go b/modules/keying/keying.go
index 0b161b39c5..30c664180c 100644
--- a/modules/keying/keying.go
+++ b/modules/keying/keying.go
@@ -16,12 +16,12 @@
 package keying
 
 import (
+	"crypto/hkdf"
 	"crypto/rand"
 	"crypto/sha256"
 	"encoding/binary"
 
 	"golang.org/x/crypto/chacha20poly1305"
-	"golang.org/x/crypto/hkdf"
 )
 
 var (
@@ -41,7 +41,11 @@ const (
 // Set the main IKM for this module.
 func Init(ikm []byte) {
 	// Salt is intentionally left empty, it's not useful to Forgejo's use case.
-	prk = hkdf.Extract(hash, ikm, nil)
+	var err error
+	prk, err = hkdf.Extract(hash, ikm, nil)
+	if err != nil {
+		panic(err)
+	}
 }
 
 // Specifies the context for which a subkey should be derived for.
@@ -62,11 +66,8 @@ func DeriveKey(context Context) *Key {
 		panic("keying: not initialized")
 	}
 
-	r := hkdf.Expand(hash, prk, []byte(context))
-
-	key := make([]byte, aeadKeySize)
-	// This should never return an error, but if it does, panic.
-	if n, err := r.Read(key); err != nil || n != aeadKeySize {
+	key, err := hkdf.Expand(hash, prk, string(context), aeadKeySize)
+	if err != nil {
 		panic(err)
 	}