PSA_ALG_HKDF: add salt processing warning
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
parent
f0f0bd068b
commit
73f97d4841
1 changed files with 6 additions and 0 deletions
|
@ -1737,6 +1737,12 @@
|
|||
* You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before
|
||||
* starting to generate output.
|
||||
*
|
||||
* \warning HKDF processes the salt as follows: first hash it with hash_alg
|
||||
* if the salt is longer than the block size of the hash algorithm; then
|
||||
* pad with null bytes up to the block size. As a result, it is possible
|
||||
* for distinct salt inputs to result in the same outputs. To ensure
|
||||
* unique outputs, it is recommended to use a fixed length for salt values.
|
||||
*
|
||||
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
|
||||
* #PSA_ALG_IS_HASH(\p hash_alg) is true).
|
||||
*
|
||||
|
|
Loading…
Reference in a new issue