PSA_ALG_HKDF: add salt processing warning

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2022-06-03 09:05:08 +02:00
parent f0f0bd068b
commit 73f97d4841

View file

@ -1737,6 +1737,12 @@
* You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before * You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before
* starting to generate output. * starting to generate output.
* *
* \warning HKDF processes the salt as follows: first hash it with hash_alg
* if the salt is longer than the block size of the hash algorithm; then
* pad with null bytes up to the block size. As a result, it is possible
* for distinct salt inputs to result in the same outputs. To ensure
* unique outputs, it is recommended to use a fixed length for salt values.
*
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_HASH(\p hash_alg) is true). * #PSA_ALG_IS_HASH(\p hash_alg) is true).
* *