Closed chris-wood closed 4 years ago
Is that not the case? If it is, then you need a PSK for HKDF-SHA384 and HKDF-SHA512
Nope -- the default PSK is zero(Nh)
as that matches the HKDF spec. Any length PSK will do. That said, low entropy PSKs are... not good. There's a PR up against the spec that recommends a minimum length.
Applied in #21.
I inferred from the spec that
psk
is supposed to have lengthNh
. Is that not the case? If it is, then you need a PSK for HKDF-SHA384 and HKDF-SHA512