philwhln
commented
8 years ago This seems pretty important to the validity of this spec
Open gleb-chipiga opened 9 years ago
philwhln
commented
8 years ago This seems pretty important to the validity of this spec
philwhln
commented
8 years ago @kr @tmaher Is this project still being maintained?
Darkheir
commented
6 years ago Is there any plans on changing this ? This is for me quite a big issue...
Accordingly https://tools.ietf.org/html/rfc2104#section-3 the key for HMAC can be of any length (keys longer than B bytes are first hashed using H). However, less than L bytes is strongly discouraged as it would decrease the security strength of the function.
For SHA-256 L = 256, but spec describes signing-key with 128-bit length.