Accordingly https://tools.ietf.org/html/rfc2104#section-3
the key for HMAC can be of any length (keys longer than B bytes are first hashed using H). However, less than L bytes is strongly discouraged as it would decrease the security strength of the function.
For SHA-256 L = 256, but spec describes signing-key with 128-bit length.
Accordingly https://tools.ietf.org/html/rfc2104#section-3 the key for HMAC can be of any length (keys longer than B bytes are first hashed using H). However, less than L bytes is strongly discouraged as it would decrease the security strength of the function.
For SHA-256 L = 256, but spec describes signing-key with 128-bit length.