Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update mungekey to use the HMAC-based Key Derivation Function (HKDF) when creating a key. HKDF is based on the extract-then-expand approach. During extraction, entropy_read() (using the kernel's CSPRNG) is used for the input keying material, while entropy_read_uint() (independent of the kernel's CSPRNG) is used for the optional salt value. During expansion, the use, algorithm, and key length are combined for the optional info value in order to bind the derived key material to context-specific information. Reference: - https://tools.ietf.org/html/rfc5869 - https://eprint.iacr.org/2010/264 - http://webee.technion.ac.il/~hugo/kdf/ Signed-off-by: Chris Dunlap <cdunlap@llnl.gov>
- Loading branch information