Generating Cryptographic Keys

This optional interface is applicable only for the SMB 3.x dialect family.

When cryptographic keys are to be generated by processing as specified in sections and, the Key Derivation specification in [SP800-108] is used with the following inputs:

  • The key to be used for key derivation.

  • The string to be used as label.

  • The length of the label string.

  • The string to be used as the context.

  • The length of the context string.

The cryptographic keys MUST be generated using the KDF algorithm in Counter Mode, as specified in [SP800-108] section 5.1, with 'r' value of 32 and 'L' value of 128 and by providing the inputs mentioned above. The PRF used in the key derivation MUST be HMAC-SHA256.