Function ring::hmac::recommended_key_len

pub fn recommended_key_len(digest_alg: &Algorithm) -> usize

Returns the recommended key length for HMAC using the given digest algorithm.

The value returned is the chaining length of the digest function, digest_alg.chaining_len. This is 32 bytes (256 bits) for SHA-256, and 64 bytes (512 bits) for SHA-384 and SHA-512.

This recommendation is based on NIST SP 800-107, Section 5.3.4: Security Effect of the HMAC Key. The chaining length of the digest algorithm, instead of its block length, is used to be consistent with the key lengths chosen for TLS for SHA-256 (see RFC 5246, Appendix C) and most other protocols.