Specs

derive(binary(), salt(), list()) :: {:ok, binary()} | {:error, binary()}

Derives a key using HKDF and HMAC256.

Takes a secret (say a user's password) and a salt which must be at least 32 bytes long. The salt does not necessarily need to be secret for the derived key to be secure but even greater security is realised if it is so. See RFC5869, Section 3.1.

Options

• :info additional info string for optional application specific context
• :length the length of the key required (defaults to 32 and must be less than 256)