This specification creates a situation that indirectly violates RFC5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF) Section 2.3.
In Sender Key Derivation, the KeyRatchet is created based on a 16byte value, but when advancing the generation, a 32byte output is required to calculate the next internal state of the KeyRatchet. This violates the PRK requirements of RFC5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF) Section 2.3.
PRK a pseudorandom key of at least HashLen octets
It's probably not a problem security-wise in this case, but some libraries check for this requirement and it's a pure inconvenience.
This specification creates a situation that indirectly violates RFC5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF) Section 2.3.
In Sender Key Derivation, the KeyRatchet is created based on a 16byte value, but when advancing the generation, a 32byte output is required to calculate the next internal state of the KeyRatchet. This violates the PRK requirements of RFC5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF) Section 2.3.
It's probably not a problem security-wise in this case, but some libraries check for this requirement and it's a pure inconvenience.