I have a 32-byte cryptographic key generated using .NET's cryptographic random number generator, and I'd like to use it as the key material to generate two other keys per user in my web application.
My plan is to use these two derived keys for AES-256-CBC encryption (the first derived key) and HMAC-SHA256 authentication (the second derived key), respectively. The only information I have for deriving the "primary" key is the user identifier, which is a GUID. In other words, for a given user ID, I want to generate on the fly two derived keys for encryption and authentication purposes.
I believe I can use .NET's HKDF.DeriveKey function (with SHA256) for this, but I'm not sure about the values I should provide for the salt and info parameters. Should I use the plain byte representation of the user's ID as the salt and a byte array representing specific context information ('encryption' or 'authentication') as the info parameter?
Prior to posting this question, I tried to understand the NIST's 800-56C Revision 2 paper but I honestly didn't grasp everything. I also tried to read this other NIST SP 800-108r1-upd1 paper but found it confusing.
I also came across this new API in .NET 8, SP800108HmacCounterKdf.DeriveBytes, which also seems to derive keys using a label and context, which made me even more confused. This new API originated from this GitHub issue.
Finally, I tried to search here, but I still wasn't certain of what values to provide, or even which key derivation function to use for my use case.
