Hi Andrey,
On Sun, Apr 30, 2017 at 8:26 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
> On Sun, Apr 30, 2017 at 8:14 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
>
>> I don't need your view of HKDF RFC or usage, but I do need good practical
>> examples that justify your point of view. Please don't waste of your/my
>> time,
>> just give some good examples in next reply. Thanks.
>>
>
> BTW, valid (yet not common/proper) example that I can think of is,
>
> <?php
> $strong_512bit_key = random_bytes(64);
> $strong_256bit_key = hash_hkdf('sha3-512', $strong_512bit_key, 32);
> ?>
>
> while it does not even require HKDF, though.
>
> <?php
> $strong_512bit_key = random_bytes(64);
> $strong_256bit_key = hash('sha3-256', $strong_512bit_key);
> ?>
>
> should be good enough.
>
> Even with "Info", following HMAC is enough.
>
> <?php
> $strong_512bit_key = random_bytes(64);
> $strong_256bit_key = hash_hmac('sha3-256', $strong_512bit_key, $some_info);
> ?>
>
I'm only asking examples for long enough time.
I presume you cannot think of any valid and good example that
justify current hash_hkdf() signature.
Then documentation must stress not to use hash_hkdf() only with
"length" and "length/info".
Regards,
P.S.
Draft doc patch is this. (Not updated yet)
https://gist.github.com/anonymous/ace4fa267f20041676f265fe58c3f1ea
--
Yasuo Ohgaki
yohg...@ohgaki.net
