Hi all, hash_hkdf() does not have sane/optimal/consistent signature, but this is what we've decided by RFC vote. We should have good manual page for users to avoid vulnerable usage at least.
Current hash_hkdf() manual page. http://php.net/hash_hkdf This is final proposal patch for hash_hkdf.xml. https://gist.github.com/yohgaki/e518898ffda2fe37ab911d7a7fcb1a9f I've put most aspects discussed in the RFC 5869. If you find anything that violates RFC 5869 recommendation/suggestion (and/or HMAC recommendation/suggestion), please let me know. https://tools.ietf.org/html/rfc5869 Please note that previous discussion for this revealed that there is no valid example usage that justifies current signature. i.e. Specifying $length/$info parameter(s) only cannot be common/optimal/recommended usage. If any example, I'll add it to the manual. Corrections/improvements are appreciated. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net
