Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:98285
Return-Path: <yohgaki@ohgaki.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 50104 invoked from network); 11 Feb 2017 22:58:35 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 11 Feb 2017 22:58:35 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@ohgaki.net; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@ohgaki.net; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain ohgaki.net designates 180.42.98.130 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@ohgaki.net
X-Host-Fingerprint: 180.42.98.130 ns1.es-i.jp  
Received: from [180.42.98.130] ([180.42.98.130:50594] helo=es-i.jp)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id F6/22-29023-8179F985 for <internals@lists.php.net>; Sat, 11 Feb 2017 17:58:34 -0500
Received: (qmail 120315 invoked by uid 89); 11 Feb 2017 22:58:28 -0000
Received: from unknown (HELO mail-qk0-f180.google.com) (yohgaki@ohgaki.net@209.85.220.180)
  by 0 with ESMTPA; 11 Feb 2017 22:58:28 -0000
Received: by mail-qk0-f180.google.com with SMTP id u25so68831080qki.2
        for <internals@lists.php.net>; Sat, 11 Feb 2017 14:58:27 -0800 (PST)
X-Gm-Message-State: AMke39kozDAdOu56ygsvu2tIB6Q+lKRoDF8UPYwm1id1YN+Qoo7j1Af+Wu8ke5Oh5HVu6GwrdNBqJ8FenDF1Hw==
X-Received: by 10.55.19.231 with SMTP id 100mr443866qkt.73.1486853901039; Sat,
 11 Feb 2017 14:58:21 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.19.232 with HTTP; Sat, 11 Feb 2017 14:57:40 -0800 (PST)
In-Reply-To: <CAPhkiZyeYiZ4r5Rt679Q7VOeNFYteAQRR9U7D_Oo=O7Xwv4oGw@mail.gmail.com>
References: <CAGa2bXZWKqJpvWma1zdY8j+yFg-pMXBZZHpUHb=KhJQucCf+9Q@mail.gmail.com>
 <CAKws9z31kvAs16kU1QBfdTP+G0d21PYcRaCw2-8rdsZpsRxkFg@mail.gmail.com>
 <CAPhkiZzO_B5OZExTYGpwk1oBEb=J4Mvw3DYJznU3+etwSuxqsw@mail.gmail.com>
 <CAKws9z3oOuPjLutsYNfOVToMMZTfKK_o5FEpVLr6PNKyQ3YXBg@mail.gmail.com>
 <CAGa2bXa-cxxOqB__E17QTA4czp-PsaqT5DaWBm=F_+=x=QLzCw@mail.gmail.com> <CAPhkiZyeYiZ4r5Rt679Q7VOeNFYteAQRR9U7D_Oo=O7Xwv4oGw@mail.gmail.com>
Date: Sun, 12 Feb 2017 07:57:40 +0900
X-Gmail-Original-Message-ID: <CAGa2bXa6LGtfOJBQ2VaDX=qhGw4aam+6vR94=xc1th38yQcV2g@mail.gmail.com>
Message-ID: <CAGa2bXa6LGtfOJBQ2VaDX=qhGw4aam+6vR94=xc1th38yQcV2g@mail.gmail.com>
To: Andrey Andreev <narf@devilix.net>
Cc: Scott Arciszewski <scott@paragonie.com>, 
	"internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a113ff5929ae2d30548492649
Subject: Re: [PHP-DEV] hash_hkdf() signature
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--001a113ff5929ae2d30548492649
Content-Type: text/plain; charset=UTF-8

Hi Andrey,

On Thu, Feb 9, 2017 at 7:59 PM, Andrey Andreev <narf@devilix.net> wrote:

>
>> I suppose most developers will use 'length' for shorter length.
>> i.e. Weaker output keys. If it's not too short, shorter key length works.
>>
>>
> Shows that you shouldn't be trusted with anything related to cryptography
> either.
> I may be no cryptographer myself, but one thing I know for sure is that
> shorter than required key lengths are *never* ok, and most encryption
> algorithms have a *fixed* key length.
>
> Also, this is the last time I reply to you on this topic. You're just
> impossible to reason with.
>

I think I finally understand what you don't understand.
Please read "Current Status" section of the draft PHP RFC.
https://wiki.php.net/rfc/improve_hash_hkdf_parameter#current_status

hash_hkdf() is simple hash_hmac() extension, why should not hash_hkdf() have
compatible signature with hash_hmac()? Aside from it, $salt is "key" in
many cases.
There is no reason "key" to be the last optional parameter.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--001a113ff5929ae2d30548492649--