Hi all,
hash_hkdf() does not have sane/optimal/consistent signature, but this is
what we've decided by RFC vote. We should have good manual
page for users to avoid vulnerable usage at least.
Current hash_hkdf() manual page.
http://php.net/hash_hkdf
This is final proposal patch for hash_hkdf.xml.
https://gist.github.com/yohgaki/e518898ffda2fe37ab911d7a7fcb1a9f
I've put most aspects discussed in the RFC 5869. If you find anything
that violates RFC 5869 recommendation/suggestion (and/or HMAC
recommendation/suggestion), please let me know.
https://tools.ietf.org/html/rfc5869
Please note that previous discussion for this revealed that there is no
valid example usage that justifies current signature. i.e. Specifying
$length/$info parameter(s) only cannot be common/optimal/recommended
usage. If any example, I'll add it to the manual.
Corrections/improvements are appreciated.
Regards,
--
Yasuo Ohgaki
yohgaki@ohgaki.net