Niels Möller <[email protected]> writes: > I'm leaning towards deleting this support (leaving extra hashing to > applications that need it) for Nettle-4.0, to keep things simple. It can > be added back later if there are compelling use cases.
One case are the hkdf test vectors in RFC 5869, where the salt argument to HKFD-Extract is used as the hmac key, and some test vectors use an 80-byte salt, for sha256 and sha1. And also HKDF-Expand allows large prk input, even if typically it is the size of a digest. Not clear to me if those test vectors represent a typical or reasonable use of hkdf? But then Nettle's hkdf_extract and hkdf_expand functions don't quite match the RFC, in that they take an already initialized mac context as argument, leaving the actual hmac_*_set_key call to the application. /Niels -- Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list -- [email protected] To unsubscribe send an email to [email protected]
