Hi all, Since hash_hkdf() is in PHP 7.1.2, I restarted vote. I posted previous announce in discussion thread by mistake.
https://wiki.php.net/rfc/improve_hash_hkdf_parameter Vote start: 2017-03-26 Vote end: 2017-04-07 UTC 23:59:59 Current hash_hkdf() function signature does not make sense. - HKDF is KEY derivation function, yet derivation KEY is the last option. - hash_hkdf() is simple hash_hmac() extension, yet it has totally different signature. - Return value is binary unlike other hash functions. - The signature is INSECURE. Current signature is overly optimized very limited crypto operation and cannot be optimal by above reasons. Fortunately, almost all users are not using current hash_hkdf(). It's only in 7.1.2/7.1.3 now. We should avoid yet another new inconsistent and insecure function. It would be better to be fixed ASAP, IMHO. I suggest you to disclose the reason why against this change. Otherwise, you may be considered you don't understand crypto basic. i.e. HKDF(IKM) security depends on PRK being secure. To make PRK secure or more secure, "salt" parameter is required. "length" is irrelevant for security. Thank you for voting. -- Yasuo Ohgaki yohg...@ohgaki.net
