Hello, I noticed that the OASIS draft for extending PKCS#11 with SHA-3 also specifies new Mechanisms for SHAKE128/256. They introduce them as Key Derivation functions.
I wonder if this would also be the way to introduce this into JCA, at the moment XOFs have been a non-goal of JEP287, but there is some use for them In modern protocols I would guess. (This request was inspired by a discussion on the bouncycastle crypto-dev mailing list about missing algorithms for it). Gruss Bernd -- http://bernd.eckenfels.net
