Talk:HKDF

Untitled
The python example doesn't take into account some limitations over variables imposed by the RFC, such as, and both   and   mustn't be empty. — Preceding unsigned comment added by Hackancuba (talk • contribs) 8 March 2017 (UTC)

The wikipedia page does not explain how HKDF works, or the steps performed within the algorithm. HappyDragon* (talk) 04:03, 18 August 2017 (UTC)

The python example also incorrectly concatenates the byte-value of "i" -- in my testing, it added the bytes for "[1]" (the ascii for the brackets plus the number in between). This should probably just be "t + info + chr(1+i)", also with bounds checking on lengths > 255 * hashlen as suggested above. (though the error resulting when it tries to generate chr(256) will provide bounds checking too. :) )) Dschuetz (talk) 18:23, 5 September 2018 (UTC)


 * I don't like having code example without explaining HKDF parameters first, in general, too. About some missing checks, you're right. However,  is not , but  , unless you are using ~obsolete Python2 :) . Applying first two RFC test cases,
 * it passes. —Mykhal (talk) 20:55, 13 April 2021 (UTC)
 * it passes. —Mykhal (talk) 20:55, 13 April 2021 (UTC)

Uses
The Uses section states: "To "extract" (condense/blend) entropy from a larger random source to provide a more uniformly unbiased and higher entropy", however, section 4 of the RFC is very clear that this is not possible (emphasis mine): "The extract step in HKDF can concentrate existing entropy but cannot amplify entropy" — Preceding unsigned comment added by ColinA3 (talk • contribs) 20:49, 9 May 2018 (UTC)

Example code
I hope it's not too much to ask that contributors test the example code when editing it. The previous couple of edits were blatantly wrong. Ewx (talk) 19:18, 18 February 2022 (UTC)