PBKDF2 uses HMAC internally, which does not support eXtendable Output
Function (XOF) digests such as SHAKE128 or SHAKE256. Document this
limitation to prevent user confusion when attempting to use XOF
digests with PBKDF2.
Fixes #22877
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Fri Feb 13 14:39:07 2026
(Merged from https://github.com/openssl/openssl/pull/29792)
These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.
+B<Note:> PBKDF2 uses HMAC internally, which does not support eXtendable Output
+Function (XOF) digests such as SHAKE128 or SHAKE256. Attempting to use an XOF
+digest with PBKDF2 will result in an error.
+
=item "pkcs5" (B<OSSL_KDF_PARAM_PKCS5>) <integer>
This parameter can be used to enable or disable SP800-132 compliance checks.