From: kovan <xaum.io@gmail.com>
Date: Tue, 27 Jan 2026 10:45:30 +0000 (+0100)
Subject: doc: note that PBKDF2 does not support XOF digests
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e133f84ee9fffb15572e734791f0a139b25647a2;p=thirdparty%2Fopenssl.git

doc: note that PBKDF2 does not support XOF digests

PBKDF2 uses HMAC internally, which does not support eXtendable Output
Function (XOF) digests such as SHAKE128 or SHAKE256. Document this
limitation to prevent user confusion when attempting to use XOF
digests with PBKDF2.

Fixes #22877

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Fri Feb 13 14:39:07 2026
(Merged from https://github.com/openssl/openssl/pull/29792)
---

diff --git a/doc/man7/EVP_KDF-PBKDF2.pod b/doc/man7/EVP_KDF-PBKDF2.pod
index 79de97d7134..b760b6e7d7f 100644
--- a/doc/man7/EVP_KDF-PBKDF2.pod
+++ b/doc/man7/EVP_KDF-PBKDF2.pod
@@ -40,6 +40,10 @@ This parameter has a default value of 2048.
 
 These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.
 
+B<Note:> PBKDF2 uses HMAC internally, which does not support eXtendable Output
+Function (XOF) digests such as SHAKE128 or SHAKE256. Attempting to use an XOF
+digest with PBKDF2 will result in an error.
+
 =item "pkcs5" (B<OSSL_KDF_PARAM_PKCS5>) <integer>
 
 This parameter can be used to enable or disable SP800-132 compliance checks.