Appendix: Changes from RFC 4634

The following changes were made to RFC 4634 to produce this document:

1. Add code for HKDF

Add code for HKDF and brief text about HKDF with pointer to [RFC5869].

2. Fix numerous errata

Fix numerous errata filed against [RFC4634] as included below. Note that in no case did the old code return an incorrect hash value.

2.a. Correct error return values

Correct some of the error return values which has erroneously been "shaNull" to the correct "shaInputTooLong" error.

2.b. Update comments and variable names

Update comments and variable names within the code for consistency and clarity and other editorial changes.

2.c. Fix SHA-384 and SHA-512 length limit

The previous code for SHA-384 and SHA-512 would stop after 2^93 bytes (2^96 bits). The fixed code handles up to 2^125 bytes (2^128 bits).

2.d. Add additional error checking

Add additional error checking including a run time check in the test driver to detect attempts to run the test driver after compilation using some other character set instead of [US-ASCII].

3. Update boilerplate

Update boilerplate, remove special license in [RFC4634] as new boilerplate mandates simplified BSD license.

4. Replace getopt version

Replace MIT version of getopt with new code to satisfy IETF incoming and outgoing license restrictions.

5. Add references

Add references to [RFC6194].

6. Other editorial improvements

Other assorted editorial improvements.

1. Add code for HKDF​

2. Fix numerous errata​

2.a. Correct error return values​

2.b. Update comments and variable names​

2.c. Fix SHA-384 and SHA-512 length limit​

2.d. Add additional error checking​

3. Update boilerplate​

4. Replace getopt version​

5. Add references​

6. Other editorial improvements​