Replace incorrect max. length in README.md

README.md

@@ -37,7 +37,7 @@ The maximum derived key length depends on the hash algorithm used:
 | md5 | 4080 |
 | sha | 4080 |
 | sha224 | 7140 |
-| sha256 | 7905 |
+| sha256 | 8160 |
 | sha384 | 12240 |
 | sha512 | 16320 |
 
@@ -50,7 +50,7 @@ Now use some other hash algorithm:
   163,245,17,144,234,186,78,169,12,1,140,191,236,27,...>>
 ```
 Now, with some info added. Info is used to set a context such as
-`encryption`, `message authentication`, `WhisperMessageKeys` or whatever you like. See [Understanding HKDF](https://soatok.blog/2021/11/17/understanding-hkdf/) for more details:
+`encryption`, `message authentication`, `WhisperMessageKeys` or whatever you like.
 ```
 4> hkdf:derive_secrets(sha512, <<"some sercret">>, <<"encryption">>, 2048).
 <<81,235,47,134,224,128,85,22,18,245,67,75,151,30,104,103,
@@ -59,16 +59,25 @@ Now, with some info added. Info is used to set a context such as
 <<97,51,54,191,163,55,231,156,65,248,186,24,46,201,234,
   178,98,121,37,55,93,243,214,27,136,7,181,120,52,...>>
 ```
-Add some salt (NB: do read [Understanding HKDF](https://soatok.blog/2021/11/17/understanding-hkdf/) on why and when to use salt! If the IKM is not random and/or has some structure as it has when taken from [Elliptic Curve] Diffie-Hellman for example, you must either hash the IKM yourself before using it or add some salt.):
+Add some salt:
 ```
 6> hkdf:derive_secrets(sha512, <<"some sercret">>, <<"MyApplication">>, <<"lots of salt here">>, 2048).
 <<86,124,101,141,121,180,89,23,115,176,45,80,60,10,88,157,
   32,249,52,19,231,142,32,74,103,55,161,243,207,...>>
 ```
-Input key material, info and salt all are binaries, that is a number of bytes.
+Input key material, info and salt all are binaries, i.e. a number of bytes.
+
+NB: do read [Understanding
+HKDF](https://soatok.blog/2021/11/17/understanding-hkdf/) on the
+proper use of the `Info` argument and why and when to use salt. If the
+IKM is not random and/or has some structure as it has when taken from
+[Elliptic Curve] Diffie-Hellman for example, you must either hash the
+
+IKM yourself before using it or add some salt.
 
 You can also directly call the underlying functions `extract/2-3` and
-`expand/3-5`, which is done in the tests to verify the intermediate results.
+`expand/3-5`, which is done in the tests to verify the intermediate
+results.
 
 ```
 PKR = hkdf:extract(Hash, IKM).
@@ -100,6 +109,7 @@ Finished in 0.150 seconds
 
 ## Further reading
 
-- [Understanding HKDF](https://soatok.blog/2021/11/17/understanding-hkdf/)
+- [Understanding
+  HKDF](https://soatok.blog/2021/11/17/understanding-hkdf/)
 - [RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
 ](https://datatracker.ietf.org/doc/html/rfc5869)

src/hkdf.erl

@@ -1,13 +1,13 @@
 -module(hkdf).
 
 -export([derive_secrets/2, derive_secrets/3, derive_secrets/4, derive_secrets/5,
-	 extract/2, extract/3, expand/3, expand/4]).
+	 extract/2, extract/3, expand/3, expand/4, max_length/1]).
 
 -ifdef(TEST).
 -include_lib("eunit/include/eunit.hrl").
 -endif.
 
--type hash_algorithms() :: md5 | sha | sha224 | sha256 | sha384 | sha512.
+-type hash_algorithm() :: md5 | sha | sha224 | sha256 | sha384 | sha512.
 -type salt() :: iodata().
 -type info() :: iodata().
 -type prk() :: binary().
@@ -25,7 +25,7 @@ derive_secrets(IKM, L) ->
     derive_secrets(sha256, IKM, <<>>, <<>>, L).
 
 -spec derive_secrets(Hash_algorithm, IKM, L) -> OKM when
-      Hash_algorithm :: hash_algorithms(), 
+      Hash_algorithm :: hash_algorithm(), 
       IKM :: ikm(), 
       L :: pos_integer(),
       OKM :: okm().
@@ -35,7 +35,7 @@ derive_secrets(Hash_algorithm, IKM, L) when is_integer(L) ->
     derive_secrets(Hash_algorithm, IKM, <<>>, <<>>, L).
 
 -spec derive_secrets(Hash_algorithm, IKM, Info, L) -> OKM when
-      Hash_algorithm :: hash_algorithms(), 
+      Hash_algorithm :: hash_algorithm(), 
       IKM :: ikm(), 
       Info :: info(), 
       L :: pos_integer(),
@@ -44,7 +44,7 @@ derive_secrets(Hash_algorithm, IKM, Info, L) ->
     derive_secrets(Hash_algorithm, IKM, Info, <<>>, L).
 
 -spec derive_secrets(Hash_algorithm, IKM, Info, Salt, L) -> OKM when
-      Hash_algorithm :: hash_algorithms(), 
+      Hash_algorithm :: hash_algorithm(), 
       IKM :: ikm(), 
       Info :: info(), 
       Salt :: salt(),
@@ -57,7 +57,7 @@ derive_secrets(Hash_algorithm, IKM, Info, Salt, L) ->
     expand(Hash_algorithm, PRK, Info, L).
 
 -spec extract(Hash_algorithm, IKM) -> PRK when
-      Hash_algorithm :: hash_algorithms(),
+      Hash_algorithm :: hash_algorithm(),
       IKM :: ikm(),
       PRK :: prk(). 
 %% @doc extract/2 takes the input keying material IKM and "extracts" from it
@@ -66,7 +66,7 @@ extract(Hash_algorithm, IKM) ->
     extract(Hash_algorithm, <<>>, IKM).
 
 -spec extract(Hash_algorithm, Salt, IKM) -> PRK when
-      Hash_algorithm :: hash_algorithms(),
+      Hash_algorithm :: hash_algorithm(),
       Salt :: salt(),
       IKM :: ikm(),
       PRK :: prk(). 
@@ -78,7 +78,7 @@ extract(Hash_algorithm, Salt, IKM) ->
     hmac(Hash_algorithm, Salt, IKM).
 
 -spec expand(Hash_algorithm, PRK, L) -> OKM when
-      Hash_algorithm :: hash_algorithms(), 
+      Hash_algorithm :: hash_algorithm(), 
       PRK :: prk(), 
       L :: pos_integer(), 
       OKM :: okm().
@@ -87,7 +87,7 @@ expand(Hash_algorithm, PRK, L) ->
     expand(Hash_algorithm, PRK, <<>>, L).
 
 -spec expand(Hash_algorithm, PRK, Info, L) -> OKM when
-      Hash_algorithm :: hash_algorithms(), 
+      Hash_algorithm :: hash_algorithm(), 
       PRK :: prk(), 
       Info :: info(), 
       L :: pos_integer(),
@@ -116,6 +116,7 @@ expand_(Hash_algorithm, PRK, Info, I, N, Prev, Acc) ->
     Ti = hmac(Hash_algorithm, PRK, <<Prev/binary, Info/binary, I:8>>),
     expand_(Hash_algorithm, PRK, Info, I + 1, N, Ti, <<Acc/binary, Ti/binary>>).
 
+-spec max_length(hash_algorithm()) -> pos_integer().
 %% length of output keying material in octets should be <= 255 *
 %% HashLen (See page 3)
 max_length(Hash_algorithm) ->