Golang proposal: x/crypto: deprecate algorithms with an inbox implementation but an incompatible API

Proposal Details

Go 1.24 added to the standard library some cryptographic algorithms that also exist in x/crypto. Of these algorithms, PBKDF2 and SHA3 have a compatible API, and the x/crypto APIs will be updated to forward them to the crypto APIs in https://go-review.googlesource.com/c/crypto/+/681735 and https://go-review.googlesource.com/c/crypto/+/681755 respectively.

There are however some other algorithms, whose API in x/crypto is not compatible with the one added in crypto:

• SHAKE/cSHAKE: interfaces lack a Size() method (correctly, since their output can have an arbitrary length)
• HKDF: the Expand and New functions support generating an arbitrarily large output, instead of returning a fixed buffer

I propose to deprecate (c)SHAKE and HKDF functions from x/crypto, with a message that guides users to use the corresponding methods in crypto.

Comment From: gabyhelp

Related Issues

• crypto/sha3: import from x/crypto #69982 (closed)

_{(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)}