Description
Description
This is a very specific feature request and I don't really expect this to be added any time soon.
Since version 8.1 now supports an options array as an argument to the hash function, PHP could implement native support for the SHAKE128 and SHAKE256 algorithms that are part of KECCAK (SHA3).
Unfortunatly I could not find the original discussions from back when version 7.1 was released (when sha3 support was introduced), nor any other discussions about SHA3 for that matter, to find the reason why they were not implemented. My guess why they weren't implemented is that SHAKE has a variable output length that MUST be specified by the user and that back then there was no way to pass an option by the user to the hash implementation.
I am not too familiar with when and how often SHAKE algorithms are used in the wild, but I can't imagine that many people actually depend on them.
In my use case, we have a custom OAuth2 OpenID Connect implementation and have migrated from RSA to EdDSA token signing because a) EdDSA is faster and b) has a considerably shorter signature length. So that our PHP applications can fully support EdDSA with the curves like "Ed448", OpenID Connect requires SHAKE256 to generate the verification hashes like "s_hash" or "at_hash".
Since the options array is now available, the algorithm could be nicely integrated with the existing hash function:
<?php
print hash('sha3-shake256', 'This is a SHAKE256 test string. ', false, [
'output_length' => 114 // value from OpenID Connect
]);
// 3477218c282909fa2e1df2e7c3bcSince this should not break BC, this feature could be implemented with a minor release.
Unfortunatly I have absolutly no experience with PHP internals and much much less knowledge of cryptograhy/hashing in general and therefore am unable to submit a PR myself.
Thank you for reading my feature request and much love and respect to the internals team.