US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)

The United States of America has adopted a suite of Secure Hash Algorithms (SHAs), including four beyond SHA-1, as part of a Federal Information Processing Standard (FIPS), namely SHA-224, SHA-256, SHA-384, and SHA-512. This document makes open source code performing these SHA hash functions conveniently available to the Internet community. The sample code supports input strings of arbitrary bit length. Much of the text herein was adapted by the authors from FIPS 180-2. This document replaces RFC 4634, fixing errata and adding code for an HMAC-based extract-and-expand Key Derivation Function, HKDF (RFC 5869). As with RFC 4634, code to perform SHA-based Hashed Message Authentication Codes (HMACs) is also included. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at