Commit e133f84ee9 for openssl.org

commit e133f84ee9fffb15572e734791f0a139b25647a2
Author: kovan <xaum.io@gmail.com>
Date:   Tue Jan 27 11:45:30 2026 +0100

    doc: note that PBKDF2 does not support XOF digests

    PBKDF2 uses HMAC internally, which does not support eXtendable Output
    Function (XOF) digests such as SHAKE128 or SHAKE256. Document this
    limitation to prevent user confusion when attempting to use XOF
    digests with PBKDF2.

    Fixes #22877

    Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    Reviewed-by: Tomas Mraz <tomas@openssl.org>
    MergeDate: Fri Feb 13 14:39:07 2026
    (Merged from https://github.com/openssl/openssl/pull/29792)

diff --git a/doc/man7/EVP_KDF-PBKDF2.pod b/doc/man7/EVP_KDF-PBKDF2.pod
index 79de97d713..b760b6e7d7 100644
--- a/doc/man7/EVP_KDF-PBKDF2.pod
+++ b/doc/man7/EVP_KDF-PBKDF2.pod
@@ -40,6 +40,10 @@ This parameter has a default value of 2048.

 These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.

+B<Note:> PBKDF2 uses HMAC internally, which does not support eXtendable Output
+Function (XOF) digests such as SHAKE128 or SHAKE256. Attempting to use an XOF
+digest with PBKDF2 will result in an error.
+
 =item "pkcs5" (B<OSSL_KDF_PARAM_PKCS5>) <integer>

 This parameter can be used to enable or disable SP800-132 compliance checks.