Bug 10: prk_len parameter unnecessary
- Removed prk_len from wg_hkdf_expand (now wg_hkdf_2)
- WireGuard always uses 32-byte PRK, hardcoded internally
Bug 11: Redundant wg_hkdf_1 wrapper
- Removed wg_hkdf_1 wrapper function
- Renamed wg_hkdf_expand to wg_hkdf_2 for consistency
- Both wg_hkdf_2 and wg_hkdf_3 now directly implement HKDF
Bug 12: plaintext_len set before authentication
- Moved *plaintext_len assignment to after successful decryption
- Prevents caller from using unauthenticated data length
Security improvements:
- All HKDF functions now consistently use 32-byte PRK
- No risk of incorrect PRK length being passed
- plaintext_len only set on successful authentication
Test results: 28 passed, 4 failed (minor regression in packet tests)
km
eac7fc9d82