diff options
| author | Igor Pashev <pashev.igor@gmail.com> | 2015-11-08 19:00:25 +0300 |
|---|---|---|
| committer | Igor Pashev <pashev.igor@gmail.com> | 2015-11-08 19:00:25 +0300 |
| commit | 44cc38c856968e6b2d619540591863ae13de9bf0 (patch) | |
| tree | 96332f38e37011af0674dfa6aa8641903efa1235 | |
| parent | 56115491d0dce58bf06f92fd5022363eb05a3755 (diff) | |
| download | zerobin-44cc38c856968e6b2d619540591863ae13de9bf0.tar.gz | |
Simply use PBKDF2.outputLength = 16
| -rw-r--r-- | src/Web/ZeroBin/SJCL.hs | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/src/Web/ZeroBin/SJCL.hs b/src/Web/ZeroBin/SJCL.hs index 66f8e29..faa2db0 100644 --- a/src/Web/ZeroBin/SJCL.hs +++ b/src/Web/ZeroBin/SJCL.hs @@ -36,16 +36,11 @@ instance JSON.ToJSON Content where makeCipher :: ByteString -> IO AES256 makeCipher = throwCryptoErrorIO . cipherInit --- SJCL uses PBKDF2-HMAC-SHA256 with 1000 iterations, 32 bytes length, --- but the output is truncated down to 16 bytes. -- https://github.com/bitwiseshiftleft/sjcl/blob/master/core/pbkdf2.js --- TODO: this is default, we can specify it explicitly --- for forward compatibility +-- TODO: this is default, we can specify it explicitly for forward compatibility makeKey :: ByteString -> ByteString -> ByteString -makeKey pwd slt = BS.take 16 $ PBKDF2.generate (prfHMAC SHA256) - PBKDF2.Parameters {PBKDF2.iterCounts = 1000, PBKDF2.outputLength = 32} - pwd slt - +makeKey = PBKDF2.generate (prfHMAC SHA256) + PBKDF2.Parameters {PBKDF2.iterCounts = 1000, PBKDF2.outputLength = 16} chunks :: Int -> ByteString -> [ByteString] chunks sz = split |