From 44cc38c856968e6b2d619540591863ae13de9bf0 Mon Sep 17 00:00:00 2001
From: Igor Pashev <pashev.igor@gmail.com>
Date: Sun, 8 Nov 2015 19:00:25 +0300
Subject: Simply use PBKDF2.outputLength = 16

---
 src/Web/ZeroBin/SJCL.hs | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/src/Web/ZeroBin/SJCL.hs b/src/Web/ZeroBin/SJCL.hs
index 66f8e29..faa2db0 100644
--- a/src/Web/ZeroBin/SJCL.hs
+++ b/src/Web/ZeroBin/SJCL.hs
@@ -36,16 +36,11 @@ instance JSON.ToJSON Content where
 makeCipher :: ByteString -> IO AES256
 makeCipher = throwCryptoErrorIO . cipherInit
 
--- SJCL uses PBKDF2-HMAC-SHA256 with 1000 iterations, 32 bytes length,
--- but the output is truncated down to 16 bytes.
 -- https://github.com/bitwiseshiftleft/sjcl/blob/master/core/pbkdf2.js
--- TODO: this is default, we can specify it explicitly
---       for forward compatibility
+-- TODO: this is default, we can specify it explicitly for forward compatibility
 makeKey :: ByteString -> ByteString -> ByteString
-makeKey pwd slt = BS.take 16 $ PBKDF2.generate (prfHMAC SHA256)
-  PBKDF2.Parameters {PBKDF2.iterCounts = 1000, PBKDF2.outputLength = 32}
-  pwd slt
-
+makeKey = PBKDF2.generate (prfHMAC SHA256)
+  PBKDF2.Parameters {PBKDF2.iterCounts = 1000, PBKDF2.outputLength = 16}
 
 chunks :: Int -> ByteString -> [ByteString]
 chunks sz = split
-- 
cgit v1.2.3