pbkdf2.hs

module PBKDF2 (
    pbkdf2, pbkdf2HmacSha1
) where

import Data.HMAC (hmac_sha1)
import Text.Bytedump (dumpRaw)
import Control.DeepSeq
import OctetString

pbkdf2 :: (OctetString -> OctetString -> OctetString)  -- pseudo random function (HMAC)
  -> Int  -- hash length in bytes
  -> String  -- password
  -> String  -- salt
  -> Int  -- iterations
  -> Int  -- derived key length in bytes
  -> String -- derived key
pbkdf2 prf hlen pass salt c dkLen = 
    let p = strToOctet pass
        s = strToOctet salt
        l = ceiling $ (fromIntegral dkLen :: Double) / fromIntegral hlen
        r = dkLen - (l - 1) * hlen
        blocks' = map (blockFun p s c) [1..l]
    in dumpRaw . take dkLen . concat $  blocks'
    where
        blockFun p s c i =
            let plist = take c $ repeat p
            in rHash plist (s ++ intToMSOctet i)
        rHash :: [OctetString] -> OctetString -> OctetString
        rHash [] _ = replicate hlen 0
        rHash (p:ps) s = let u_i = prf p s in u_i `xor'` rHash ps u_i

-- Calculate the PBKDF2 as a hexadecimal string using HMAC and SHA-1
pbkdf2HmacSha1 :: String  -- password
  -> String  -- salt
  -> Int  -- iterations
  -> Int  -- derived key length in bytes
  -> String -- derived key
pbkdf2HmacSha1 = pbkdf2 hmac_sha1 20