Merge pull request #2 from rnapier/pbkdf2

Pbkdf2

3 files changed, 26 insertions, 13 deletions

diff --git a/lib/std/crypto.zig b/lib/std/crypto.zig
index 2b42942824..64ec22894c 100644
--- a/lib/std/crypto.zig
+++ b/lib/std/crypto.zig
@@ -35,10 +35,7 @@ pub const onetimeauth = struct {
     pub const Poly1305 = @import("crypto/poly1305.zig").Poly1305;
 };
 
-/// Key derivation functions
-pub const kdf = struct {
-    pub const pbkdf2 = @import("crypto/pbkdf2.zig").pbkdf2;
-};
+pub const kdf = @import("crypto/kdf.zig");
 
 /// Core functions, that should rarely be used directly by applications.
 pub const core = struct {
@@ -82,7 +79,7 @@ test "crypto" {
     _ = @import("crypto/gimli.zig");
     _ = @import("crypto/hmac.zig");
     _ = @import("crypto/md5.zig");
-    _ = @import("crypto/pbkdf2.zig");
+    _ = @import("crypto/kdf.zig");
     _ = @import("crypto/poly1305.zig");
     _ = @import("crypto/sha1.zig");
     _ = @import("crypto/sha2.zig");
diff --git a/lib/std/crypto/kdf.zig b/lib/std/crypto/kdf.zig
new file mode 100644
index 0000000000..06bf67bbbd
--- /dev/null
+++ b/lib/std/crypto/kdf.zig
@@ -0,0 +1,17 @@
+// SPDX-License-Identifier: MIT
+// Copyright (c) 2015-2020 Zig Contributors
+// This file is part of [zig](https://ziglang.org/), which is MIT licensed.
+// The MIT license requires this copyright notice to be included in all copies
+// and substantial portions of the software.
+
+//! A Key Derivation Function (KDF) is intended to turn a weak, human generated password into a
+//! strong key, suitable for cryptographic uses. It does this by salting and stretching the
+//! password. Salting injects non-secret random data, so that identical passwords will be converted
+//! into unique keys. Stretching applies a deliberately slow hashing function to frustrate
+//! brute-force guessing.
+
+pub const pbkdf2 = @import("pbkdf2.zig").pbkdf2;
+
+test "kdf" {
+    _ = @import("pbkdf2.zig");
+}
diff --git a/lib/std/crypto/pbkdf2.zig b/lib/std/crypto/pbkdf2.zig
index 2f9b720220..2bbf0f15d8 100644
--- a/lib/std/crypto/pbkdf2.zig
+++ b/lib/std/crypto/pbkdf2.zig
@@ -10,13 +10,10 @@ const debug = std.debug;
 const assert = debug.assert;
 const mem = std.mem;
 
-//! PBKDF2 (Password-Based Key Derivation Function 2) is intended to turn a weak, human generated
-//! password into a strong key, suitable for cryptographic uses. It does this by salting and
-//! stretching the password. Salting injects non-secret random data, so that identical passwords
-//! will be converted into unique keys. Stretching applies a deliberately slow hashing function to
-//! frustrate brute-force guessing.
-//!
-//! PBKDF2 is defined in RFC 2898, and is a recommendation of NIST SP 800-132.
+// Exports
+comptime {
+    _ = crypto.kdf.pbkdf2;
+}
 
 // RFC 2898 Section 5.2
 //
@@ -48,6 +45,8 @@ const mem = std.mem;
 
 /// Apply PBKDF2 to generate a key from a password.
 ///
+/// PBKDF2 is defined in RFC 2898, and is a recommendation of NIST SP 800-132.
+///
 /// derivedKey: Slice of appropriate size for generated key. Generally 16 or 32 bytes in length.
 ///             May be uninitialized. All bytes will be written.
 ///             Maximum size is (2^32 - 1) * Hash.digest_length
@@ -131,7 +130,7 @@ pub fn pbkdf2(derivedKey: []u8, password: []const u8, salt: []const u8, rounds:
         ctx.final(prevBlock[0..]);
 
         // Choose portion of DK to write into (T_n) and initialize
-        const offset: u64 = @as(u64, block) * hLen;
+        const offset: usize = @as(usize, block) * hLen;
         const blockLen = if (block != l - 1) hLen else r;
         var dkBlock = derivedKey[offset..(offset + blockLen)];
         mem.copy(u8, dkBlock, prevBlock[0..dkBlock.len]);