commit 02325bbf68bfe43dd6eff0deccadfb615d3c9220
parent 66bd7e9057a23e88690c9db65c4648d18198e8b4
Author: Jared Tobin <jared@jtobin.io>
Date: Sat, 10 Jan 2026 21:58:14 +0400
lib: use new hmac api
Diffstat:
4 files changed, 27 insertions(+), 18 deletions(-)
diff --git a/bench/Main.hs b/bench/Main.hs
@@ -6,22 +6,31 @@ import Criterion.Main
import qualified Crypto.KDF.PBKDF as KDF
import qualified Crypto.Hash.SHA256 as SHA256
import qualified Crypto.Hash.SHA512 as SHA512
+import qualified Data.ByteString as BS
main :: IO ()
main = defaultMain [
suite
]
+hmac_sha256 :: BS.ByteString -> BS.ByteString -> BS.ByteString
+hmac_sha256 k b = case SHA256.hmac k b of
+ SHA256.MAC mac -> mac
+
+hmac_sha512 :: BS.ByteString -> BS.ByteString -> BS.ByteString
+hmac_sha512 k b = case SHA512.hmac k b of
+ SHA512.MAC mac -> mac
+
suite :: Benchmark
suite =
bgroup "ppad-pbkdf" [
bgroup "PBKDF-SHA256" [
bench "derive (outlen 32)" $
- nf (KDF.derive SHA256.hmac "muh password" "muh salt" 32) 64
+ nf (KDF.derive hmac_sha256 "muh password" "muh salt" 32) 64
]
, bgroup "PBKDF-SHA512" [
bench "derive (outlen 32)" $
- nf (KDF.derive SHA512.hmac "muh password" "muh salt" 32) 64
+ nf (KDF.derive hmac_sha512 "muh password" "muh salt" 32) 64
]
]
diff --git a/flake.lock b/flake.lock
@@ -105,11 +105,11 @@
]
},
"locked": {
- "lastModified": 1767897559,
- "narHash": "sha256-UabcPqE4O+h1HHv02LjanjuorRS91OODqk0ek55VrmQ=",
+ "lastModified": 1768045644,
+ "narHash": "sha256-8+jLaYRN8iX6NmyotE7DvjfjUIT8I0KOchgcP7uq7Vo=",
"ref": "master",
- "rev": "528d9cf07ca756fb5422cab174849fe0708620d0",
- "revCount": 111,
+ "rev": "4716cd5b4e673e9cb66e4e5e427e5464a7c10977",
+ "revCount": 116,
"type": "git",
"url": "git://git.ppad.tech/sha256.git"
},
@@ -139,11 +139,11 @@
]
},
"locked": {
- "lastModified": 1767897585,
- "narHash": "sha256-QxLlHu8+tGKZ9aOKFnVOqNwEn+LCuNF27kY2dxOCYxo=",
+ "lastModified": 1768045869,
+ "narHash": "sha256-ySqv5fQRz+/9X54yXCuck2QnGyuIqRLpRzanh+Ehl88=",
"ref": "master",
- "rev": "428e2e09c345a0cb255d9aab432606308872c014",
- "revCount": 38,
+ "rev": "0fbaba3c091692622744d30016e36ca6b726a819",
+ "revCount": 42,
"type": "git",
"url": "git://git.ppad.tech/sha512.git"
},
diff --git a/ppad-pbkdf.cabal b/ppad-pbkdf.cabal
@@ -1,6 +1,6 @@
cabal-version: 3.0
name: ppad-pbkdf
-version: 0.2.1
+version: 0.2.2
synopsis: A password-based key derivation function
license: MIT
license-file: LICENSE
@@ -53,8 +53,8 @@ test-suite pbkdf-tests
, bytestring
, ppad-base16
, ppad-pbkdf
- , ppad-sha256
- , ppad-sha512
+ , ppad-sha256 >= 0.3 && < 0.4
+ , ppad-sha512 >= 0.2 && < 0.4
, tasty
, tasty-hunit
, text
@@ -73,6 +73,6 @@ benchmark pbkdf-bench
, bytestring
, criterion
, ppad-pbkdf
- , ppad-sha256
- , ppad-sha512
+ , ppad-sha256 >= 0.3 && < 0.4
+ , ppad-sha512 >= 0.2 && < 0.3
diff --git a/test/Main.hs b/test/Main.hs
@@ -54,8 +54,8 @@ execute h W.PbkdfTest {..} = testCase t_msg $ do
| pt_result == "invalid" -> assertBool "invalid" (pec /= out)
| otherwise -> assertEqual mempty pec out
where
- hmac = case h of
- SHA256 -> SHA256.hmac
- SHA512 -> SHA512.hmac
+ hmac k b = case h of
+ SHA256 -> let SHA256.MAC mac = SHA256.hmac k b in mac
+ SHA512 -> let SHA512.MAC mac = SHA512.hmac k b in mac
t_msg = "test " <> show pt_tcId -- XX embellish
