Merge branch 'master' of github.com:ECrownofFire/enacl

2020-01-15 16:07:40 +01:00
parent 97ee4bbdcf 4afa6fc093
commit 600020620b
3 changed files with 120 additions and 19 deletions
@@ -101,6 +101,10 @@
         shorthash_size/0,
         shorthash/2,

+         %% No Tests!
+         pwhash/4,
+         pwhash_str/3,
+
         %% EQC
         pwhash/2,
         pwhash_str/1,
@@ -341,21 +345,51 @@ generichash_final({hashstate, HashSize, HashState}) ->
    enacl_nif:crypto_generichash_final(HashSize, HashState).


+-type pwhash_limit() :: interactive | moderate | sensitive | pos_integer().
 %% @doc pwhash/2 hash a password
 %%
 %% This function generates a fixed size salted hash of a user defined password.
+%% Defaults to interactive/interactive limits.
 %% @end
 -spec pwhash(iodata(), binary()) -> {ok, binary()} | {error, term()}.
 pwhash(Password, Salt) ->
-    enacl_nif:crypto_pwhash(Password, Salt).
+    pwhash(Password, Salt, interactive, interactive).
+
+%% @doc pwhash/4 hash a password
+%%
+%% This function generates a fixed size salted hash of a user defined password given Ops and Mem
+%% limits.
+%% @end
+-spec pwhash(Password, Salt, Ops, Mem) -> {ok, binary()} | {error, term()}
+    when
+      Password :: iodata(),
+      Salt     :: binary(),
+      Ops      :: pwhash_limit(),
+      Mem      :: pwhash_limit().
+pwhash(Password, Salt, Ops, Mem) ->
+    enacl_nif:crypto_pwhash(Password, Salt, Ops, Mem).

 %% @doc pwhash_str/1 generates a ASCII encoded hash of a password
 %%
 %% This function generates a fixed size, salted, ASCII encoded hash of a user defined password.
+%% Defaults to interactive/interactive limits.
 %% @end
 -spec pwhash_str(iodata()) -> {ok, iodata()} | {error, term()}.
 pwhash_str(Password) ->
-    case enacl_nif:crypto_pwhash_str(Password) of
+    pwhash_str(Password, interactive, interactive).
+
+%% @doc pwhash_str/3 generates a ASCII encoded hash of a password
+%%
+%% This function generates a fixed size, salted, ASCII encoded hash of a user defined password
+%% given Ops and Mem limits.
+%% @end
+-spec pwhash_str(Password, Ops, Mem) -> {ok, iodata()} | {error, term()}
+    when
+      Password :: iodata(),
+      Ops :: pwhash_limit(),
+      Mem :: pwhash_limit().
+pwhash_str(Password, Ops, Mem) ->
+    case enacl_nif:crypto_pwhash_str(Password, Ops, Mem) of
        {ok, ASCII} ->
            {ok, strip_null_terminate(ASCII)};
        {error, Reason} ->
@@ -132,8 +132,8 @@

 %% Password Hashing - Argon2 Algorithm
 -export([
-         crypto_pwhash/2,
-         crypto_pwhash_str/1,
+         crypto_pwhash/4,
+         crypto_pwhash_str/3,
         crypto_pwhash_str_verify/2
        ]).

@@ -190,8 +190,8 @@ crypto_generichash_init(_HashSize, _Key) ->  erlang:nif_error(nif_not_loaded).
 crypto_generichash_update(_HashSize, _HashState, _Message) ->  erlang:nif_error(nif_not_loaded).
 crypto_generichash_final(_HashSize, _HashState) ->  erlang:nif_error(nif_not_loaded).

-crypto_pwhash(_Password, _Salt) -> erlang:nif_error(nif_not_loaded).
-crypto_pwhash_str(_Password) -> erlang:nif_error(nif_not_loaded).
+crypto_pwhash(_Password, _Salt, _Ops, _Mem) -> erlang:nif_error(nif_not_loaded).
+crypto_pwhash_str(_Password, _Ops, _Mem) -> erlang:nif_error(nif_not_loaded).
 crypto_pwhash_str_verify(_HashedPassword, _Password) -> erlang:nif_error(nif_not_loaded).

 crypto_box_NONCEBYTES() -> erlang:nif_error(nif_not_loaded).