libghc-pwstore-fast-doc 2.4.1-1build2 / usr / share / doc / libghc-pwstore-fast-doc / html / src / Crypto-PasswordStore.html

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<!-- Generated by HsColour, http://code.haskell.org/~malcolm/hscolour/ -->
<title>Crypto/PasswordStore.hs</title>
<link type='text/css' rel='stylesheet' href='hscolour.css' />
</head>
<body>
<pre><a name="line-1"></a><span class='hs-comment'>{-# LANGUAGE OverloadedStrings, BangPatterns #-}</span>
<a name="line-2"></a><span class='hs-comment'>{-# LANGUAGE CPP #-}</span>
<a name="line-3"></a><span class='hs-comment'>-- |</span>
<a name="line-4"></a><span class='hs-comment'>-- Module      : Crypto.PasswordStore</span>
<a name="line-5"></a><span class='hs-comment'>-- Copyright   : (c) Peter Scott, 2011</span>
<a name="line-6"></a><span class='hs-comment'>-- License     : BSD-style</span>
<a name="line-7"></a><span class='hs-comment'>--</span>
<a name="line-8"></a><span class='hs-comment'>-- Maintainer  : pjscott@iastate.edu</span>
<a name="line-9"></a><span class='hs-comment'>-- Stability   : experimental</span>
<a name="line-10"></a><span class='hs-comment'>-- Portability : portable</span>
<a name="line-11"></a><span class='hs-comment'>--</span>
<a name="line-12"></a><span class='hs-comment'>-- Securely store hashed, salted passwords. If you need to store and verify</span>
<a name="line-13"></a><span class='hs-comment'>-- passwords, there are many wrong ways to do it, most of them all too</span>
<a name="line-14"></a><span class='hs-comment'>-- common. Some people store users' passwords in plain text. Then, when an</span>
<a name="line-15"></a><span class='hs-comment'>-- attacker manages to get their hands on this file, they have the passwords for</span>
<a name="line-16"></a><span class='hs-comment'>-- every user's account. One step up, but still wrong, is to simply hash all</span>
<a name="line-17"></a><span class='hs-comment'>-- passwords with SHA1 or something. This is vulnerable to rainbow table and</span>
<a name="line-18"></a><span class='hs-comment'>-- dictionary attacks. One step up from that is to hash the password along with</span>
<a name="line-19"></a><span class='hs-comment'>-- a unique salt value. This is vulnerable to dictionary attacks, since guessing</span>
<a name="line-20"></a><span class='hs-comment'>-- a password is very fast. The right thing to do is to use a slow hash</span>
<a name="line-21"></a><span class='hs-comment'>-- function, to add some small but significant delay, that will be negligible</span>
<a name="line-22"></a><span class='hs-comment'>-- for legitimate users but prohibitively expensive for someone trying to guess</span>
<a name="line-23"></a><span class='hs-comment'>-- passwords by brute force. That is what this library does. It iterates a</span>
<a name="line-24"></a><span class='hs-comment'>-- SHA256 hash, with a random salt, a few thousand times. This scheme is known</span>
<a name="line-25"></a><span class='hs-comment'>-- as PBKDF1, and is generally considered secure; there is nothing innovative</span>
<a name="line-26"></a><span class='hs-comment'>-- happening here.</span>
<a name="line-27"></a><span class='hs-comment'>--</span>
<a name="line-28"></a><span class='hs-comment'>-- The API here is very simple. What you store are called /password hashes/.</span>
<a name="line-29"></a><span class='hs-comment'>-- They are strings (technically, ByteStrings) that look like this:</span>
<a name="line-30"></a><span class='hs-comment'>--</span>
<a name="line-31"></a><span class='hs-comment'>-- &gt; "sha256|14|jEWU94phx4QzNyH94Qp4CQ==|5GEw+jxP/4WLgzt9VS3Ee3nhqBlDsrKiB+rq7JfMckU="</span>
<a name="line-32"></a><span class='hs-comment'>--</span>
<a name="line-33"></a><span class='hs-comment'>-- Each password hash shows the algorithm, the strength (more on that later),</span>
<a name="line-34"></a><span class='hs-comment'>-- the salt, and the hashed-and-salted password. You store these on your server,</span>
<a name="line-35"></a><span class='hs-comment'>-- in a database, for when you need to verify a password. You make a password</span>
<a name="line-36"></a><span class='hs-comment'>-- hash with the 'makePassword' function. Here's an example:</span>
<a name="line-37"></a><span class='hs-comment'>--</span>
<a name="line-38"></a><span class='hs-comment'>-- &gt; &gt;&gt;&gt; makePassword "hunter2" 14</span>
<a name="line-39"></a><span class='hs-comment'>-- &gt; "sha256|14|Zo4LdZGrv/HYNAUG3q8WcA==|zKjbHZoTpuPLp1lh6ATolWGIKjhXvY4TysuKvqtNFyk="</span>
<a name="line-40"></a><span class='hs-comment'>--</span>
<a name="line-41"></a><span class='hs-comment'>-- This will hash the password @\"hunter2\"@, with strength 12, which is a good</span>
<a name="line-42"></a><span class='hs-comment'>-- default value. The strength here determines how long the hashing will</span>
<a name="line-43"></a><span class='hs-comment'>-- take. When doing the hashing, we iterate the SHA256 hash function</span>
<a name="line-44"></a><span class='hs-comment'>-- @2^strength@ times, so increasing the strength by 1 makes the hashing take</span>
<a name="line-45"></a><span class='hs-comment'>-- twice as long. When computers get faster, you can bump up the strength a</span>
<a name="line-46"></a><span class='hs-comment'>-- little bit to compensate. You can strengthen existing password hashes with</span>
<a name="line-47"></a><span class='hs-comment'>-- the 'strengthenPassword' function. Note that 'makePassword' needs to generate</span>
<a name="line-48"></a><span class='hs-comment'>-- random numbers, so its return type is 'IO' 'ByteString'. If you want to avoid</span>
<a name="line-49"></a><span class='hs-comment'>-- the 'IO' monad, you can generate your own salt and pass it to</span>
<a name="line-50"></a><span class='hs-comment'>-- 'makePasswordSalt'.</span>
<a name="line-51"></a><span class='hs-comment'>--</span>
<a name="line-52"></a><span class='hs-comment'>-- Your strength value should not be less than 12, and 14 is a good default</span>
<a name="line-53"></a><span class='hs-comment'>-- value at the time of this writing, in 2013.</span>
<a name="line-54"></a><span class='hs-comment'>--</span>
<a name="line-55"></a><span class='hs-comment'>-- Once you've got your password hashes, the second big thing you need to do</span>
<a name="line-56"></a><span class='hs-comment'>-- with them is verify passwords against them. When a user gives you a password,</span>
<a name="line-57"></a><span class='hs-comment'>-- you compare it with a password hash using the 'verifyPassword' function:</span>
<a name="line-58"></a><span class='hs-comment'>--</span>
<a name="line-59"></a><span class='hs-comment'>-- &gt; &gt;&gt;&gt; verifyPassword "wrong guess" passwordHash</span>
<a name="line-60"></a><span class='hs-comment'>-- &gt; False</span>
<a name="line-61"></a><span class='hs-comment'>-- &gt; &gt;&gt;&gt; verifyPassword "hunter2" passwordHash</span>
<a name="line-62"></a><span class='hs-comment'>-- &gt; True</span>
<a name="line-63"></a><span class='hs-comment'>--</span>
<a name="line-64"></a><span class='hs-comment'>-- These two functions are really all you need. If you want to make existing</span>
<a name="line-65"></a><span class='hs-comment'>-- password hashes stronger, you can use 'strengthenPassword'. Just pass it an</span>
<a name="line-66"></a><span class='hs-comment'>-- existing password hash and a new strength value, and it will return a new</span>
<a name="line-67"></a><span class='hs-comment'>-- password hash with that strength value, which will match the same password as</span>
<a name="line-68"></a><span class='hs-comment'>-- the old password hash.</span>
<a name="line-69"></a><span class='hs-comment'>--</span>
<a name="line-70"></a><span class='hs-comment'>-- Note that, as of version 2.4, you can also use PBKDF2, and specify the exact</span>
<a name="line-71"></a><span class='hs-comment'>-- iteration count. This does not have a significant effect on security, but can</span>
<a name="line-72"></a><span class='hs-comment'>-- be handy for compatibility with other code.</span>
<a name="line-73"></a>
<a name="line-74"></a><span class='hs-keyword'>module</span> <span class='hs-conid'>Crypto</span><span class='hs-varop'>.</span><span class='hs-conid'>PasswordStore</span> <span class='hs-layout'>(</span>
<a name="line-75"></a>
<a name="line-76"></a>        <span class='hs-comment'>-- * Algorithms</span>
<a name="line-77"></a>        <span class='hs-varid'>pbkdf1</span><span class='hs-layout'>,</span>                 <span class='hs-comment'>-- :: ByteString -&gt; Salt -&gt; Int -&gt; ByteString</span>
<a name="line-78"></a>        <span class='hs-varid'>pbkdf2</span><span class='hs-layout'>,</span>                 <span class='hs-comment'>-- :: ByteString -&gt; Salt -&gt; Int -&gt; ByteString</span>
<a name="line-79"></a>
<a name="line-80"></a>        <span class='hs-comment'>-- * Registering and verifying passwords</span>
<a name="line-81"></a>        <span class='hs-varid'>makePassword</span><span class='hs-layout'>,</span>           <span class='hs-comment'>-- :: ByteString -&gt; Int -&gt; IO ByteString</span>
<a name="line-82"></a>        <span class='hs-varid'>makePasswordWith</span><span class='hs-layout'>,</span>       <span class='hs-comment'>-- :: (ByteString -&gt; Salt -&gt; Int -&gt; ByteString) -&gt;</span>
<a name="line-83"></a>                                <span class='hs-comment'>--    ByteString -&gt; Int -&gt; IO ByteString</span>
<a name="line-84"></a>        <span class='hs-varid'>makePasswordSalt</span><span class='hs-layout'>,</span>       <span class='hs-comment'>-- :: ByteString -&gt; ByteString -&gt; Int -&gt; ByteString</span>
<a name="line-85"></a>        <span class='hs-varid'>makePasswordSaltWith</span><span class='hs-layout'>,</span>   <span class='hs-comment'>-- :: (ByteString -&gt; Salt -&gt; Int -&gt; ByteString) -&gt;</span>
<a name="line-86"></a>                                <span class='hs-comment'>--    ByteString -&gt; Salt -&gt; Int -&gt; ByteString</span>
<a name="line-87"></a>        <span class='hs-varid'>verifyPassword</span><span class='hs-layout'>,</span>         <span class='hs-comment'>-- :: ByteString -&gt; ByteString -&gt; Bool</span>
<a name="line-88"></a>        <span class='hs-varid'>verifyPasswordWith</span><span class='hs-layout'>,</span>     <span class='hs-comment'>-- :: (ByteString -&gt; Salt -&gt; Int -&gt; ByteString) -&gt;</span>
<a name="line-89"></a>                                <span class='hs-comment'>--    (Int -&gt; Int) -&gt; ByteString -&gt; ByteString -&gt; Bool</span>
<a name="line-90"></a>
<a name="line-91"></a>        <span class='hs-comment'>-- * Updating password hash strength</span>
<a name="line-92"></a>        <span class='hs-varid'>strengthenPassword</span><span class='hs-layout'>,</span>     <span class='hs-comment'>-- :: ByteString -&gt; Int -&gt; ByteString</span>
<a name="line-93"></a>        <span class='hs-varid'>passwordStrength</span><span class='hs-layout'>,</span>       <span class='hs-comment'>-- :: ByteString -&gt; Int</span>
<a name="line-94"></a>
<a name="line-95"></a>        <span class='hs-comment'>-- * Utilities</span>
<a name="line-96"></a>        <span class='hs-conid'>Salt</span><span class='hs-layout'>,</span>
<a name="line-97"></a>        <span class='hs-varid'>isPasswordFormatValid</span><span class='hs-layout'>,</span>  <span class='hs-comment'>-- :: ByteString -&gt; Bool</span>
<a name="line-98"></a>        <span class='hs-varid'>genSaltIO</span><span class='hs-layout'>,</span>              <span class='hs-comment'>-- :: IO Salt</span>
<a name="line-99"></a>        <span class='hs-varid'>genSaltRandom</span><span class='hs-layout'>,</span>          <span class='hs-comment'>-- :: (RandomGen b) =&gt; b -&gt; (Salt, b)</span>
<a name="line-100"></a>        <span class='hs-varid'>makeSalt</span><span class='hs-layout'>,</span>               <span class='hs-comment'>-- :: ByteString -&gt; Salt</span>
<a name="line-101"></a>        <span class='hs-varid'>exportSalt</span><span class='hs-layout'>,</span>             <span class='hs-comment'>-- :: Salt -&gt; ByteString</span>
<a name="line-102"></a>        <span class='hs-varid'>importSalt</span>              <span class='hs-comment'>-- :: ByteString -&gt; Salt</span>
<a name="line-103"></a>  <span class='hs-layout'>)</span> <span class='hs-keyword'>where</span>
<a name="line-104"></a>
<a name="line-105"></a>
<a name="line-106"></a><span class='hs-keyword'>import</span> <span class='hs-keyword'>qualified</span> <span class='hs-conid'>Crypto</span><span class='hs-varop'>.</span><span class='hs-conid'>Hash</span><span class='hs-varop'>.</span><span class='hs-conid'>SHA256</span> <span class='hs-keyword'>as</span> <span class='hs-conid'>H</span>
<a name="line-107"></a><span class='hs-keyword'>import</span> <span class='hs-keyword'>qualified</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span><span class='hs-varop'>.</span><span class='hs-conid'>Char8</span> <span class='hs-keyword'>as</span> <span class='hs-conid'>B</span>
<a name="line-108"></a><span class='hs-keyword'>import</span> <span class='hs-keyword'>qualified</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span> <span class='hs-keyword'>as</span> <span class='hs-conid'>BS</span>
<a name="line-109"></a><span class='hs-keyword'>import</span> <span class='hs-keyword'>qualified</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span><span class='hs-varop'>.</span><span class='hs-conid'>Lazy</span> <span class='hs-keyword'>as</span> <span class='hs-conid'>BL</span>
<a name="line-110"></a><span class='hs-keyword'>import</span> <span class='hs-keyword'>qualified</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>Binary</span> <span class='hs-keyword'>as</span> <span class='hs-conid'>Binary</span>
<a name="line-111"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>Control</span><span class='hs-varop'>.</span><span class='hs-conid'>Monad</span>
<a name="line-112"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>Control</span><span class='hs-varop'>.</span><span class='hs-conid'>Monad</span><span class='hs-varop'>.</span><span class='hs-conid'>ST</span>
<a name="line-113"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>STRef</span>
<a name="line-114"></a><span class='hs-keyword'>import</span> <span class='hs-keyword'>qualified</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>Digest</span><span class='hs-varop'>.</span><span class='hs-conid'>Pure</span><span class='hs-varop'>.</span><span class='hs-conid'>SHA</span> <span class='hs-keyword'>as</span> <span class='hs-conid'>SHA</span>
<a name="line-115"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>Bits</span>
<a name="line-116"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span><span class='hs-varop'>.</span><span class='hs-conid'>Char8</span> <span class='hs-layout'>(</span><span class='hs-conid'>ByteString</span><span class='hs-layout'>)</span>
<a name="line-117"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span><span class='hs-varop'>.</span><span class='hs-conid'>Base64</span> <span class='hs-layout'>(</span><span class='hs-varid'>encode</span><span class='hs-layout'>,</span> <span class='hs-varid'>decodeLenient</span><span class='hs-layout'>)</span>
<a name="line-118"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>System</span><span class='hs-varop'>.</span><span class='hs-conid'>IO</span>
<a name="line-119"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>System</span><span class='hs-varop'>.</span><span class='hs-conid'>Random</span>
<a name="line-120"></a><span class='hs-keyword'>import</span> <span class='hs-conid'>Data</span><span class='hs-varop'>.</span><span class='hs-conid'>Maybe</span>
<a name="line-121"></a><span class='hs-keyword'>import</span> <span class='hs-keyword'>qualified</span> <span class='hs-conid'>Control</span><span class='hs-varop'>.</span><span class='hs-conid'>Exception</span>
<a name="line-122"></a>
<a name="line-123"></a><span class='hs-comment'>---------------------</span>
<a name="line-124"></a><span class='hs-comment'>-- Cryptographic base</span>
<a name="line-125"></a><span class='hs-comment'>---------------------</span>
<a name="line-126"></a>
<a name="line-127"></a><a name="pbkdf1"></a><span class='hs-comment'>-- | PBKDF1 key-derivation function. Takes a password, a 'Salt', and a number of</span>
<a name="line-128"></a><span class='hs-comment'>-- iterations. The number of iterations should be at least 1000, and probably</span>
<a name="line-129"></a><span class='hs-comment'>-- more. 5000 is a reasonable number, computing almost instantaneously. This</span>
<a name="line-130"></a><span class='hs-comment'>-- will give a 32-byte 'ByteString' as output. Both the salt and this 32-byte</span>
<a name="line-131"></a><span class='hs-comment'>-- key should be stored in the password file. When a user wishes to authenticate</span>
<a name="line-132"></a><span class='hs-comment'>-- a password, just pass it and the salt to this function, and see if the output</span>
<a name="line-133"></a><span class='hs-comment'>-- matches.</span>
<a name="line-134"></a><span class='hs-definition'>pbkdf1</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-135"></a><span class='hs-definition'>pbkdf1</span> <span class='hs-varid'>password</span> <span class='hs-layout'>(</span><span class='hs-conid'>SaltBS</span> <span class='hs-varid'>salt</span><span class='hs-layout'>)</span> <span class='hs-varid'>iter</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>hashRounds</span> <span class='hs-varid'>first_hash</span> <span class='hs-layout'>(</span><span class='hs-varid'>iter</span> <span class='hs-varop'>+</span> <span class='hs-num'>1</span><span class='hs-layout'>)</span>
<a name="line-136"></a>    <span class='hs-keyword'>where</span> <span class='hs-varid'>first_hash</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>H</span><span class='hs-varop'>.</span><span class='hs-varid'>finalize</span> <span class='hs-varop'>$</span> <span class='hs-conid'>H</span><span class='hs-varop'>.</span><span class='hs-varid'>init</span> <span class='hs-varop'>`</span><span class='hs-conid'>H</span><span class='hs-varop'>.</span><span class='hs-varid'>update</span><span class='hs-varop'>`</span> <span class='hs-varid'>password</span> <span class='hs-varop'>`</span><span class='hs-conid'>H</span><span class='hs-varop'>.</span><span class='hs-varid'>update</span><span class='hs-varop'>`</span> <span class='hs-varid'>salt</span>
<a name="line-137"></a>
<a name="line-138"></a><a name="hashRounds"></a><span class='hs-comment'>-- | Hash a 'ByteString' for a given number of rounds. The number of rounds is 0</span>
<a name="line-139"></a><span class='hs-comment'>-- or more. If the number of rounds specified is 0, the ByteString will be</span>
<a name="line-140"></a><span class='hs-comment'>-- returned unmodified.</span>
<a name="line-141"></a><span class='hs-definition'>hashRounds</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-142"></a><span class='hs-definition'>hashRounds</span> <span class='hs-layout'>(</span><span class='hs-varop'>!</span><span class='hs-varid'>bs</span><span class='hs-layout'>)</span> <span class='hs-num'>0</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>bs</span>
<a name="line-143"></a><span class='hs-definition'>hashRounds</span> <span class='hs-varid'>bs</span> <span class='hs-varid'>rounds</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>hashRounds</span> <span class='hs-layout'>(</span><span class='hs-conid'>H</span><span class='hs-varop'>.</span><span class='hs-varid'>hash</span> <span class='hs-varid'>bs</span><span class='hs-layout'>)</span> <span class='hs-layout'>(</span><span class='hs-varid'>rounds</span> <span class='hs-comment'>-</span> <span class='hs-num'>1</span><span class='hs-layout'>)</span>
<a name="line-144"></a>
<a name="line-145"></a><a name="hmacSHA256"></a><span class='hs-comment'>-- | Computes the hmacSHA256 of the given message, with the given 'Salt'.</span>
<a name="line-146"></a><span class='hs-definition'>hmacSHA256</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span>
<a name="line-147"></a>           <span class='hs-comment'>-- ^ The secret (the salt)</span>
<a name="line-148"></a>           <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-149"></a>           <span class='hs-comment'>-- ^ The clear-text message</span>
<a name="line-150"></a>           <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-151"></a>           <span class='hs-comment'>-- ^ The encoded message</span>
<a name="line-152"></a><span class='hs-definition'>hmacSHA256</span> <span class='hs-varid'>secret</span> <span class='hs-varid'>msg</span> <span class='hs-keyglyph'>=</span>
<a name="line-153"></a>  <span class='hs-keyword'>let</span> <span class='hs-varid'>digest</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>SHA</span><span class='hs-varop'>.</span><span class='hs-varid'>hmacSha256</span> <span class='hs-layout'>(</span><span class='hs-varid'>fromStrict</span> <span class='hs-varid'>secret</span><span class='hs-layout'>)</span> <span class='hs-layout'>(</span><span class='hs-varid'>fromStrict</span> <span class='hs-varid'>msg</span><span class='hs-layout'>)</span>
<a name="line-154"></a>    <span class='hs-keyword'>in</span> <span class='hs-varid'>toStrict</span> <span class='hs-varop'>.</span> <span class='hs-conid'>SHA</span><span class='hs-varop'>.</span><span class='hs-varid'>bytestringDigest</span> <span class='hs-varop'>$</span> <span class='hs-varid'>digest</span>
<a name="line-155"></a>
<a name="line-156"></a><a name="pbkdf2"></a><span class='hs-comment'>-- | PBKDF2 key-derivation function.</span>
<a name="line-157"></a><span class='hs-comment'>-- For details see @<a href="http://tools.ietf.org/html/rfc2898@.">http://tools.ietf.org/html/rfc2898@.</a></span>
<a name="line-158"></a><span class='hs-comment'>-- @32@ is the most common digest size for @SHA256@, and is</span>
<a name="line-159"></a><span class='hs-comment'>-- what the algorithm internally uses.</span>
<a name="line-160"></a><span class='hs-comment'>-- @HMAC+SHA256@ is used as @PRF@, because @HMAC+SHA1@ is considered too weak.</span>
<a name="line-161"></a><span class='hs-definition'>pbkdf2</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-162"></a><span class='hs-definition'>pbkdf2</span> <span class='hs-varid'>password</span> <span class='hs-layout'>(</span><span class='hs-conid'>SaltBS</span> <span class='hs-varid'>salt</span><span class='hs-layout'>)</span> <span class='hs-varid'>c</span> <span class='hs-keyglyph'>=</span>
<a name="line-163"></a>    <span class='hs-keyword'>let</span> <span class='hs-varid'>hLen</span> <span class='hs-keyglyph'>=</span> <span class='hs-num'>32</span>
<a name="line-164"></a>        <span class='hs-varid'>dkLen</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>hLen</span> <span class='hs-keyword'>in</span> <span class='hs-varid'>go</span> <span class='hs-varid'>hLen</span> <span class='hs-varid'>dkLen</span>
<a name="line-165"></a>  <span class='hs-keyword'>where</span>
<a name="line-166"></a>    <span class='hs-varid'>go</span> <span class='hs-varid'>hLen</span> <span class='hs-varid'>dkLen</span> <span class='hs-keyglyph'>|</span> <span class='hs-varid'>dkLen</span> <span class='hs-varop'>&gt;</span> <span class='hs-layout'>(</span><span class='hs-num'>2</span><span class='hs-varop'>^</span><span class='hs-num'>32</span> <span class='hs-comment'>-</span> <span class='hs-num'>1</span><span class='hs-layout'>)</span> <span class='hs-varop'>*</span> <span class='hs-varid'>hLen</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>error</span> <span class='hs-str'>"Derived key too long."</span>
<a name="line-167"></a>                  <span class='hs-keyglyph'>|</span> <span class='hs-varid'>otherwise</span> <span class='hs-keyglyph'>=</span>
<a name="line-168"></a>                      <span class='hs-keyword'>let</span> <span class='hs-varop'>!</span><span class='hs-varid'>l</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>ceiling</span> <span class='hs-layout'>(</span><span class='hs-layout'>(</span><span class='hs-varid'>fromIntegral</span> <span class='hs-varid'>dkLen</span> <span class='hs-varop'>/</span> <span class='hs-varid'>fromIntegral</span> <span class='hs-varid'>hLen</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>Double</span><span class='hs-layout'>)</span>
<a name="line-169"></a>                          <span class='hs-varop'>!</span><span class='hs-varid'>r</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>dkLen</span> <span class='hs-comment'>-</span> <span class='hs-layout'>(</span><span class='hs-varid'>l</span> <span class='hs-comment'>-</span> <span class='hs-num'>1</span><span class='hs-layout'>)</span> <span class='hs-varop'>*</span> <span class='hs-varid'>hLen</span>
<a name="line-170"></a>                          <span class='hs-varid'>chunks</span> <span class='hs-keyglyph'>=</span> <span class='hs-keyglyph'>[</span><span class='hs-varid'>f</span> <span class='hs-varid'>i</span> <span class='hs-keyglyph'>|</span> <span class='hs-varid'>i</span> <span class='hs-keyglyph'>&lt;-</span> <span class='hs-keyglyph'>[</span><span class='hs-num'>1</span> <span class='hs-keyglyph'>..</span> <span class='hs-varid'>l</span><span class='hs-keyglyph'>]</span><span class='hs-keyglyph'>]</span>
<a name="line-171"></a>                      <span class='hs-keyword'>in</span> <span class='hs-layout'>(</span><span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>concat</span> <span class='hs-varop'>.</span> <span class='hs-varid'>init</span> <span class='hs-varop'>$</span> <span class='hs-varid'>chunks</span><span class='hs-layout'>)</span> <span class='hs-varop'>`</span><span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>append</span><span class='hs-varop'>`</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>take</span> <span class='hs-varid'>r</span> <span class='hs-layout'>(</span><span class='hs-varid'>last</span> <span class='hs-varid'>chunks</span><span class='hs-layout'>)</span>
<a name="line-172"></a>
<a name="line-173"></a>    <span class='hs-comment'>-- The @f@ function, as defined in the spec.</span>
<a name="line-174"></a>    <span class='hs-comment'>-- It calls 'u' under the hood.</span>
<a name="line-175"></a>    <span class='hs-varid'>f</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-176"></a>    <span class='hs-varid'>f</span> <span class='hs-varid'>i</span> <span class='hs-keyglyph'>=</span> <span class='hs-keyword'>let</span> <span class='hs-varop'>!</span><span class='hs-varid'>u1</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>hmacSHA256</span> <span class='hs-varid'>password</span> <span class='hs-layout'>(</span><span class='hs-varid'>salt</span> <span class='hs-varop'>`</span><span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>append</span><span class='hs-varop'>`</span> <span class='hs-varid'>int</span> <span class='hs-varid'>i</span><span class='hs-layout'>)</span>
<a name="line-177"></a>      <span class='hs-comment'>-- Using the ST Monad, for maximum performance.</span>
<a name="line-178"></a>      <span class='hs-keyword'>in</span> <span class='hs-varid'>runST</span> <span class='hs-varop'>$</span> <span class='hs-keyword'>do</span>
<a name="line-179"></a>          <span class='hs-varid'>u</span> <span class='hs-keyglyph'>&lt;-</span> <span class='hs-varid'>newSTRef</span> <span class='hs-varid'>u1</span>
<a name="line-180"></a>          <span class='hs-varid'>accum</span> <span class='hs-keyglyph'>&lt;-</span> <span class='hs-varid'>newSTRef</span> <span class='hs-varid'>u1</span>
<a name="line-181"></a>          <span class='hs-varid'>forM_</span> <span class='hs-keyglyph'>[</span><span class='hs-num'>2</span> <span class='hs-keyglyph'>..</span> <span class='hs-varid'>c</span><span class='hs-keyglyph'>]</span> <span class='hs-varop'>$</span> <span class='hs-keyglyph'>\</span><span class='hs-keyword'>_</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-keyword'>do</span>
<a name="line-182"></a>            <span class='hs-varid'>modifySTRef'</span> <span class='hs-varid'>u</span> <span class='hs-layout'>(</span><span class='hs-varid'>hmacSHA256</span> <span class='hs-varid'>password</span><span class='hs-layout'>)</span>
<a name="line-183"></a>            <span class='hs-varid'>currentU</span> <span class='hs-keyglyph'>&lt;-</span> <span class='hs-varid'>readSTRef</span> <span class='hs-varid'>u</span>
<a name="line-184"></a>            <span class='hs-varid'>modifySTRef'</span> <span class='hs-varid'>accum</span> <span class='hs-layout'>(</span><span class='hs-varop'>`xor'`</span> <span class='hs-varid'>currentU</span><span class='hs-layout'>)</span>
<a name="line-185"></a>          <span class='hs-varid'>readSTRef</span> <span class='hs-varid'>accum</span>
<a name="line-186"></a>
<a name="line-187"></a>    <span class='hs-comment'>-- int(i), as defined in the spec.</span>
<a name="line-188"></a>    <span class='hs-varid'>int</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-189"></a>    <span class='hs-varid'>int</span> <span class='hs-varid'>i</span> <span class='hs-keyglyph'>=</span> <span class='hs-keyword'>let</span> <span class='hs-varid'>str</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-varid'>unpack</span> <span class='hs-varop'>.</span> <span class='hs-conid'>Binary</span><span class='hs-varop'>.</span><span class='hs-varid'>encode</span> <span class='hs-varop'>$</span> <span class='hs-varid'>i</span>
<a name="line-190"></a>            <span class='hs-keyword'>in</span> <span class='hs-conid'>BS</span><span class='hs-varop'>.</span><span class='hs-varid'>pack</span> <span class='hs-varop'>$</span> <span class='hs-varid'>drop</span> <span class='hs-layout'>(</span><span class='hs-varid'>length</span> <span class='hs-varid'>str</span> <span class='hs-comment'>-</span> <span class='hs-num'>4</span><span class='hs-layout'>)</span> <span class='hs-varid'>str</span>
<a name="line-191"></a>
<a name="line-192"></a>    <span class='hs-comment'>-- | A convenience function to XOR two 'ByteString' together.</span>
<a name="line-193"></a>    <span class='hs-varid'>xor'</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-194"></a>    <span class='hs-varid'>xor'</span> <span class='hs-varop'>!</span><span class='hs-varid'>b1</span> <span class='hs-varop'>!</span><span class='hs-varid'>b2</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>BS</span><span class='hs-varop'>.</span><span class='hs-varid'>pack</span> <span class='hs-varop'>$</span> <span class='hs-conid'>BS</span><span class='hs-varop'>.</span><span class='hs-varid'>zipWith</span> <span class='hs-varid'>xor</span> <span class='hs-varid'>b1</span> <span class='hs-varid'>b2</span>
<a name="line-195"></a>
<a name="line-196"></a><a name="genSaltIO"></a><span class='hs-comment'>-- | Generate a 'Salt' from 128 bits of data from @\/dev\/urandom@, with the</span>
<a name="line-197"></a><span class='hs-comment'>-- system RNG as a fallback. This is the function used to generate salts by</span>
<a name="line-198"></a><span class='hs-comment'>-- 'makePassword'.</span>
<a name="line-199"></a><span class='hs-definition'>genSaltIO</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>IO</span> <span class='hs-conid'>Salt</span>
<a name="line-200"></a><span class='hs-definition'>genSaltIO</span> <span class='hs-keyglyph'>=</span>
<a name="line-201"></a>    <span class='hs-conid'>Control</span><span class='hs-varop'>.</span><span class='hs-conid'>Exception</span><span class='hs-varop'>.</span><span class='hs-varid'>catch</span> <span class='hs-varid'>genSaltDevURandom</span> <span class='hs-varid'>def</span>
<a name="line-202"></a>  <span class='hs-keyword'>where</span>
<a name="line-203"></a>    <span class='hs-varid'>def</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>IOError</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>IO</span> <span class='hs-conid'>Salt</span>
<a name="line-204"></a>    <span class='hs-varid'>def</span> <span class='hs-keyword'>_</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>genSaltSysRandom</span>
<a name="line-205"></a>
<a name="line-206"></a><a name="genSaltDevURandom"></a><span class='hs-comment'>-- | Generate a 'Salt' from @\/dev\/urandom@.</span>
<a name="line-207"></a><span class='hs-definition'>genSaltDevURandom</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>IO</span> <span class='hs-conid'>Salt</span>
<a name="line-208"></a><span class='hs-definition'>genSaltDevURandom</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>withFile</span> <span class='hs-str'>"/dev/urandom"</span> <span class='hs-conid'>ReadMode</span> <span class='hs-varop'>$</span> <span class='hs-keyglyph'>\</span><span class='hs-varid'>h</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-keyword'>do</span>
<a name="line-209"></a>                      <span class='hs-varid'>rawSalt</span> <span class='hs-keyglyph'>&lt;-</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>hGet</span> <span class='hs-varid'>h</span> <span class='hs-num'>16</span>
<a name="line-210"></a>                      <span class='hs-varid'>return</span> <span class='hs-varop'>$</span> <span class='hs-varid'>makeSalt</span> <span class='hs-varid'>rawSalt</span>
<a name="line-211"></a>
<a name="line-212"></a><a name="genSaltSysRandom"></a><span class='hs-comment'>-- | Generate a 'Salt' from 'System.Random'.</span>
<a name="line-213"></a><span class='hs-definition'>genSaltSysRandom</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>IO</span> <span class='hs-conid'>Salt</span>
<a name="line-214"></a><span class='hs-definition'>genSaltSysRandom</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>randomChars</span> <span class='hs-varop'>&gt;&gt;=</span> <span class='hs-varid'>return</span> <span class='hs-varop'>.</span> <span class='hs-varid'>makeSalt</span> <span class='hs-varop'>.</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>pack</span>
<a name="line-215"></a>    <span class='hs-keyword'>where</span> <span class='hs-varid'>randomChars</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>sequence</span> <span class='hs-varop'>$</span> <span class='hs-varid'>replicate</span> <span class='hs-num'>16</span> <span class='hs-varop'>$</span> <span class='hs-varid'>randomRIO</span> <span class='hs-layout'>(</span><span class='hs-chr'>'\NUL'</span><span class='hs-layout'>,</span> <span class='hs-chr'>'\255'</span><span class='hs-layout'>)</span>
<a name="line-216"></a>
<a name="line-217"></a><span class='hs-comment'>-----------------------</span>
<a name="line-218"></a><span class='hs-comment'>-- Password hash format</span>
<a name="line-219"></a><span class='hs-comment'>-----------------------</span>
<a name="line-220"></a>
<a name="line-221"></a><span class='hs-comment'>-- Format: "sha256|strength|salt|hash", where strength is an unsigned int, salt</span>
<a name="line-222"></a><span class='hs-comment'>-- is a base64-encoded 16-byte random number, and hash is a base64-encoded hash</span>
<a name="line-223"></a><span class='hs-comment'>-- value.</span>
<a name="line-224"></a>
<a name="line-225"></a><a name="readPwHash"></a><span class='hs-comment'>-- | Try to parse a password hash.</span>
<a name="line-226"></a><span class='hs-definition'>readPwHash</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Maybe</span> <span class='hs-layout'>(</span><span class='hs-conid'>Int</span><span class='hs-layout'>,</span> <span class='hs-conid'>Salt</span><span class='hs-layout'>,</span> <span class='hs-conid'>ByteString</span><span class='hs-layout'>)</span>
<a name="line-227"></a><span class='hs-definition'>readPwHash</span> <span class='hs-varid'>pw</span> <span class='hs-keyglyph'>|</span> <span class='hs-varid'>length</span> <span class='hs-varid'>broken</span> <span class='hs-varop'>/=</span> <span class='hs-num'>4</span>
<a name="line-228"></a>                <span class='hs-varop'>||</span> <span class='hs-varid'>algorithm</span> <span class='hs-varop'>/=</span> <span class='hs-str'>"sha256"</span>
<a name="line-229"></a>                <span class='hs-varop'>||</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>length</span> <span class='hs-varid'>hash</span> <span class='hs-varop'>/=</span> <span class='hs-num'>44</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>Nothing</span>
<a name="line-230"></a>              <span class='hs-keyglyph'>|</span> <span class='hs-varid'>otherwise</span> <span class='hs-keyglyph'>=</span> <span class='hs-keyword'>case</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>readInt</span> <span class='hs-varid'>strBS</span> <span class='hs-keyword'>of</span>
<a name="line-231"></a>                              <span class='hs-conid'>Just</span> <span class='hs-layout'>(</span><span class='hs-varid'>strength</span><span class='hs-layout'>,</span> <span class='hs-keyword'>_</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Just</span> <span class='hs-layout'>(</span><span class='hs-varid'>strength</span><span class='hs-layout'>,</span> <span class='hs-conid'>SaltBS</span> <span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>hash</span><span class='hs-layout'>)</span>
<a name="line-232"></a>                              <span class='hs-conid'>Nothing</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Nothing</span>
<a name="line-233"></a>    <span class='hs-keyword'>where</span> <span class='hs-varid'>broken</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>split</span> <span class='hs-chr'>'|'</span> <span class='hs-varid'>pw</span>
<a name="line-234"></a>          <span class='hs-keyglyph'>[</span><span class='hs-varid'>algorithm</span><span class='hs-layout'>,</span> <span class='hs-varid'>strBS</span><span class='hs-layout'>,</span> <span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>hash</span><span class='hs-keyglyph'>]</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>broken</span>
<a name="line-235"></a>
<a name="line-236"></a><a name="writePwHash"></a><span class='hs-comment'>-- | Encode a password hash, from a @(strength, salt, hash)@ tuple, where</span>
<a name="line-237"></a><span class='hs-comment'>-- strength is an 'Int', and both @salt@ and @hash@ are base64-encoded</span>
<a name="line-238"></a><span class='hs-comment'>-- 'ByteString's.</span>
<a name="line-239"></a><span class='hs-definition'>writePwHash</span> <span class='hs-keyglyph'>::</span> <span class='hs-layout'>(</span><span class='hs-conid'>Int</span><span class='hs-layout'>,</span> <span class='hs-conid'>Salt</span><span class='hs-layout'>,</span> <span class='hs-conid'>ByteString</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-240"></a><span class='hs-definition'>writePwHash</span> <span class='hs-layout'>(</span><span class='hs-varid'>strength</span><span class='hs-layout'>,</span> <span class='hs-conid'>SaltBS</span> <span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>hash</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>=</span>
<a name="line-241"></a>    <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>intercalate</span> <span class='hs-str'>"|"</span> <span class='hs-keyglyph'>[</span><span class='hs-str'>"sha256"</span><span class='hs-layout'>,</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>pack</span> <span class='hs-layout'>(</span><span class='hs-varid'>show</span> <span class='hs-varid'>strength</span><span class='hs-layout'>)</span><span class='hs-layout'>,</span> <span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>hash</span><span class='hs-keyglyph'>]</span>
<a name="line-242"></a>
<a name="line-243"></a><span class='hs-comment'>-----------------</span>
<a name="line-244"></a><span class='hs-comment'>-- High level API</span>
<a name="line-245"></a><span class='hs-comment'>-----------------</span>
<a name="line-246"></a>
<a name="line-247"></a><a name="makePassword"></a><span class='hs-comment'>-- | Hash a password with a given strength (14 is a good default). The output of</span>
<a name="line-248"></a><span class='hs-comment'>-- this function can be written directly to a password file or</span>
<a name="line-249"></a><span class='hs-comment'>-- database. Generates a salt using high-quality randomness from</span>
<a name="line-250"></a><span class='hs-comment'>-- @\/dev\/urandom@ or (if that is not available, for example on Windows)</span>
<a name="line-251"></a><span class='hs-comment'>-- 'System.Random', which is included in the hashed output.</span>
<a name="line-252"></a><span class='hs-definition'>makePassword</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>IO</span> <span class='hs-conid'>ByteString</span>
<a name="line-253"></a><span class='hs-definition'>makePassword</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>makePasswordWith</span> <span class='hs-varid'>pbkdf1</span>
<a name="line-254"></a>
<a name="line-255"></a><a name="makePasswordWith"></a><span class='hs-comment'>-- | A generic version of 'makePassword', which allow the user</span>
<a name="line-256"></a><span class='hs-comment'>-- to choose the algorithm to use.</span>
<a name="line-257"></a><span class='hs-comment'>--</span>
<a name="line-258"></a><span class='hs-comment'>-- &gt;&gt;&gt; makePasswordWith pbkdf1 "password" 14</span>
<a name="line-259"></a><span class='hs-comment'>--</span>
<a name="line-260"></a><span class='hs-definition'>makePasswordWith</span> <span class='hs-keyglyph'>::</span> <span class='hs-layout'>(</span><span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span><span class='hs-layout'>)</span>
<a name="line-261"></a>                 <span class='hs-comment'>-- ^ The algorithm to use (e.g. pbkdf1)</span>
<a name="line-262"></a>                 <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-263"></a>                 <span class='hs-comment'>-- ^ The password to encrypt</span>
<a name="line-264"></a>                 <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span>
<a name="line-265"></a>                 <span class='hs-comment'>-- ^ log2 of the number of iterations</span>
<a name="line-266"></a>                 <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>IO</span> <span class='hs-conid'>ByteString</span>
<a name="line-267"></a><span class='hs-definition'>makePasswordWith</span> <span class='hs-varid'>algorithm</span> <span class='hs-varid'>password</span> <span class='hs-varid'>strength</span> <span class='hs-keyglyph'>=</span> <span class='hs-keyword'>do</span>
<a name="line-268"></a>  <span class='hs-varid'>salt</span> <span class='hs-keyglyph'>&lt;-</span> <span class='hs-varid'>genSaltIO</span>
<a name="line-269"></a>  <span class='hs-varid'>return</span> <span class='hs-varop'>$</span> <span class='hs-varid'>makePasswordSaltWith</span> <span class='hs-varid'>algorithm</span> <span class='hs-layout'>(</span><span class='hs-num'>2</span><span class='hs-varop'>^</span><span class='hs-layout'>)</span> <span class='hs-varid'>password</span> <span class='hs-varid'>salt</span> <span class='hs-varid'>strength</span>
<a name="line-270"></a>
<a name="line-271"></a><a name="makePasswordSaltWith"></a><span class='hs-comment'>-- | A generic version of 'makePasswordSalt', meant to give the user</span>
<a name="line-272"></a><span class='hs-comment'>-- the maximum control over the generation parameters.</span>
<a name="line-273"></a><span class='hs-comment'>-- Note that, unlike 'makePasswordWith', this function takes the @raw@</span>
<a name="line-274"></a><span class='hs-comment'>-- number of iterations. This means the user will need to specify a</span>
<a name="line-275"></a><span class='hs-comment'>-- sensible value, typically @10000@ or @20000@.</span>
<a name="line-276"></a><span class='hs-definition'>makePasswordSaltWith</span> <span class='hs-keyglyph'>::</span> <span class='hs-layout'>(</span><span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span><span class='hs-layout'>)</span>
<a name="line-277"></a>                     <span class='hs-comment'>-- ^ A function modeling an algorithm (e.g. 'pbkdf1')</span>
<a name="line-278"></a>                     <span class='hs-keyglyph'>-&gt;</span> <span class='hs-layout'>(</span><span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span><span class='hs-layout'>)</span>
<a name="line-279"></a>                     <span class='hs-comment'>-- ^ A function to modify the strength</span>
<a name="line-280"></a>                     <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-281"></a>                     <span class='hs-comment'>-- ^ A password, given as clear text</span>
<a name="line-282"></a>                     <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span>
<a name="line-283"></a>                     <span class='hs-comment'>-- ^ A hash 'Salt'</span>
<a name="line-284"></a>                     <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span>
<a name="line-285"></a>                     <span class='hs-comment'>-- ^ The password strength (e.g. @10000, 20000, etc.@)</span>
<a name="line-286"></a>                     <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-287"></a><span class='hs-definition'>makePasswordSaltWith</span> <span class='hs-varid'>algorithm</span> <span class='hs-varid'>strengthModifier</span> <span class='hs-varid'>pwd</span> <span class='hs-varid'>salt</span> <span class='hs-varid'>strength</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>writePwHash</span> <span class='hs-layout'>(</span><span class='hs-varid'>strength</span><span class='hs-layout'>,</span> <span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>hash</span><span class='hs-layout'>)</span>
<a name="line-288"></a>    <span class='hs-keyword'>where</span> <span class='hs-varid'>hash</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>encode</span> <span class='hs-varop'>$</span> <span class='hs-varid'>algorithm</span> <span class='hs-varid'>pwd</span> <span class='hs-varid'>salt</span> <span class='hs-layout'>(</span><span class='hs-varid'>strengthModifier</span> <span class='hs-varid'>strength</span><span class='hs-layout'>)</span>
<a name="line-289"></a>
<a name="line-290"></a><a name="makePasswordSalt"></a><span class='hs-comment'>-- | Hash a password with a given strength (14 is a good default), using a given</span>
<a name="line-291"></a><span class='hs-comment'>-- salt. The output of this function can be written directly to a password file</span>
<a name="line-292"></a><span class='hs-comment'>-- or database. Example:</span>
<a name="line-293"></a><span class='hs-comment'>--</span>
<a name="line-294"></a><span class='hs-comment'>-- &gt; &gt;&gt;&gt; makePasswordSalt "hunter2" (makeSalt "72cd18b5ebfe6e96") 14</span>
<a name="line-295"></a><span class='hs-comment'>-- &gt; "sha256|14|NzJjZDE4YjVlYmZlNmU5Ng==|yuiNrZW3KHX+pd0sWy9NTTsy5Yopmtx4UYscItSsoxc="</span>
<a name="line-296"></a><span class='hs-definition'>makePasswordSalt</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-297"></a><span class='hs-definition'>makePasswordSalt</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>makePasswordSaltWith</span> <span class='hs-varid'>pbkdf1</span> <span class='hs-layout'>(</span><span class='hs-num'>2</span><span class='hs-varop'>^</span><span class='hs-layout'>)</span>
<a name="line-298"></a>
<a name="line-299"></a><a name="verifyPasswordWith"></a><span class='hs-comment'>-- | 'verifyPasswordWith' @algorithm userInput pwHash@ verifies</span>
<a name="line-300"></a><span class='hs-comment'>-- the password @userInput@ given by the user against the stored password</span>
<a name="line-301"></a><span class='hs-comment'>-- hash @pwHash@, with the hashing algorithm @algorithm@.  Returns 'True' if the</span>
<a name="line-302"></a><span class='hs-comment'>-- given password is correct, and 'False' if it is not.</span>
<a name="line-303"></a><span class='hs-comment'>-- This function allows the programmer to specify the algorithm to use,</span>
<a name="line-304"></a><span class='hs-comment'>-- e.g. 'pbkdf1' or 'pbkdf2'.</span>
<a name="line-305"></a><span class='hs-comment'>-- Note: If you want to verify a password previously generated with</span>
<a name="line-306"></a><span class='hs-comment'>-- 'makePasswordSaltWith', but without modifying the number of iterations,</span>
<a name="line-307"></a><span class='hs-comment'>-- you can do:</span>
<a name="line-308"></a><span class='hs-comment'>--</span>
<a name="line-309"></a><span class='hs-comment'>-- &gt; &gt;&gt;&gt; verifyPasswordWith pbkdf2 id "hunter2" "sha256..."</span>
<a name="line-310"></a><span class='hs-comment'>-- &gt; True</span>
<a name="line-311"></a><span class='hs-comment'>--</span>
<a name="line-312"></a><span class='hs-definition'>verifyPasswordWith</span> <span class='hs-keyglyph'>::</span> <span class='hs-layout'>(</span><span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span><span class='hs-layout'>)</span>
<a name="line-313"></a>                   <span class='hs-comment'>-- ^ A function modeling an algorithm (e.g. pbkdf1)</span>
<a name="line-314"></a>                   <span class='hs-keyglyph'>-&gt;</span> <span class='hs-layout'>(</span><span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span><span class='hs-layout'>)</span>
<a name="line-315"></a>                   <span class='hs-comment'>-- ^ A function to modify the strength</span>
<a name="line-316"></a>                   <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-317"></a>                   <span class='hs-comment'>-- ^ User password</span>
<a name="line-318"></a>                   <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-319"></a>                   <span class='hs-comment'>-- ^ The generated hash (e.g. sha256|14...)</span>
<a name="line-320"></a>                   <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Bool</span>
<a name="line-321"></a><span class='hs-definition'>verifyPasswordWith</span> <span class='hs-varid'>algorithm</span> <span class='hs-varid'>strengthModifier</span> <span class='hs-varid'>userInput</span> <span class='hs-varid'>pwHash</span> <span class='hs-keyglyph'>=</span>
<a name="line-322"></a>    <span class='hs-keyword'>case</span> <span class='hs-varid'>readPwHash</span> <span class='hs-varid'>pwHash</span> <span class='hs-keyword'>of</span>
<a name="line-323"></a>      <span class='hs-conid'>Nothing</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>False</span>
<a name="line-324"></a>      <span class='hs-conid'>Just</span> <span class='hs-layout'>(</span><span class='hs-varid'>strength</span><span class='hs-layout'>,</span> <span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>goodHash</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>-&gt;</span>
<a name="line-325"></a>          <span class='hs-varid'>encode</span> <span class='hs-layout'>(</span><span class='hs-varid'>algorithm</span> <span class='hs-varid'>userInput</span> <span class='hs-varid'>salt</span> <span class='hs-layout'>(</span><span class='hs-varid'>strengthModifier</span> <span class='hs-varid'>strength</span><span class='hs-layout'>)</span><span class='hs-layout'>)</span> <span class='hs-varop'>==</span> <span class='hs-varid'>goodHash</span>
<a name="line-326"></a>
<a name="line-327"></a><a name="verifyPassword"></a><span class='hs-comment'>-- | Like 'verifyPasswordWith', but uses 'pbkdf1' as algorithm.</span>
<a name="line-328"></a><span class='hs-definition'>verifyPassword</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Bool</span>
<a name="line-329"></a><span class='hs-definition'>verifyPassword</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>verifyPasswordWith</span> <span class='hs-varid'>pbkdf1</span> <span class='hs-layout'>(</span><span class='hs-num'>2</span><span class='hs-varop'>^</span><span class='hs-layout'>)</span>
<a name="line-330"></a>
<a name="line-331"></a><a name="strengthenPassword"></a><span class='hs-comment'>-- | Try to strengthen a password hash, by hashing it some more</span>
<a name="line-332"></a><span class='hs-comment'>-- times. @'strengthenPassword' pwHash new_strength@ will return a new password</span>
<a name="line-333"></a><span class='hs-comment'>-- hash with strength at least @new_strength@. If the password hash already has</span>
<a name="line-334"></a><span class='hs-comment'>-- strength greater than or equal to @new_strength@, then it is returned</span>
<a name="line-335"></a><span class='hs-comment'>-- unmodified. If the password hash is invalid and does not parse, it will be</span>
<a name="line-336"></a><span class='hs-comment'>-- returned without comment.</span>
<a name="line-337"></a><span class='hs-comment'>--</span>
<a name="line-338"></a><span class='hs-comment'>-- This function can be used to periodically update your password database when</span>
<a name="line-339"></a><span class='hs-comment'>-- computers get faster, in order to keep up with Moore's law. This isn't hugely</span>
<a name="line-340"></a><span class='hs-comment'>-- important, but it's a good idea.</span>
<a name="line-341"></a><span class='hs-definition'>strengthenPassword</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-342"></a><span class='hs-definition'>strengthenPassword</span> <span class='hs-varid'>pwHash</span> <span class='hs-varid'>newstr</span> <span class='hs-keyglyph'>=</span>
<a name="line-343"></a>    <span class='hs-keyword'>case</span> <span class='hs-varid'>readPwHash</span> <span class='hs-varid'>pwHash</span> <span class='hs-keyword'>of</span>
<a name="line-344"></a>      <span class='hs-conid'>Nothing</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-varid'>pwHash</span>
<a name="line-345"></a>      <span class='hs-conid'>Just</span> <span class='hs-layout'>(</span><span class='hs-varid'>oldstr</span><span class='hs-layout'>,</span> <span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>hashB64</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>-&gt;</span>
<a name="line-346"></a>          <span class='hs-keyword'>if</span> <span class='hs-varid'>oldstr</span> <span class='hs-varop'>&lt;</span> <span class='hs-varid'>newstr</span> <span class='hs-keyword'>then</span>
<a name="line-347"></a>              <span class='hs-varid'>writePwHash</span> <span class='hs-layout'>(</span><span class='hs-varid'>newstr</span><span class='hs-layout'>,</span> <span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>newHash</span><span class='hs-layout'>)</span>
<a name="line-348"></a>          <span class='hs-keyword'>else</span>
<a name="line-349"></a>              <span class='hs-varid'>pwHash</span>
<a name="line-350"></a>          <span class='hs-keyword'>where</span> <span class='hs-varid'>newHash</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>encode</span> <span class='hs-varop'>$</span> <span class='hs-varid'>hashRounds</span> <span class='hs-varid'>hash</span> <span class='hs-varid'>extraRounds</span>
<a name="line-351"></a>                <span class='hs-varid'>extraRounds</span> <span class='hs-keyglyph'>=</span> <span class='hs-layout'>(</span><span class='hs-num'>2</span><span class='hs-varop'>^</span><span class='hs-varid'>newstr</span><span class='hs-layout'>)</span> <span class='hs-comment'>-</span> <span class='hs-layout'>(</span><span class='hs-num'>2</span><span class='hs-varop'>^</span><span class='hs-varid'>oldstr</span><span class='hs-layout'>)</span>
<a name="line-352"></a>                <span class='hs-varid'>hash</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>decodeLenient</span> <span class='hs-varid'>hashB64</span>
<a name="line-353"></a>
<a name="line-354"></a><a name="passwordStrength"></a><span class='hs-comment'>-- | Return the strength of a password hash.</span>
<a name="line-355"></a><span class='hs-definition'>passwordStrength</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Int</span>
<a name="line-356"></a><span class='hs-definition'>passwordStrength</span> <span class='hs-varid'>pwHash</span> <span class='hs-keyglyph'>=</span> <span class='hs-keyword'>case</span> <span class='hs-varid'>readPwHash</span> <span class='hs-varid'>pwHash</span> <span class='hs-keyword'>of</span>
<a name="line-357"></a>                            <span class='hs-conid'>Nothing</span>               <span class='hs-keyglyph'>-&gt;</span> <span class='hs-num'>0</span>
<a name="line-358"></a>                            <span class='hs-conid'>Just</span> <span class='hs-layout'>(</span><span class='hs-varid'>strength</span><span class='hs-layout'>,</span> <span class='hs-keyword'>_</span><span class='hs-layout'>,</span> <span class='hs-keyword'>_</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-varid'>strength</span>
<a name="line-359"></a>
<a name="line-360"></a><span class='hs-comment'>------------</span>
<a name="line-361"></a><span class='hs-comment'>-- Utilities</span>
<a name="line-362"></a><span class='hs-comment'>------------</span>
<a name="line-363"></a>
<a name="line-364"></a><a name="Salt"></a><span class='hs-comment'>-- | A salt is a unique random value which is stored as part of the password</span>
<a name="line-365"></a><a name="Salt"></a><span class='hs-comment'>-- hash. You can generate a salt with 'genSaltIO' or 'genSaltRandom', or if you</span>
<a name="line-366"></a><a name="Salt"></a><span class='hs-comment'>-- really know what you're doing, you can create them from your own ByteString</span>
<a name="line-367"></a><a name="Salt"></a><span class='hs-comment'>-- values with 'makeSalt'.</span>
<a name="line-368"></a><a name="Salt"></a><span class='hs-keyword'>newtype</span> <span class='hs-conid'>Salt</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>SaltBS</span> <span class='hs-conid'>ByteString</span>
<a name="line-369"></a>    <span class='hs-keyword'>deriving</span> <span class='hs-layout'>(</span><span class='hs-conid'>Show</span><span class='hs-layout'>,</span> <span class='hs-conid'>Eq</span><span class='hs-layout'>,</span> <span class='hs-conid'>Ord</span><span class='hs-layout'>)</span>
<a name="line-370"></a>
<a name="line-371"></a><a name="makeSalt"></a><span class='hs-comment'>-- | Create a 'Salt' from a 'ByteString'. The input must be at least 8</span>
<a name="line-372"></a><span class='hs-comment'>-- characters, and can contain arbitrary bytes. Most users will not need to use</span>
<a name="line-373"></a><span class='hs-comment'>-- this function.</span>
<a name="line-374"></a><span class='hs-definition'>makeSalt</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span>
<a name="line-375"></a><span class='hs-definition'>makeSalt</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>SaltBS</span> <span class='hs-varop'>.</span> <span class='hs-varid'>encode</span> <span class='hs-varop'>.</span> <span class='hs-varid'>check_length</span>
<a name="line-376"></a>    <span class='hs-keyword'>where</span> <span class='hs-varid'>check_length</span> <span class='hs-varid'>salt</span> <span class='hs-keyglyph'>|</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>length</span> <span class='hs-varid'>salt</span> <span class='hs-varop'>&lt;</span> <span class='hs-num'>8</span> <span class='hs-keyglyph'>=</span>
<a name="line-377"></a>                                <span class='hs-varid'>error</span> <span class='hs-str'>"Salt too short. Minimum length is 8 characters."</span>
<a name="line-378"></a>                            <span class='hs-keyglyph'>|</span> <span class='hs-varid'>otherwise</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>salt</span>
<a name="line-379"></a>
<a name="line-380"></a><a name="exportSalt"></a><span class='hs-comment'>-- | Convert a 'Salt' into a 'ByteString'. The resulting 'ByteString' will be</span>
<a name="line-381"></a><span class='hs-comment'>-- base64-encoded. Most users will not need to use this function.</span>
<a name="line-382"></a><span class='hs-definition'>exportSalt</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>Salt</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ByteString</span>
<a name="line-383"></a><span class='hs-definition'>exportSalt</span> <span class='hs-layout'>(</span><span class='hs-conid'>SaltBS</span> <span class='hs-varid'>bs</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>bs</span>
<a name="line-384"></a>
<a name="line-385"></a><a name="importSalt"></a><span class='hs-comment'>-- | Convert a raw 'ByteString' into a 'Salt'.</span>
<a name="line-386"></a><span class='hs-comment'>-- Use this function with caution, since using a weak salt will result in a</span>
<a name="line-387"></a><span class='hs-comment'>-- weak password.</span>
<a name="line-388"></a><span class='hs-definition'>importSalt</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Salt</span>
<a name="line-389"></a><span class='hs-definition'>importSalt</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>SaltBS</span>
<a name="line-390"></a>
<a name="line-391"></a><a name="isPasswordFormatValid"></a><span class='hs-comment'>-- | Is the format of a password hash valid? Attempts to parse a given password</span>
<a name="line-392"></a><span class='hs-comment'>-- hash. Returns 'True' if it parses correctly, and 'False' otherwise.</span>
<a name="line-393"></a><span class='hs-definition'>isPasswordFormatValid</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>Bool</span>
<a name="line-394"></a><span class='hs-definition'>isPasswordFormatValid</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>isJust</span> <span class='hs-varop'>.</span> <span class='hs-varid'>readPwHash</span>
<a name="line-395"></a>
<a name="line-396"></a><a name="genSaltRandom"></a><span class='hs-comment'>-- | Generate a 'Salt' with 128 bits of data taken from a given random number</span>
<a name="line-397"></a><span class='hs-comment'>-- generator. Returns the salt and the updated random number generator. This is</span>
<a name="line-398"></a><span class='hs-comment'>-- meant to be used with 'makePasswordSalt' by people who would prefer to either</span>
<a name="line-399"></a><span class='hs-comment'>-- use their own random number generator or avoid the 'IO' monad.</span>
<a name="line-400"></a><span class='hs-definition'>genSaltRandom</span> <span class='hs-keyglyph'>::</span> <span class='hs-layout'>(</span><span class='hs-conid'>RandomGen</span> <span class='hs-varid'>b</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>=&gt;</span> <span class='hs-varid'>b</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-layout'>(</span><span class='hs-conid'>Salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>b</span><span class='hs-layout'>)</span>
<a name="line-401"></a><span class='hs-definition'>genSaltRandom</span> <span class='hs-varid'>gen</span> <span class='hs-keyglyph'>=</span> <span class='hs-layout'>(</span><span class='hs-varid'>salt</span><span class='hs-layout'>,</span> <span class='hs-varid'>newgen</span><span class='hs-layout'>)</span>
<a name="line-402"></a>    <span class='hs-keyword'>where</span> <span class='hs-varid'>rands</span> <span class='hs-keyword'>_</span> <span class='hs-num'>0</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>[]</span>
<a name="line-403"></a>          <span class='hs-varid'>rands</span> <span class='hs-varid'>g</span> <span class='hs-varid'>n</span> <span class='hs-keyglyph'>=</span> <span class='hs-layout'>(</span><span class='hs-varid'>a</span><span class='hs-layout'>,</span> <span class='hs-varid'>g'</span><span class='hs-layout'>)</span> <span class='hs-conop'>:</span> <span class='hs-varid'>rands</span> <span class='hs-varid'>g'</span> <span class='hs-layout'>(</span><span class='hs-varid'>n</span><span class='hs-comment'>-</span><span class='hs-num'>1</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>Int</span><span class='hs-layout'>)</span>
<a name="line-404"></a>              <span class='hs-keyword'>where</span> <span class='hs-layout'>(</span><span class='hs-varid'>a</span><span class='hs-layout'>,</span> <span class='hs-varid'>g'</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>randomR</span> <span class='hs-layout'>(</span><span class='hs-chr'>'\NUL'</span><span class='hs-layout'>,</span> <span class='hs-chr'>'\255'</span><span class='hs-layout'>)</span> <span class='hs-varid'>g</span>
<a name="line-405"></a>          <span class='hs-varid'>salt</span>   <span class='hs-keyglyph'>=</span> <span class='hs-varid'>makeSalt</span> <span class='hs-varop'>$</span> <span class='hs-conid'>B</span><span class='hs-varop'>.</span><span class='hs-varid'>pack</span> <span class='hs-varop'>$</span> <span class='hs-varid'>map</span> <span class='hs-varid'>fst</span> <span class='hs-layout'>(</span><span class='hs-varid'>rands</span> <span class='hs-varid'>gen</span> <span class='hs-num'>16</span><span class='hs-layout'>)</span>
<a name="line-406"></a>          <span class='hs-varid'>newgen</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>snd</span> <span class='hs-varop'>$</span> <span class='hs-varid'>last</span> <span class='hs-layout'>(</span><span class='hs-varid'>rands</span> <span class='hs-varid'>gen</span> <span class='hs-num'>16</span><span class='hs-layout'>)</span>
<a name="line-407"></a>
<a name="line-408"></a><span class='hs-cpp'>#if !MIN_VERSION_base(4, 6, 0)</span>
<a name="line-409"></a><a name="modifySTRef'"></a><span class='hs-comment'>-- | Strict version of 'modifySTRef'</span>
<a name="line-410"></a><span class='hs-definition'>modifySTRef'</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>STRef</span> <span class='hs-varid'>s</span> <span class='hs-varid'>a</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-layout'>(</span><span class='hs-varid'>a</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-varid'>a</span><span class='hs-layout'>)</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>ST</span> <span class='hs-varid'>s</span> <span class='hs-conid'>()</span>
<a name="line-411"></a><span class='hs-definition'>modifySTRef'</span> <span class='hs-varid'>ref</span> <span class='hs-varid'>f</span> <span class='hs-keyglyph'>=</span> <span class='hs-keyword'>do</span>
<a name="line-412"></a>    <span class='hs-varid'>x</span> <span class='hs-keyglyph'>&lt;-</span> <span class='hs-varid'>readSTRef</span> <span class='hs-varid'>ref</span>
<a name="line-413"></a>    <span class='hs-keyword'>let</span> <span class='hs-varid'>x'</span> <span class='hs-keyglyph'>=</span> <span class='hs-varid'>f</span> <span class='hs-varid'>x</span>
<a name="line-414"></a>    <span class='hs-varid'>x'</span> <span class='hs-varop'>`seq`</span> <span class='hs-varid'>writeSTRef</span> <span class='hs-varid'>ref</span> <span class='hs-varid'>x'</span>
<a name="line-415"></a><span class='hs-cpp'>#endif</span>
<a name="line-416"></a>
<a name="line-417"></a><span class='hs-cpp'>#if MIN_VERSION_bytestring(0, 10, 0)</span>
<a name="line-418"></a><a name="toStrict"></a><span class='hs-definition'>toStrict</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>BS</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span>
<a name="line-419"></a><span class='hs-definition'>toStrict</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-varid'>toStrict</span>
<a name="line-420"></a>
<a name="line-421"></a><a name="fromStrict"></a><span class='hs-definition'>fromStrict</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>BS</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span>
<a name="line-422"></a><span class='hs-definition'>fromStrict</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-varid'>fromStrict</span>
<a name="line-423"></a><span class='hs-cpp'>#else</span>
<a name="line-424"></a><span class='hs-definition'>toStrict</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>BS</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span>
<a name="line-425"></a><span class='hs-definition'>toStrict</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>BS</span><span class='hs-varop'>.</span><span class='hs-varid'>concat</span> <span class='hs-varop'>.</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-varid'>toChunks</span>
<a name="line-426"></a>
<a name="line-427"></a><span class='hs-definition'>fromStrict</span> <span class='hs-keyglyph'>::</span> <span class='hs-conid'>BS</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span> <span class='hs-keyglyph'>-&gt;</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-conid'>ByteString</span>
<a name="line-428"></a><span class='hs-definition'>fromStrict</span> <span class='hs-keyglyph'>=</span> <span class='hs-conid'>BL</span><span class='hs-varop'>.</span><span class='hs-varid'>fromChunks</span> <span class='hs-varop'>.</span> <span class='hs-varid'>return</span>
<a name="line-429"></a><span class='hs-cpp'>#endif</span>
</pre></body>
</html>