{-# LANGUAGE BangPatterns       #-}
{-# LANGUAGE RecordWildCards    #-}

module Crypto.PBKDF 
    ( 
   
    --     
    -- * Password Based Key Derivation Functions
    --
    -- $summary

    --    
    -- * SHA-based PBKDF1 functions
    --

      sha1PBKDF1
    , sha256PBKDF1
    , sha512PBKDF1

    --
    -- * SHA-based PBKDF2 functions
    --

    , sha1PBKDF2
    , sha256PBKDF2
    , sha512PBKDF2
    ) where

import           Crypto.PBKDF.Core
import           Text.Bytedump


-- $summary
--
-- This module provides stock implementations of the PBKDF functions from
-- RFC-2898 (<http://www.ietf.org/rfc/rfc2898.txt>), based on the SHA-1,
-- SHA-256 and SHA-256 hash functions. Each function takes the password and
-- salt as a string and returns a hex string. To work with ByteStrings
-- see Crypto.PBKDF.ByteString.


sha1PBKDF1, sha256PBKDF1, sha512PBKDF1 
    :: String   -- ^ the password (will be encoded with UTF-8) 
    -> String   -- ^ the salt     (will be encoded with UTF-8)
    -> Int      -- ^ the iteration count
    -> String   -- ^ the result key as a hex string
sha1PBKDF1   pw_s na_s c = dumpRawBS $ pbkdf1 $ sha1PBKDF   pw_s na_s c 0
sha256PBKDF1 pw_s na_s c = dumpRawBS $ pbkdf1 $ sha256PBKDF pw_s na_s c 0
sha512PBKDF1 pw_s na_s c = dumpRawBS $ pbkdf1 $ sha512PBKDF pw_s na_s c 0


sha1PBKDF2, sha256PBKDF2, sha512PBKDF2
    :: String   -- ^ the password (will be encoded with UTF-8) 
    -> String   -- ^ the salt     (will be encoded with UTF-8)
    -> Int      -- ^ the iteration count
    -> Int      -- ^ the length of the key to be generated (in octets)
    -> String   -- ^ the result key as a hex string

sha1PBKDF2   pw_s na_s c dkLen = dumpRawBS $ pbkdf2 $ sha1PBKDF   pw_s na_s c dkLen
sha256PBKDF2 pw_s na_s c dkLen = dumpRawBS $ pbkdf2 $ sha256PBKDF pw_s na_s c dkLen
sha512PBKDF2 pw_s na_s c dkLen = dumpRawBS $ pbkdf2 $ sha512PBKDF pw_s na_s c dkLen