úÎTƒRè     portable experimentalpjscott@iastate.eduNoneHA salt is a unique random value which is stored as part of the password $ hash. You can generate a salt with  or  , or if you  really know what you'7re doing, you can create them from your own ByteString  values with  . 4PBKDF1 key-derivation function. Takes a password, a , and a number of L iterations. The number of iterations should be at least 1000, and probably K more. 5000 is a reasonable number, computing almost instantaneously. This  will give a 32-byte + as output. Both the salt and this 32-byte O key should be stored in the password file. When a user wishes to authenticate O a password, just pass it and the salt to this function, and see if the output  matches. Hash a 9 for a given number of rounds. The number of rounds is 0 I or more. If the number of rounds specified is 0, the ByteString will be  returned unmodified. =Computes the hmacSHA256 of the given message, with the given .  PBKDF2 key-derivation function.  For details see http:tools.ietf.orghtmlrfc2898.  32$ is the most common digest size for SHA256 , and is % what the algorithm internally uses.   HMAC+SHA256 is used as PRF , because  HMAC+SHA1 is considered too weak.  Generate a  from 128 bits of data from /dev/urandom , with the J system RNG as a fallback. This is the function used to generate salts by  .  Generate a  from /dev/urandom.  Generate a  from . Try to parse a password hash. Encode a password hash, from a (strength, salt, hash) tuple, where  strength is an  , and both salt and hash are base64-encoded  s. LHash a password with a given strength (14 is a good default). The output of = this function can be written directly to a password file or ? database. Generates a salt using high-quality randomness from  /dev/urandom7 or (if that is not available, for example on Windows)  *, which is included in the hashed output. A generic version of , which allow the user ! to choose the algorithm to use. %makePasswordWith pbkdf1 "password" 14A generic version of , meant to give the user 5 the maximum control over the generation parameters.  Note that, unlike , this function takes the raw B number of iterations. This means the user will need to specify a  sensible value, typically 10000 or 20000. LHash a password with a given strength (14 is a good default), using a given N salt. The output of this function can be written directly to a password file  or database. Example: A >>> makePasswordSalt "hunter2" (makeSalt "72cd18b5ebfe6e96") 14 S "sha256|14|NzJjZDE4YjVlYmZlNmU5Ng==|yuiNrZW3KHX+pd0sWy9NTTsy5Yopmtx4UYscItSsoxc="  algorithm userInput pwHash verifies  the password  userInput/ given by the user against the stored password  hash pwHash, with the hashing algorithm  algorithm . Returns  if the  given password is correct, and  if it is not. F This function allows the programmer to specify the algorithm to use,  e.g.  or . B Note: If you want to verify a password previously generated with  2, but without modifying the number of iterations,  you can do: 8 >>> verifyPasswordWith pbkdf2 id "hunter2" "sha256..."  True Like  , but uses  as algorithm. ;Try to strengthen a password hash, by hashing it some more  times.   pwHash new_strength will return a new password  hash with strength at least  new_strength#. If the password hash already has # strength greater than or equal to  new_strength, then it is returned L unmodified. If the password hash is invalid and does not parse, it will be  returned without comment. MThis function can be used to periodically update your password database when 5 computers get faster, in order to keep up with Moore's law. This isn' t hugely  important, but it's a good idea. (Return the strength of a password hash.  Create a  from a . The input must be at least 8 N characters, and can contain arbitrary bytes. Most users will not need to use  this function.  Convert a  into a . The resulting  will be @ base64-encoded. Most users will not need to use this function. Convert a raw  into a . J Use this function with caution, since using a weak salt will result in a  weak password. KIs the format of a password hash valid? Attempts to parse a given password  hash. Returns  if it parses correctly, and  otherwise.  Generate a 8 with 128 bits of data taken from a given random number N generator. Returns the salt and the updated random number generator. This is  meant to be used with & by people who would prefer to either 4 use their own random number generator or avoid the  monad. The secret (the salt) The clear-text message The encoded message #The algorithm to use (e.g. pbkdf1) The password to encrypt !log2 of the number of iterations 'A function modeling an algorithm (e.g. ) "A function to modify the strength  A password, given as clear text A hash  The password strength (e.g. 10000, 20000, etc.) /A function modeling an algorithm (e.g. pbkdf1) "A function to modify the strength User password 'The generated hash (e.g. sha256|14...)            !"#$%&'pwstore-fast-2.4.1Crypto.PasswordStoreSystemRandomSaltpbkdf1pbkdf2 genSaltIO makePasswordmakePasswordWithmakePasswordSaltWithmakePasswordSaltverifyPasswordWithverifyPasswordstrengthenPasswordpasswordStrengthmakeSalt exportSalt importSaltisPasswordFormatValid genSaltRandombytestring-0.10.0.2Data.ByteString.Internal ByteString hashRounds hmacSHA256genSaltDevURandomgenSaltSysRandom readPwHash writePwHashghc-prim GHC.TypesIntTrueFalseIOSaltBStoStrict fromStrict