convenience Functions for KDFs

[tauli]

I'd like to see some convenience functions for the KDFs akin to the encryptPass and verifyPass from the package scrypt.

If this is something that you would like to see but don't have the time to implement yourself, i'd be happy to contribute a pull request.

[tekul]

This would certainly make sense for argon2, since it has a standard format for the encoded hash and parameters. The BCrypt code already has high-level functions. For scrypt it's a bit trickier, as there's no standard format that I'm aware of for encoding the hash. The Haskell scrypt library has invented its own, but it would probably make more sense to be compatibile with passlib and the PHC format.

[tauli]

I wasn't aware that the PHC specified a format for hash storage. I agree that that should be used. No need to define something new :-)

So i think we should add some encryptStorable function to HKDF, PBKDF2 and Scrypt. I'd also think it would be neat to have a single verify function that sits in Crypto.KDF which detects the algorithm of the hash and just does the right thing. Even though BCrypt uses a slightly different format to PHC, it's easy enough to distinguish.

[tekul]

I'm not sure about encryptStorable. It's not really encryption. I think I would just use hashPassword/verifyPassword since that is the most common use case and people will immediately understand what is going on.

[tauli]

Agreed. I think I'll just implement this as soon as i find the time and send a pull request when I'm done. Probably much more productive to talk about actual code at this point.

[tekul]

Note that the format described in that repo is wrong. There's also a 'v' parameter in the string which is the argon2 version. Also rather confusingly, the version is entered as a base-16 parameter for the argon2 command, but is shown as base-10 in the output string.

[MaxGabriel]

@tauli Did you make any progress on this?

I looked into the argon2 side, it looks like https://github.com/P-H-C/phc-winner-argon2 recommends using argon2<v>_hash_encoded to generate the base64 encoded version that includes parameters, but I didn't find it searching the Cryptonite codebase. Is the cryptonite C code based on an older Argon2 C library or something?

[tekul]

@MaxGabriel I wrote some code to do this which you can use in the meantime if you wish. I will move it to cryptonite at some point when I've tidied it up and added some docs.