commit 17156e1775f60893b4c5040d7a0073659ea9157d (tree)
parent 3f450b7e931b76b20e36d2bab2e2d1fed3ee19ec
Author: Rob Napier <rob@neverwood.org>
Date: Sat, 12 Sep 2020 18:33:53 -0400
pbkdf2 "very large dklen test" should just check for crashes
Diffstat:
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/lib/std/crypto/pbkdf2.zig b/lib/std/crypto/pbkdf2.zig
@@ -59,8 +59,10 @@ const mem = std.mem;
/// salt: Arbitrary sequence of bytes of any length, including empty. A common length is 8 bytes.
///
/// rounds: Iteration count. Must be greater than 0. Common values range from 1,000 to 100,000.
+/// Larger iteration counts improve security by increasing the time required to compute
+/// the derivedKey. It is common to tune this parameter to achieve approximately 100ms.
///
-/// Prf: Pseudo-random function to use. The most common choice is std.crypto.auth.hmac.HmacSha256.
+/// Prf: Pseudo-random function to use. A common choice is std.crypto.auth.hmac.HmacSha256.
pub fn pbkdf2(derivedKey: []u8, password: []const u8, salt: []const u8, rounds: u32, comptime Prf: type) void {
assert(rounds >= 1);
@@ -263,8 +265,5 @@ test "Very large dkLen" {
}
pbkdf2(derivedKey, p, s, c, crypto.auth.hmac.HmacSha1);
-
- const expected = "0c60c80f961f0e71f3a9b524af6012062fe037a6";
-
- htest.assertEqual(expected, derivedKey[0..]);
+ // Just verify this doesn't crash with an overflow
}