Commit `17156e1775`

Rob Napier <rob@neverwood.org>

2020-09-13 00:33:53

pbkdf2 "very large dklen test" should just check for crashes

master

1 parent 3f450b7

Changed files (1)

lib

std

crypto

pbkdf2.zig

@@ -59,8 +59,10 @@ const mem = std.mem;
 /// salt: Arbitrary sequence of bytes of any length, including empty. A common length is 8 bytes.
 ///
 /// rounds: Iteration count. Must be greater than 0. Common values range from 1,000 to 100,000.
+///         Larger iteration counts improve security by increasing the time required to compute
+///         the derivedKey. It is common to tune this parameter to achieve approximately 100ms.
 ///
-/// Prf: Pseudo-random function to use. The most common choice is std.crypto.auth.hmac.HmacSha256.
+/// Prf: Pseudo-random function to use. A common choice is std.crypto.auth.hmac.HmacSha256.
 pub fn pbkdf2(derivedKey: []u8, password: []const u8, salt: []const u8, rounds: u32, comptime Prf: type) void {
     assert(rounds >= 1);
 
@@ -263,8 +265,5 @@ test "Very large dkLen" {
     }
 
     pbkdf2(derivedKey, p, s, c, crypto.auth.hmac.HmacSha1);
-
-    const expected = "0c60c80f961f0e71f3a9b524af6012062fe037a6";
-
-    htest.assertEqual(expected, derivedKey[0..]);
+    // Just verify this doesn't crash with an overflow
 }

Commit 17156e1775

Commit `17156e1775`