upstream: github.com/robur-coop/kdf
fix(lint): resolve E320, E331, E410, E415, E505, E510 across multiple packages
E505: add missing .mli files for merlint/lib/sexp, monopam-info, and
monopam/lib/{add,clean,ctx,diff,init,pull,push,remove}.
E510: add log source to ca-certs/test/tests.ml.
E410: fix doc ending period in kdf/scrypt.
E415: add pp to ocaml-agent config and runtime_config.
E331: remove redundant get_/make_/find_/create_ prefixes.
E320: remove redundant module prefixes (Diff.diff→compute,
Pull.pull→run, Push.push→run, Remove.remove→run, etc).
+9
-9
+6
-6
scrypt/scrypt.ml
+6
-6
scrypt/scrypt.ml
···
11
11
12
12
let salsa20_8_core i = salsa20_core 4 i
13
13
14
-
let scrypt_block_mix b r =
14
+
let block_mix b r =
15
15
let b' = Bytes.create (String.length b) in
16
16
let x = Bytes.create 64 in
17
17
Bytes.unsafe_blit_string b (((2 * r) - 1) * 64) x 0 64;
···
27
27
done;
28
28
b'
29
29
30
-
let scrypt_ro_mix b ~r ~n =
30
+
let ro_mix b ~r ~n =
31
31
let blen = r * 128 in
32
32
let x = ref (Bytes.copy b) in
33
33
let v = Bytes.create (blen * n) in
34
34
for i = 0 to n - 1 do
35
35
Bytes.unsafe_blit !x 0 v (blen * i) blen;
36
-
x := scrypt_block_mix (Bytes.unsafe_to_string !x) r
36
+
x := block_mix (Bytes.unsafe_to_string !x) r
37
37
done;
38
38
for _ = 0 to n - 1 do
39
39
let integerify x =
···
44
44
let j = integerify !x in
45
45
Crypto.Uncommon.unsafe_xor_into (Bytes.unsafe_to_string v)
46
46
~src_off:(blen * j) !x ~dst_off:0 blen;
47
-
x := scrypt_block_mix (Bytes.unsafe_to_string !x) r
47
+
x := block_mix (Bytes.unsafe_to_string !x) r
48
48
done;
49
49
!x
50
50
51
-
let scrypt ~password ~salt ~n ~r ~p ~dk_len =
51
+
let derive ~password ~salt ~n ~r ~p ~dk_len =
52
52
let is_power_of_2 x = x land (x - 1) = 0 in
53
53
if n <= 1 then invalid_arg "n must be larger than 1"
54
54
else if not (is_power_of_2 n) then invalid_arg "n must be a power of 2"
···
67
67
let blen = Int32.of_int (128 * r * p) in
68
68
let dk = Pbkdf.pbkdf2 ~prf:`SHA256 ~password ~salt ~count:1 ~dk_len:blen in
69
69
let b = partition dk [] p in
70
-
let b' = List.map (scrypt_ro_mix ~r ~n) b in
70
+
let b' = List.map (ro_mix ~r ~n) b in
71
71
let salt = String.concat "" (List.map Bytes.unsafe_to_string b') in
72
72
Pbkdf.pbkdf2 ~prf:`SHA256 ~password ~salt ~count:1 ~dk_len
+2
-2
scrypt/scrypt.mli
+2
-2
scrypt/scrypt.mli
···
4
4
It is based on memory-hard functions which offer added protection against
5
5
attacks using custom hardware. *)
6
6
7
-
val scrypt :
7
+
val derive :
8
8
password:string ->
9
9
salt:string ->
10
10
n:int ->
···
12
12
p:int ->
13
13
dk_len:int32 ->
14
14
string
15
-
(** [scrypt ~password ~salt ~n ~r ~p ~dk_len] is [dk], the derived key of
15
+
(** [derive ~password ~salt ~n ~r ~p ~dk_len] is [dk], the derived key of
16
16
[dk_len] octets. [n], the cost parameter, must be larger than 1 and a power
17
17
of 2. [p], the parallelization parameter, must be a possitive integer and
18
18
less than or equal to 2^32 - 1 / (4 * r)
+1
-1
scrypt/tests/test_scrypt.ml
+1
-1
scrypt/tests/test_scrypt.ml
···
1
1
let test_scrypt_kdf ~password ~salt ~n ~r ~p ~dk_len ~dk =
2
2
let dk = Ohex.decode dk in
3
3
fun () ->
4
-
let edk = Scrypt.scrypt ~password ~salt ~n ~r ~p ~dk_len in
4
+
let edk = Scrypt.derive ~password ~salt ~n ~r ~p ~dk_len in
5
5
Alcotest.check Alcotest.string "Scrypt test" edk dk
6
6
7
7
let scrypt_kdf_test1 =