Create the pbkdf2 flag (default: False)

README.md

@@ -12,7 +12,6 @@ encrypted file format by Rob Napier.
 # TODO
 - [ ] Key-based      test vectors
 - [ ] Key-derivation test vectors
-- [ ] Profiling & optimisations
 
 # Contributors (Sorted by name)
 - Alfredo Di Napoli (creator and maintainer)

rncryptor.cabal

@@ -11,6 +11,10 @@ build-type:          Simple
 tested-with:         GHC == 7.6, GHC == 7.8
 cabal-version:       >=1.10
 
+flag fastpbkdf2
+     description: Use fastpbkdf2 instead of cryptonite for PBKDF2.
+     default: False
+
 source-repository head
   type:     git
   location: https://github.com/adinapoli/rncryptor-hs
@@ -33,6 +37,9 @@ library
     , io-streams >= 1.2.0.0
     , cryptonite >= 0.15
     , memory
+  if flag(fastpbkdf2)
+    build-depends: fastpbkdf2
+    cpp-options:  -DFASTPBKDF2
   hs-source-dirs:
     src
   default-language:

src/Crypto/RNCryptor/Types.hs

@@ -1,4 +1,6 @@
+{-# LANGUAGE CPP #-}
 {-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE PackageImports #-}
 {-# LANGUAGE DeriveDataTypeable #-}
 module Crypto.RNCryptor.Types
      ( RNCryptorException(..)
@@ -20,26 +22,30 @@ module Crypto.RNCryptor.Types
      , IV
      ) where
 
-import           Control.Applicative
-import           Control.Exception (Exception)
-import           Control.Monad
-import           Crypto.Cipher.AES (AES256)
-import           Crypto.Cipher.Types (Cipher(..))
-import           Crypto.Error (CryptoFailable(..))
-import           Crypto.Hash (Digest(..))
-import           Crypto.Hash.Algorithms (SHA1(..), SHA256(..))
-import           Crypto.Hash.IO (HashAlgorithm(..))
-import           Crypto.KDF.PBKDF2 (generate, prfHMAC, Parameters(..))
-import           Crypto.MAC.HMAC (Context, initialize, hmac)
-import qualified Crypto.MAC.HMAC as Crypto
-import           Data.ByteArray (ByteArray, convert)
-import           Data.ByteString (cons, ByteString, unpack)
-import qualified Data.ByteString.Char8 as C8
-import           Data.Monoid
-import           Data.Typeable
-import           Data.Word
-import           System.Random
-import           Test.QuickCheck (Arbitrary(..), vector)
+import              Control.Applicative
+import              Control.Exception (Exception)
+import              Control.Monad
+import              Crypto.Cipher.AES (AES256)
+import              Crypto.Cipher.Types (Cipher(..))
+import              Crypto.Error (CryptoFailable(..))
+import              Crypto.Hash (Digest(..))
+import              Crypto.Hash.Algorithms (SHA1(..), SHA256(..))
+import              Crypto.Hash.IO (HashAlgorithm(..))
+#if FASTPBKDF2
+import "fastpbkdf2" Crypto.KDF.PBKDF2 (fastpbkdf2_hmac_sha1)
+#else
+import "cryptonite" Crypto.KDF.PBKDF2
+#endif
+import              Crypto.MAC.HMAC (Context, initialize, hmac)
+import qualified    Crypto.MAC.HMAC as Crypto
+import              Data.ByteArray (ByteArray, convert)
+import              Data.ByteString (cons, ByteString, unpack)
+import qualified    Data.ByteString.Char8 as C8
+import              Data.Monoid
+import              Data.Typeable
+import              Data.Word
+import              System.Random
+import              Test.QuickCheck (Arbitrary(..), vector)
 
 
 data RNCryptorException =
@@ -109,7 +115,11 @@ randomSaltIO sz = C8.pack <$> forM [1 .. sz] (const $ randomRIO ('\NUL', '\255')
 
 --------------------------------------------------------------------------------
 makeKey :: ByteString -> ByteString -> ByteString
+#if FASTPBKDF2
+makeKey input salt = fastpbkdf2_hmac_sha1 input salt 10000 32
+#else
 makeKey = generate (prfHMAC SHA1) (Parameters 10000 32)
+#endif
 
 --------------------------------------------------------------------------------
 makeHMAC :: ByteString -> Password -> ByteString -> HMAC

stack-7.10.yaml

@@ -5,4 +5,5 @@ packages:
 - '.'
 system-ghc: false
 extra-deps:
+- fastpbkdf2-0.1.0.0
 - bytestring-arbitrary-0.1.0

stack-7.8.yaml

@@ -5,6 +5,7 @@ packages:
 - '.'
 system-ghc: false
 extra-deps:
+- fastpbkdf2-0.1.0.0
 - memory-0.8
 - cryptonite-0.20
 - io-streams-1.3.5.0

stack-8.0.yaml

@@ -5,4 +5,5 @@ packages:
 - '.'
 system-ghc: false
 extra-deps:
+- fastpbkdf2-0.1.0.0
 - bytestring-arbitrary-0.1.1

stack.yaml

@@ -6,3 +6,4 @@ packages:
 system-ghc: false
 extra-deps:
 - bytestring-arbitrary-0.1.0
+- fastpbkdf2-0.1.0.0