pwhash: Make strHash functions allocate

Greatly simplifies the API for most use cases.

Author: BrainBlasted

lib/std/crypto/argon2.zig

@@ -581,23 +581,19 @@ const PhcFormatHasher = struct {
 pub const HashOptions = struct {
     params: Params,
     mode: Mode = .argon2id,
+    strhash_max_bytes: usize = 128,
 };
 
 /// Compute a hash of a password using the argon2 key derivation function.
 /// The function returns a string that includes all the parameters required for verification.
 pub fn strHash(
     allocator: mem.Allocator,
     password: []const u8,
-    options: HashOptions,
-    out: []u8,
-) Error![]const u8 {
-    return PhcFormatHasher.create(
-        allocator,
-        password,
-        options.params,
-        options.mode,
-        out,
-    );
+    comptime options: HashOptions,
+) Error![]u8 {
+    var buf: [options.strhash_max_bytes]u8 = undefined;
+    const out = try PhcFormatHasher.create(allocator, password, options.params, options.mode, &buf);
+    return allocator.dupe(u8, out);
 }
 
 /// Verify that a previously computed hash is valid for a given password.
@@ -902,13 +898,13 @@ test "password hash and password verify" {
     const allocator = std.testing.allocator;
     const password = "testpass";
 
-    var buf: [128]u8 = undefined;
     const hash = try strHash(
         allocator,
         password,
         .{ .params = .{ .t = 3, .m = 32, .p = 4 } },
-        &buf,
     );
+    defer allocator.free(hash);
+
     try strVerify(allocator, hash, password);
 }
 

lib/std/crypto/bcrypt.zig

@@ -752,6 +752,13 @@ pub const HashOptions = struct {
     params: Params,
     /// Encoding to use for the output of the hash function.
     encoding: pwhash.Encoding,
+    /// The maximum length in bytes for a hashed password. If not
+    /// set by the developer, this varies based on encoding.
+    /// `crypt` encoding uses 60 bytes, and `phc` encoding uses
+    /// 120 bytes.
+    ///
+    /// The returned hash may be smaller than the maximum length.
+    strhash_max_bytes: ?usize = null,
 };
 
 /// Compute a hash of a password using 2^rounds_log rounds of the bcrypt key stretching function.
@@ -762,14 +769,21 @@ pub const HashOptions = struct {
 /// IMPORTANT: by design, bcrypt silently truncates passwords to 72 bytes.
 /// If this is an issue for your application, set the `silently_truncate_password` option to `false`.
 pub fn strHash(
+    allocator: mem.Allocator,
     password: []const u8,
-    options: HashOptions,
-    out: []u8,
-) Error![]const u8 {
-    switch (options.encoding) {
-        .phc => return PhcFormatHasher.create(password, options.params, out),
-        .crypt => return CryptFormatHasher.create(password, options.params, out),
-    }
+    comptime options: HashOptions,
+) Error![]u8 {
+    const buf_len = comptime if (options.strhash_max_bytes) |len| len else switch (options.encoding) {
+        .crypt => hash_length,
+        .phc => hash_length * 2,
+    };
+    var buf: [buf_len]u8 = undefined;
+
+    const out = switch (options.encoding) {
+        .phc => try PhcFormatHasher.create(password, options.params, &buf),
+        .crypt => try CryptFormatHasher.create(password, options.params, &buf),
+    };
+    return allocator.dupe(u8, out);
 }
 
 /// Options for hash verification.
@@ -802,14 +816,15 @@ test "bcrypt codec" {
 }
 
 test "bcrypt crypt format" {
-    var hash_options = HashOptions{
+    const allocator = std.testing.allocator;
+    const hash_options = HashOptions{
         .params = .{ .rounds_log = 5, .silently_truncate_password = false },
         .encoding = .crypt,
     };
-    var verify_options = VerifyOptions{ .silently_truncate_password = false };
+    const verify_options = VerifyOptions{ .silently_truncate_password = false };
 
-    var buf: [hash_length]u8 = undefined;
-    const s = try strHash("password", hash_options, &buf);
+    const s = try strHash(allocator, "password", hash_options);
+    defer allocator.free(s);
 
     try testing.expect(mem.startsWith(u8, s, crypt_format.prefix));
     try strVerify(s, "password", verify_options);
@@ -818,8 +833,7 @@ test "bcrypt crypt format" {
         strVerify(s, "invalid password", verify_options),
     );
 
-    var long_buf: [hash_length]u8 = undefined;
-    var long_s = try strHash("password" ** 100, hash_options, &long_buf);
+    var long_s = try strHash(allocator, "password" ** 100, hash_options);
 
     try testing.expect(mem.startsWith(u8, long_s, crypt_format.prefix));
     try strVerify(long_s, "password" ** 100, verify_options);
@@ -828,28 +842,33 @@ test "bcrypt crypt format" {
         strVerify(long_s, "password" ** 101, verify_options),
     );
 
-    hash_options.params.silently_truncate_password = true;
-    verify_options.silently_truncate_password = true;
-    long_s = try strHash("password" ** 100, hash_options, &long_buf);
-    try strVerify(long_s, "password" ** 101, verify_options);
+    allocator.free(long_s);
+
+    long_s = try strHash(allocator, "password" ** 100, .{
+        .params = .{ .rounds_log = 5, .silently_truncate_password = true },
+        .encoding = .crypt,
+    });
+    defer allocator.free(long_s);
+    try strVerify(long_s, "password" ** 101, .{ .silently_truncate_password = true });
 
     try strVerify(
         "$2b$08$WUQKyBCaKpziCwUXHiMVvu40dYVjkTxtWJlftl0PpjY2BxWSvFIEe",
         "The devil himself",
-        verify_options,
+        .{ .silently_truncate_password = true },
     );
 }
 
 test "bcrypt phc format" {
-    var hash_options = HashOptions{
+    const allocator = std.testing.allocator;
+    const hash_options = HashOptions{
         .params = .{ .rounds_log = 5, .silently_truncate_password = false },
         .encoding = .phc,
     };
-    var verify_options = VerifyOptions{ .silently_truncate_password = false };
+    const verify_options = VerifyOptions{ .silently_truncate_password = false };
     const prefix = "$bcrypt$";
 
-    var buf: [hash_length * 2]u8 = undefined;
-    const s = try strHash("password", hash_options, &buf);
+    const s = try strHash(allocator, "password", hash_options);
+    defer allocator.free(s);
 
     try testing.expect(mem.startsWith(u8, s, prefix));
     try strVerify(s, "password", verify_options);
@@ -858,8 +877,7 @@ test "bcrypt phc format" {
         strVerify(s, "invalid password", verify_options),
     );
 
-    var long_buf: [hash_length * 2]u8 = undefined;
-    var long_s = try strHash("password" ** 100, hash_options, &long_buf);
+    var long_s = try strHash(allocator, "password" ** 100, hash_options);
 
     try testing.expect(mem.startsWith(u8, long_s, prefix));
     try strVerify(long_s, "password" ** 100, verify_options);
@@ -868,10 +886,14 @@ test "bcrypt phc format" {
         strVerify(long_s, "password" ** 101, verify_options),
     );
 
-    hash_options.params.silently_truncate_password = true;
-    verify_options.silently_truncate_password = true;
-    long_s = try strHash("password" ** 100, hash_options, &long_buf);
-    try strVerify(long_s, "password" ** 101, verify_options);
+    allocator.free(long_s);
+
+    long_s = try strHash(allocator, "password" ** 100, .{
+        .params = .{ .rounds_log = 5, .silently_truncate_password = true },
+        .encoding = .crypt,
+    });
+    defer allocator.free(long_s);
+    try strVerify(long_s, "password" ** 101, .{ .silently_truncate_password = true });
 
     try strVerify(
         "$bcrypt$r=5$2NopntlgE2lX3cTwr4qz8A$r3T7iKYQNnY4hAhGjk9RmuyvgrYJZwc",

lib/std/crypto/benchmark.zig

@@ -407,23 +407,22 @@ const pwhashes = [_]CryptoPwhash{
 };
 
 fn benchmarkBcryptPwhash(
-    _: mem.Allocator,
+    allocator: mem.Allocator,
     comptime count: comptime_int,
 ) !f64 {
     const password = "testpass" ** 2;
     const opts = crypto.pwhash.bcrypt.HashOptions{
         .params = bcrypt_params,
         .encoding = .phc,
+        .strhash_max_bytes = 256,
     };
-    var buf: [256]u8 = undefined;
 
     var timer = try Timer.start();
     const start = timer.lap();
     {
         var i: usize = 0;
         while (i < count) : (i += 1) {
-            _ = try crypto.pwhash.bcrypt.strHash(password, opts, &buf);
-            mem.doNotOptimizeAway(&buf);
+            _ = try crypto.pwhash.bcrypt.strHash(allocator, password, opts);
         }
     }
     const end = timer.read();
@@ -442,16 +441,15 @@ fn benchmarkScryptPwhash(
     const opts = crypto.pwhash.scrypt.HashOptions{
         .params = crypto.pwhash.scrypt.Params.interactive,
         .encoding = .phc,
+        .strhash_max_bytes = 256,
     };
-    var buf: [256]u8 = undefined;
 
     var timer = try Timer.start();
     const start = timer.lap();
     {
         var i: usize = 0;
         while (i < count) : (i += 1) {
-            _ = try crypto.pwhash.scrypt.strHash(allocator, password, opts, &buf);
-            mem.doNotOptimizeAway(&buf);
+            _ = try crypto.pwhash.scrypt.strHash(allocator, password, opts);
         }
     }
     const end = timer.read();
@@ -469,16 +467,15 @@ fn benchmarkArgon2Pwhash(
     const password = "testpass" ** 2;
     const opts = crypto.pwhash.argon2.HashOptions{
         .params = crypto.pwhash.argon2.Params.interactive_2id,
+        .strhash_max_bytes = 256,
     };
-    var buf: [256]u8 = undefined;
 
     var timer = try Timer.start();
     const start = timer.lap();
     {
         var i: usize = 0;
         while (i < count) : (i += 1) {
-            _ = try crypto.pwhash.argon2.strHash(allocator, password, opts, &buf);
-            mem.doNotOptimizeAway(&buf);
+            _ = try crypto.pwhash.argon2.strHash(allocator, password, opts);
         }
     }
     const end = timer.read();

lib/std/crypto/scrypt.zig

@@ -501,20 +501,24 @@ const CryptFormatHasher = struct {
 pub const HashOptions = struct {
     params: Params,
     encoding: pwhash.Encoding,
+    strhash_max_bytes: usize = 128,
 };
 
 /// Compute a hash of a password using the scrypt key derivation function.
 /// The function returns a string that includes all the parameters required for verification.
 pub fn strHash(
     allocator: mem.Allocator,
     password: []const u8,
-    options: HashOptions,
-    out: []u8,
-) Error![]const u8 {
-    switch (options.encoding) {
-        .phc => return PhcFormatHasher.create(allocator, password, options.params, out),
-        .crypt => return CryptFormatHasher.create(allocator, password, options.params, out),
-    }
+    comptime options: HashOptions,
+) Error![]u8 {
+    var buf: [options.strhash_max_bytes]u8 = undefined;
+    const hasher = comptime switch (options.encoding) {
+        .phc => &PhcFormatHasher.create,
+        .crypt => &CryptFormatHasher.create,
+    };
+
+    const written = try hasher(allocator, password, options.params, &buf);
+    return allocator.dupe(u8, written);
 }
 
 /// Verify that a previously computed hash is valid for a given password.
@@ -635,24 +639,25 @@ test "strHash and strVerify" {
 
     const password = "testpass";
     const params = Params.interactive;
-    var buf: [128]u8 = undefined;
 
     {
         const str = try strHash(
             alloc,
             password,
             .{ .params = params, .encoding = .crypt },
-            &buf,
         );
+        defer alloc.free(str);
+
         try strVerify(alloc, str, password);
     }
     {
         const str = try strHash(
             alloc,
             password,
             .{ .params = params, .encoding = .phc },
-            &buf,
         );
+        defer alloc.free(str);
+
         try strVerify(alloc, str, password);
     }
 }