Update API

Sources/CryptoSwift/HKDF.swift

@@ -44,7 +44,7 @@ public struct HKDF {
   ///   - salt: optional salt (if not provided, it is set to a sequence of variant.digestLength zeros)
   ///   - info: optional context and application specific information
   ///   - keyLength: intended length of derived key
-  public init(password: Array<UInt8>, salt: Array<UInt8>? = nil, info: Array<UInt8>? = nil, keyLength: Int? = nil /* dkLen */, variant: HMAC.Variant = .sha256) throws {
+  public init(password: Array<UInt8>, salt: Array<UInt8>? = nil, info: Array<UInt8>? = nil, keyLength: Int? = nil /* dkLen */, variant: HMAC.Variant = .sha2(.sha256)) throws {
     guard !password.isEmpty else {
       throw Error.invalidInput
     }

Sources/CryptoSwift/HMAC.swift

@@ -20,7 +20,13 @@ public final class HMAC: Authenticator {
   }
 
   public enum Variant {
-    case sha1, sha256, sha384, sha512, sha3(SHA3.Variant), md5
+    case md5
+    case sha1
+    case sha2(SHA2.Variant)
+    case sha3(SHA3.Variant)
+
+    @available(*, deprecated, message: "Use sha2(variant) instead.")
+    case sha256, sha384, sha512
 
     var digestLength: Int {
       switch self {
@@ -32,6 +38,8 @@ public final class HMAC: Authenticator {
           return SHA2.Variant.sha384.digestLength
         case .sha512:
           return SHA2.Variant.sha512.digestLength
+        case .sha2(let variant):
+          return variant.digestLength
         case .sha3(let variant):
             return variant.digestLength
         case .md5:
@@ -49,6 +57,8 @@ public final class HMAC: Authenticator {
           return Digest.sha384(bytes)
         case .sha512:
           return Digest.sha512(bytes)
+        case .sha2(let variant):
+          return Digest.sha2(bytes, variant: variant)
         case .sha3(let variant):
           return Digest.sha3(bytes, variant: variant)
         case .md5:
@@ -60,10 +70,16 @@ public final class HMAC: Authenticator {
       switch self {
         case .md5:
           return MD5.blockSize
-        case .sha1, .sha256:
-          return 64
-        case .sha384, .sha512:
-          return 128
+        case .sha1:
+          return SHA1.blockSize
+        case .sha256:
+          return SHA2.Variant.sha256.blockSize
+        case .sha384:
+          return SHA2.Variant.sha384.blockSize
+        case .sha512:
+          return SHA2.Variant.sha512.blockSize
+        case .sha2(let variant):
+          return variant.blockSize
         case .sha3(let variant):
             return variant.blockSize
       }

Sources/CryptoSwift/PKCS/PBKDF2.swift

@@ -47,7 +47,7 @@ public extension PKCS5 {
     ///   - iterations: iteration count, a positive integer
     ///   - keyLength: intended length of derived key
     ///   - variant: MAC variant. Defaults to SHA256
-    public init(password: Array<UInt8>, salt: Array<UInt8>, iterations: Int = 4096 /* c */, keyLength: Int? = nil /* dkLen */, variant: HMAC.Variant = .sha256) throws {
+    public init(password: Array<UInt8>, salt: Array<UInt8>, iterations: Int = 4096 /* c */, keyLength: Int? = nil /* dkLen */, variant: HMAC.Variant = .sha2(.sha256)) throws {
       precondition(iterations > 0)
 
       let prf = HMAC(key: password, variant: variant)

Sources/CryptoSwift/Scrypt.swift

@@ -83,7 +83,7 @@ public final class Scrypt {
 
     /* 1: (B_0 ... B_{p-1}) <-- PBKDF2(P, S, 1, p * MFLen) */
     // Expand the initial key
-    let barray = try PKCS5.PBKDF2(password: Array(self.password), salt: Array(self.salt), iterations: 1, keyLength: self.p * 128 * self.r, variant: .sha256).calculate()
+    let barray = try PKCS5.PBKDF2(password: Array(self.password), salt: Array(self.salt), iterations: 1, keyLength: self.p * 128 * self.r, variant: .sha2(.sha256)).calculate()
     barray.withUnsafeBytes { p in
       B.copyMemory(from: p.baseAddress!, byteCount: barray.count)
     }
@@ -99,7 +99,7 @@ public final class Scrypt {
     let pointer = B.assumingMemoryBound(to: UInt8.self)
     let bufferPointer = UnsafeBufferPointer(start: pointer, count: p * 128 * self.r)
     let block = [UInt8](bufferPointer)
-    return try PKCS5.PBKDF2(password: Array(self.password), salt: block, iterations: 1, keyLength: self.dkLen, variant: .sha256).calculate()
+    return try PKCS5.PBKDF2(password: Array(self.password), salt: block, iterations: 1, keyLength: self.dkLen, variant: .sha2(.sha256)).calculate()
   }
 }