nil::crypto3::passhash::passhash9< MessageAuthenticationCode, Workfactor, PasswordBasedKeyDerivationFunction, ParamsType > Class Template Reference
#include <passhash9.hpp>
Collaboration diagram for nil::crypto3::passhash::passhash9< MessageAuthenticationCode, Workfactor, PasswordBasedKeyDerivationFunction, ParamsType >:
Public Types | |
typedef policy_type::mac_type | mac_type |
typedef policy_type::pbkdf_type | pbkdf_type |
Static Public Member Functions | |
static bool | check (const std::string &pass, const std::string &hash) |
Check a previously created password hash. More... | |
template<typename UniformRandomGenerator > | |
static void | generate (const std::string &password, UniformRandomGenerator &rng, uint8_t alg_id=1) |
Create a password hash using PBKDF2. More... | |
Detailed Description
template<typename MessageAuthenticationCode, std::size_t Workfactor = 10, typename PasswordBasedKeyDerivationFunction = pbkdf::pbkdf2, typename ParamsType = passhash9_params>
class nil::crypto3::passhash::passhash9< MessageAuthenticationCode, Workfactor, PasswordBasedKeyDerivationFunction, ParamsType >
PBKDF2-based password hashing technique called passhash9 is also provided.
Passhash9 hashes look like: "$9$AAAKxwMGNPSdPkOKJS07Xutm3+1Cr3ytmbnkjO6LjHzCMcMQXvcT"
- Note
- This function should be secure with the proper parameters, and will remain in the library for the forseeable future, but it is specific to the library rather than being a widely used password hash. Prefer bcrypt.
- Warning
- This password format string ("$9$") conflicts with the format used for scrypt password hashes on Cisco systems.
Member Typedef Documentation
◆ mac_type
template<typename MessageAuthenticationCode , std::size_t Workfactor = 10, typename PasswordBasedKeyDerivationFunction = pbkdf::pbkdf2, typename ParamsType = passhash9_params>
typedef policy_type::mac_type nil::crypto3::passhash::passhash9< MessageAuthenticationCode, Workfactor, PasswordBasedKeyDerivationFunction, ParamsType >::mac_type |
◆ pbkdf_type
template<typename MessageAuthenticationCode , std::size_t Workfactor = 10, typename PasswordBasedKeyDerivationFunction = pbkdf::pbkdf2, typename ParamsType = passhash9_params>
typedef policy_type::pbkdf_type nil::crypto3::passhash::passhash9< MessageAuthenticationCode, Workfactor, PasswordBasedKeyDerivationFunction, ParamsType >::pbkdf_type |
Member Function Documentation
◆ check()
template<typename MessageAuthenticationCode , std::size_t Workfactor = 10, typename PasswordBasedKeyDerivationFunction = pbkdf::pbkdf2, typename ParamsType = passhash9_params>
|
inlinestatic |
Check a previously created password hash.
- Parameters
-
password the password to check against hash the stored hash to check against
- Returns
◆ generate()
template<typename MessageAuthenticationCode , std::size_t Workfactor = 10, typename PasswordBasedKeyDerivationFunction = pbkdf::pbkdf2, typename ParamsType = passhash9_params>
template<typename UniformRandomGenerator >
|
inlinestatic |
Create a password hash using PBKDF2.
The work factor must be greater than zero and less than 512. This performs 10000 * work_factor
PBKDF2 iterations, using 96 bits of salt taken from rng
. Using work factor of 10 or more is recommended.
- Template Parameters
-
UniformRandomGenerator
- Parameters
-
password the password rng a random number generator work_factor how much work to do to slow down guessing attacks alg_id specifies which PRF to use with PBKDF2 0 is HMAC(SHA-1) 1 is HMAC(SHA-256) 2 is CMAC(Blowfish) 3 is HMAC(SHA-384) 4 is HMAC(SHA-512) all other values are currently undefined
The documentation for this class was generated from the following file: