Expand description
Password hash implementation based on Argon2, compatible with libsodium’s
crypto_pwhash_*
functions.
Implementations§
source§impl<Hash: NewBytes + ResizableBytes, Salt: NewBytes + ResizableBytes> PwHash<Hash, Salt>
impl<Hash: NewBytes + ResizableBytes, Salt: NewBytes + ResizableBytes> PwHash<Hash, Salt>
sourcepub fn hash<Password: Bytes>(
password: &Password,
config: Config
) -> Result<Self, Error>
pub fn hash<Password: Bytes>(
password: &Password,
config: Config
) -> Result<Self, Error>
Hashes password
with a random salt and config
, returning
the hash, salt, and config upon success.
sourcepub fn hash_interactive<Password: Bytes>(
password: &Password
) -> Result<Self, Error>
pub fn hash_interactive<Password: Bytes>(
password: &Password
) -> Result<Self, Error>
Hashes password
with a random salt and a default configuration
suitable for interactive hashing, returning the hash, salt, and config
upon success.
sourcepub fn hash_moderate<Password: Bytes>(
password: &Password
) -> Result<Self, Error>
pub fn hash_moderate<Password: Bytes>(
password: &Password
) -> Result<Self, Error>
Hashes password
with a random salt and a default configuration
suitable for moderate hashing, returning the hash, salt, and config upon
success.
sourcepub fn hash_sensitive<Password: Bytes>(
password: &Password
) -> Result<Self, Error>
pub fn hash_sensitive<Password: Bytes>(
password: &Password
) -> Result<Self, Error>
Hashes password
with a random salt and a default configuration
suitable for sensitive hashing, returning the hash, salt, and config
upon success.
sourcepub fn to_string(&self) -> String
Available on crate feature base64
only.
pub fn to_string(&self) -> String
base64
only.Returns a string-encoded representation of this hash, salt, and config, suitable for storage in a database.
It’s recommended that you use the Serde support instead of this function, however this function is provided for compatiblity reasons.
The string returned is compatible with libsodium’s crypto_pwhash_str
,
crypto_pwhash_str_verify
, and crypto_pwhash_str_needs_rehash
functions, but only when the hash and salt length values match those
supported by libsodium. This implementation supports variable-length
salts and hashes, but libsodium’s does not.
Example
use dryoc::pwhash::*;
let password = b"Come what come may, time and the hour runs through the roughest day.";
let pwhash = PwHash::hash_with_defaults(password).expect("unable to hash");
let pw_string = pwhash.to_string();
let parsed_pwhash =
PwHash::from_string_with_defaults(&pw_string).expect("couldn't parse hashed password");
parsed_pwhash.verify(password).expect("verification failed");
parsed_pwhash
.verify(b"invalid password")
.expect_err("verification should have failed");
source§impl<Hash: NewBytes + ResizableBytes, Salt: Bytes + Clone> PwHash<Hash, Salt>
impl<Hash: NewBytes + ResizableBytes, Salt: Bytes + Clone> PwHash<Hash, Salt>
source§impl<Hash: Bytes + From<Vec<u8>>, Salt: Bytes + From<Vec<u8>>> PwHash<Hash, Salt>
impl<Hash: Bytes + From<Vec<u8>>, Salt: Bytes + From<Vec<u8>>> PwHash<Hash, Salt>
sourcepub fn from_string(hashed_password: &str) -> Result<Self, Error>
Available on crate feature base64
only.
pub fn from_string(hashed_password: &str) -> Result<Self, Error>
base64
only.Creates a new password hash instance by parsing hashed_password
.
Compatible with libsodium’s crypto_pwhash_str*
functions, and supports
variable-length encoding for the hash and salt.
It’s recommended that you use the Serde support instead of this function, however this function is provided for compatiblity reasons.
source§impl<Hash: Bytes, Salt: Bytes> PwHash<Hash, Salt>
impl<Hash: Bytes, Salt: Bytes> PwHash<Hash, Salt>
sourcepub fn from_parts(hash: Hash, salt: Salt, config: Config) -> Self
pub fn from_parts(hash: Hash, salt: Salt, config: Config) -> Self
Constructs a new instance from hash
, salt
, and config
, consuming
them.
sourcepub fn into_parts(self) -> (Hash, Salt, Config)
pub fn into_parts(self) -> (Hash, Salt, Config)
Moves the hash, salt, and config out of this instance, returning them as a tuple.
source§impl<Salt: Bytes> PwHash<Hash, Salt>
impl<Salt: Bytes> PwHash<Hash, Salt>
sourcepub fn derive_keypair<Password: Bytes, PublicKey: NewByteArray<CRYPTO_BOX_PUBLICKEYBYTES>, SecretKey: NewByteArray<CRYPTO_BOX_SECRETKEYBYTES>>(
password: &Password,
salt: Salt,
config: Config
) -> Result<KeyPair<PublicKey, SecretKey>, Error>
pub fn derive_keypair<Password: Bytes, PublicKey: NewByteArray<CRYPTO_BOX_PUBLICKEYBYTES>, SecretKey: NewByteArray<CRYPTO_BOX_SECRETKEYBYTES>>(
password: &Password,
salt: Salt,
config: Config
) -> Result<KeyPair<PublicKey, SecretKey>, Error>
Derives a keypair from password
and salt
, using config
.
source§impl PwHash<Hash, Salt>
impl PwHash<Hash, Salt>
sourcepub fn hash_with_defaults<Password: Bytes>(
password: &Password
) -> Result<Self, Error>
pub fn hash_with_defaults<Password: Bytes>(
password: &Password
) -> Result<Self, Error>
Hashes password
using default (interactive) config parameters,
returning the Vec
This function provides reasonable defaults, and is provided for convenience.
sourcepub fn from_string_with_defaults(hashed_password: &str) -> Result<Self, Error>
Available on crate feature base64
only.
pub fn from_string_with_defaults(hashed_password: &str) -> Result<Self, Error>
base64
only.Parses the hashed_password
string, returning a new hash instance upon
success. Wraps PwHash::from_string
, provided for convenience.