ORE Studio 0.0.4
Loading...
Searching...
No Matches
password_hasher.hpp
1/* -*- mode: c++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
2 *
3 * Copyright (C) 2025 Marco Craveiro <marco.craveiro@gmail.com>
4 *
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License as published by the Free Software
7 * Foundation; either version 3 of the License, or (at your option) any later
8 * version.
9 *
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
12 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
13 * details.
14 *
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 *
19 */
20#ifndef ORES_SECURITY_CRYPTO_PASSWORD_HASHER_HPP
21#define ORES_SECURITY_CRYPTO_PASSWORD_HASHER_HPP
22
23#include <string>
24#include "ores.logging/make_logger.hpp"
25
26namespace ores::security::crypto {
27
36class password_hasher {
37private:
38 inline static std::string_view logger_name =
39 "ores.security.crypto.password_hasher";
40
41 [[nodiscard]] static auto& lg() {
42 using namespace ores::logging;
43 static auto instance = make_logger(logger_name);
44 return instance;
45 }
46
50 static std::string base64_encode(const std::vector<unsigned char>& data);
51
55 static std::vector<unsigned char> base64_decode(const std::string& encoded);
56
57 // scrypt parameters - OWASP recommendations for production
58 static constexpr std::uint64_t PRODUCTION_N = 1 << 14;
59 static constexpr std::uint32_t DEFAULT_r = 8;
60 static constexpr std::uint32_t DEFAULT_p = 1;
61 static constexpr std::size_t SALT_LEN = 16;
62 static constexpr std::size_t HASH_LEN = 64;
63
64 // Fast scrypt parameters for testing (16x faster)
65 static constexpr std::uint64_t TEST_N = 1 << 10;
66
73 static std::uint64_t get_n_parameter();
74
75public:
92 static std::string hash(const std::string &password);
93
106 static bool verify(const std::string& password, const std::string &hash);
107};
108
109}
110
111#endif
ores::logging
Implements logging infrastructure for ORE Studio.
Definition boost_severity.hpp:28
ores::security::crypto::password_hasher
Manages password hashing and verification using the scrypt algorithm.
Definition password_hasher.hpp:36
ores::security::crypto::password_hasher::verify
static bool verify(const std::string &password, const std::string &hash)
Verifies a password against a stored hash.
Definition password_hasher.cpp:79
ores::security::crypto::password_hasher::hash
static std::string hash(const std::string &password)
Creates a password hash from the given password.
Definition password_hasher.cpp:50
Generated by doxygen 1.9.8