Manages password hashing and verification using the scrypt algorithm. More...
#include <password_hasher.hpp>
Static Public Member Functions | |
| static std::string | hash (const std::string &password) |
| Creates a password hash from the given password. | |
| static bool | verify (const std::string &password, const std::string &hash) |
| Verifies a password against a stored hash. | |
Detailed Description
Manages password hashing and verification using the scrypt algorithm.
The password_hasher class provides static methods to securely hash passwords and verify them against stored hashes. It uses the scrypt key derivation function from OpenSSL to generate and validate password hashes, ensuring strong security through configurable CPU/memory cost parameters.
Member Function Documentation
◆ hash()
|
static |
Creates a password hash from the given password.
Generates a secure hash of the provided password using the scrypt algorithm with predefined parameters (CPU/memory cost, block size, and parallelisation). The hash is formatted as a string containing the algorithm identifier, parameters, salt, and hash, all Base64-encoded.
- Parameters
-
password The plaintext password to hash.
- Returns
- A string containing the formatted hash (e.g., "$scrypt$ln=14,r=8,p=1$<salt>$<hash>").
- Exceptions
-
std::invalid_argument If the password is empty. std::runtime_error If hash generation fails (e.g., due to random salt generation or scrypt errors).
◆ verify()
|
static |
Verifies a password against a stored hash.
Checks if the provided password matches the given hash by recomputing the hash with the same salt and scrypt parameters extracted from the hash string. Uses constant-time comparison to prevent timing attacks.
- Parameters
-
password The plaintext password to verify. hash The stored hash string to verify against (e.g., "$scrypt$ln=14,r=8,p=1$<salt>$<hash>").
- Returns
- True if the password matches the hash, false otherwise.
