Module boringauth::pass
[−]
[src]
Password authentication module.
It allows you to:
- generate a fingerprint of the password that could be stored;
- check a password against the stored fingerprint.
PHC Format
The password fingerprint is stored in the password hashing competition (PHC) format (cf. [1] and [2]) which is a subset and successor to the modular crypt format. This format is defined as follows:
$<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
| Algorithm | Parameter name | Parameter type | Parameter description | Example |
|---|---|---|---|---|
| pbkdf2_sha512 | i | integer Default: 21000 |
Number of iterations. | $pbkdf2_sha512$i=1000$45217803$b47d5204bcecf01a31152d0872d03f270d3a8eb2bb305864d098be281bc243b2412f0ed013cc781760e64ddea705cc104c37111d99ebddb36232fe494f24c0ba |
| pbkdf2_sha256 | i | integer Default: 21000 |
Number of iterations. | $pbkdf2_sha256$i=21000$45217803$a607a72c2c92357a4568b998c5f708f801f0b1ffbaea205357e08e4d325830c9 |
| pbkdf2 | i | integer Default: 21000 |
Number of iterations. | $pbkdf2$i=1000$45217803$c6f75f0381fb409435c3fe2319c8c11088c2bec7 |
| h | string: sha1|sha256|sha512 Default: sha1 |
The hash function. | $pbkdf2$h=sha256$45217803$a607a72c2c92357a4568b998c5f708f801f0b1ffbaea205357e08e4d325830c9 |
Examples
let password = "correct horse battery staple"; let derived_password = boringauth::pass::derive_password(password).unwrap(); assert!(! boringauth::pass::is_valid("bad password", &derived_password)); assert!(boringauth::pass::is_valid(&password, &derived_password));
Enums
| ErrorCode | |
| HashFunction |
Constants
| PASSWORD_MAX_LEN |
The maximal accepted length for passwords. |
| PASSWORD_MIN_LEN |
The minimal accepted length for passwords. |
Functions
| derive_password |
Derivate a password so it can be stored. |
| is_valid |
Check whether or not the password is valid. |