botan 0.11.1

Rust wrapper for Botan cryptography library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

use crate::utils::*;
use botan_sys::*;

use crate::rng::RandomNumberGenerator;

const BCRYPT_SIZE: usize = 60;

/// Produce a bcrypt password hash
///
/// # Examples
///
/// ```
/// let mut rng = botan::RandomNumberGenerator::new().unwrap();
/// let bcrypt1 = botan::bcrypt_hash("password", &mut rng, 10).unwrap();
/// let bcrypt2 = botan::bcrypt_hash("password", &mut rng, 10).unwrap();
/// assert_ne!(bcrypt1, bcrypt2); // different salt each time
/// ```
pub fn bcrypt_hash(
    pass: &str,
    rng: &mut RandomNumberGenerator,
    workfactor: usize,
) -> Result<String> {
    let mut out = vec![0; BCRYPT_SIZE + 1];
    let mut out_len = out.len();

    botan_call!(
        botan_bcrypt_generate,
        out.as_mut_ptr(),
        &mut out_len,
        make_cstr(pass)?.as_ptr(),
        rng.handle(),
        workfactor,
        0u32
    )?;

    out.resize(out_len - 1, 0);
    String::from_utf8(out).map_err(Error::conversion_error)
}

/// Verify a bcrypt password hash
///
/// # Examples
///
/// ```
/// let mut rng = botan::RandomNumberGenerator::new().unwrap();
/// let bcrypt = botan::bcrypt_hash("password", &mut rng, 10).unwrap();
/// assert_eq!(botan::bcrypt_verify("not even close", &bcrypt), Ok(false));
/// assert_eq!(botan::bcrypt_verify("password", &bcrypt), Ok(true));
/// ```
pub fn bcrypt_verify(pass: &str, hash: &str) -> Result<bool> {
    let rc = unsafe { botan_bcrypt_is_valid(make_cstr(pass)?.as_ptr(), make_cstr(hash)?.as_ptr()) };

    if rc == 0 {
        Ok(true)
    } else if rc == BOTAN_FFI_INVALID_VERIFIER {
        Ok(false)
    } else {
        Err(Error::from_rc(rc))
    }
}