pub type HashedValue = String;Expand description
Stored hash string produced by a hashing algorithm.
This is the persisted representation returned by hashing implementations. It usually contains the algorithm identifier, parameters, salt, and hash in a standardized format.
§Format
For Argon2id hashes, the format follows the PHC (Password Hashing Competition) standard:
$argon2id$v=19$m=65536,t=3,p=1$<salt>$<hash>Where:
argon2id- Algorithm identifierv=19- Algorithm versionm=65536,t=3,p=1- Memory cost, time cost, parallelism parameters<salt>- Base64-encoded random salt<hash>- Base64-encoded password hash
§Security notes
- Self-contained: Includes all information needed for verification
- Salt included: Each hash has a unique random salt to prevent rainbow table attacks
- Parameter embedded: Hash contains the parameters used, enabling verification
- Future-proof: Format supports algorithm upgrades and parameter changes
§Examples
use webgates_secrets::hashing::argon2::Argon2Hasher;
use webgates_secrets::hashing::hashing_service::HashingService;
use webgates_secrets::hashing::HashedValue;
let hasher = Argon2Hasher::new_recommended().unwrap();
let hashed: HashedValue = hasher.hash_value("my_password").unwrap();
// The hashed value is self-contained and can be stored directly
println!("Hashed password: {}", hashed);
// Later, verify against the stored hash
use webgates_core::verification_result::VerificationResult;
let result = hasher.verify_value("my_password", &hashed).unwrap();
assert_eq!(result, VerificationResult::Ok);§Usage notes
- Database storage: Store as TEXT/VARCHAR with sufficient length (≥100 characters recommended)
- No additional encoding needed: The string is already in a safe, printable format
- Indexing: Generally should not be indexed as hashes are not used for lookups
- Migration: Hash format changes require re-hashing passwords during user login
Aliased Type§
pub struct HashedValue { /* private fields */ }