Wt
3.7.1
|
An cryptographic hash function that implements bcrypt. More...
#include <Wt/Auth/HashFunction>
Public Member Functions | |
BCryptHashFunction (int count=0) | |
Constructor. More... | |
virtual std::string | name () const |
Returns the name for this hash function. More... | |
virtual std::string | compute (const std::string &msg, const std::string &salt) const |
Computes the hash of a message + salt. More... | |
virtual bool | verify (const std::string &msg, const std::string &salt, const std::string &hash) const |
Verifies a message with the salted hash. More... | |
Public Member Functions inherited from Wt::Auth::HashFunction | |
virtual | ~HashFunction () |
Destructor. | |
An cryptographic hash function that implements bcrypt.
This hashing function is intended for password hashes. In addition to be collision-resistant, the bcrypt algorithm has a parameter which makes the computation more computationally intensive. In this way, a dictionary-based attack on a compromised hash is also less feasible.
Wt::Auth::BCryptHashFunction::BCryptHashFunction | ( | int | count = 0 | ) |
Constructor.
The count
parameter controls the number of iterations, and thus the computational complexity. With a value of 0, a small default is chosen. The computational complexity increases exponentionally with increasing values f count
. The parameter only affects new hashes computed with compute(), and its value is stored in the computed hash.
The value of count
needs to be 0, or in the range 4-31.
|
virtual |
Computes the hash of a message + salt.
The message is usually an ASCII or UTF-8 string.
The salt
and the computed hash are encoded in printable characters. This is usually ASCII-encoded (as for the UNIX crypt() functions) or could be Base64-encoded.
Implements Wt::Auth::HashFunction.
|
virtual |
|
virtual |
Verifies a message with the salted hash.
The base implementation will recompute the hash of the message with the given salt, and compare it to the hash
.
Some methods however store the salt and additional settings in the hash
, and this information is thus needed to verify the message hash.
Reimplemented from Wt::Auth::HashFunction.