CppSecurity/password__hashing_8cpp_source.html

 #include "security/password_hashing.h"


 #include "errors/exceptions.h"

 #include "memory/memory.h"

 #include "string/encoding.h"


 #include <cassert>


 namespace CppSecurity {


 PasswordHashing::PasswordHashing(size_t hash_length, size_t salt_length)

     : _hash_length(hash_length), _salt_length(salt_length)

 {

     assert((hash_length >= 8) && "Hash length should be at least 8 bytes!");

     if (hash_length < 8)

         throwex CppCommon::SecurityException("Invalid hash length!");


     assert((salt_length >= 8) && "Salt length should be at least 8 bytes!");

     if (salt_length < 8)

         throwex CppCommon::SecurityException("Invalid salt length!");

 }


 std::string PasswordHashing::GenerateSalt() const

 {

     std::string salt(salt_length(), 0);

     CppCommon::Memory::CryptoFill(salt.data(), salt.size());

     return salt;

 }


 std::pair<std::string, std::string> PasswordHashing::GenerateHashAndSalt(std::string_view password) const

 {

     std::string salt = GenerateSalt();

     std::string hash = GenerateHash(password, salt);

     return std::make_pair(hash, salt);

 }


 std::string PasswordHashing::GenerateDigest(std::string_view password) const

 {

     auto digest = GenerateHashAndSalt(password);

     return digest.first + digest.second;

 }


 std::string PasswordHashing::GenerateEncodedDigest(std::string_view password) const

 {

     // Encode the digest into the Base64 encoding

     return CppCommon::Encoding::Base64Encode(GenerateDigest(password));

 }


 bool PasswordHashing::ValidateDigest(std::string_view password, std::string_view digest) const

 {

     // Check the digest size (must be hash + salt)

     if (digest.size() != (hash_length() + salt_length()))

         return false;


     // Extract hash and salt from the digest

     std::string_view hash(digest.data(), hash_length());

     std::string_view salt(digest.data() + hash_length(), salt_length());


     // Perform the password validation

     return Validate(password, hash, salt);

 }


 bool PasswordHashing::ValidateEncodedDigest(std::string_view password, std::string_view digest) const

 {

     // Decode the digest from the Base64 encoding

     return ValidateDigest(password, CppCommon::Encoding::Base64Decode(digest));

 }


 } // namespace CppSecurity

CppSecurity::PasswordHashing::salt_length
size_t salt_length() const noexcept
Get the unique password salt length.
Definition: password_hashing.h:45

CppSecurity::PasswordHashing::GenerateEncodedDigest
virtual std::string GenerateEncodedDigest(std::string_view password) const
Generate the secure Base64 digest string for the given user password.
Definition: password_hashing.cpp:51

CppSecurity::PasswordHashing::Validate
virtual bool Validate(std::string_view password, std::string_view hash, std::string_view salt) const =0
Validate the user password over the given strong password hash and unique salt.

CppSecurity::PasswordHashing::GenerateSalt
virtual std::string GenerateSalt() const
Generate the unique password salt.
Definition: password_hashing.cpp:31

CppSecurity::PasswordHashing::ValidateEncodedDigest
virtual bool ValidateEncodedDigest(std::string_view password, std::string_view digest) const
Validate the user password over the given secure Base64 digest string.
Definition: password_hashing.cpp:71

CppSecurity::PasswordHashing::GenerateHashAndSalt
virtual std::pair< std::string, std::string > GenerateHashAndSalt(std::string_view password) const
Generate the strong password hash and unique salt for the given user password.
Definition: password_hashing.cpp:38

CppSecurity::PasswordHashing::PasswordHashing
PasswordHashing(size_t hash_length=32, size_t salt_length=32)
Initialize password hashing with required parameters.
Definition: password_hashing.cpp:19

CppSecurity::PasswordHashing::hash_length
size_t hash_length() const noexcept
Get the strong password hash length.
Definition: password_hashing.h:43

CppSecurity::PasswordHashing::GenerateDigest
virtual std::string GenerateDigest(std::string_view password) const
Generate the secure digest string for the given user password.
Definition: password_hashing.cpp:45

CppSecurity::PasswordHashing::ValidateDigest
virtual bool ValidateDigest(std::string_view password, std::string_view digest) const
Validate the user password over the given secure digest string.
Definition: password_hashing.cpp:57

CppSecurity::PasswordHashing::GenerateHash
virtual std::string GenerateHash(std::string_view password, std::string_view salt) const =0
Generate the strong password hash for the given user password and unique salt.

CppSecurity
Definition: cipher.h:18

password_hashing.h
Password hashing interface definition.