CppSecurity  1.1.1.0
C++ Security Library
password_hashing_bcrypt.cpp
Go to the documentation of this file.
1 
9 #include "security/password_hashing_bcrypt.h"
10 
11 #include "errors/exceptions.h"
12 
13 #include <libbcrypt.h>
14 
15 namespace CppSecurity {
16 
17 std::string BcryptPasswordHashing::_name = "bcrypt";
18 
19 BcryptPasswordHashing::BcryptPasswordHashing(size_t workfactor)
20  : PasswordHashing(64, 64),
21  _workfactor(workfactor)
22 {
23 }
24 
25 std::string BcryptPasswordHashing::GenerateSalt() const
26 {
27  std::string salt(salt_length(), 0);
28  if (bcrypt_gensalt((int)workfactor(), salt.data()) != 0)
29  throwex CppCommon::SecurityException("Cannot generate 'bcrypt' salt!");
30  return salt;
31 }
32 
33 std::string BcryptPasswordHashing::GenerateHash(std::string_view password, std::string_view salt) const
34 {
35  // Generate the strong password hash
36  std::string hash(hash_length(), 0);
37  if (bcrypt_hashpw(password.data(), salt.data(), hash.data()) != 0)
38  throwex CppCommon::SecurityException("Cannot generate 'bcrypt' hash!");
39  return hash;
40 }
41 
42 std::string BcryptPasswordHashing::GenerateDigest(std::string_view password) const
43 {
44  std::string salt = GenerateSalt();
45  return GenerateHash(password, salt);
46 }
47 
48 bool BcryptPasswordHashing::Validate(std::string_view password, std::string_view hash, std::string_view salt) const
49 {
50  // Calculate the digest for the given password and salt
51  std::string digest(hash.size(), 0);
52  if (bcrypt_hashpw(password.data(), salt.data(), digest.data()) != 0)
53  throwex CppCommon::SecurityException("Cannot calculate 'bcrypt' hash!");
54 
55  // Compare the digest with the given hash
56  return (digest == hash);
57 }
58 
59 bool BcryptPasswordHashing::ValidateDigest(std::string_view password, std::string_view digest) const
60 {
61  // Check the digest size (must be hash + salt)
62  if (digest.size() != hash_length())
63  return false;
64 
65  // Perform the password validation
66  return (bcrypt_checkpw(password.data(), digest.data()) == 0);
67 }
68 
69 } // namespace CppSecurity
CppSecurity::BcryptPasswordHashing::ValidateDigest
bool ValidateDigest(std::string_view password, std::string_view digest) const override
Validate the user password over the given secure digest string.
Definition: password_hashing_bcrypt.cpp:59
CppSecurity::BcryptPasswordHashing::GenerateDigest
std::string GenerateDigest(std::string_view password) const override
Generate the secure digest string for the given user password.
Definition: password_hashing_bcrypt.cpp:42
CppSecurity::BcryptPasswordHashing::GenerateHash
std::string GenerateHash(std::string_view password, std::string_view salt) const override
Generate the strong password hash for the given user password and unique salt.
Definition: password_hashing_bcrypt.cpp:33
CppSecurity::BcryptPasswordHashing::GenerateSalt
std::string GenerateSalt() const override
Generate the unique password salt.
Definition: password_hashing_bcrypt.cpp:25
CppSecurity::BcryptPasswordHashing::Validate
bool Validate(std::string_view password, std::string_view hash, std::string_view salt) const override
Validate the user password over the given strong password hash and unique salt.
Definition: password_hashing_bcrypt.cpp:48
CppSecurity::BcryptPasswordHashing::workfactor
size_t workfactor() const noexcept
Get the work factor.
Definition: password_hashing_bcrypt.h:47
CppSecurity::BcryptPasswordHashing::BcryptPasswordHashing
BcryptPasswordHashing(size_t workfactor=4)
Initialize 'bcrypt' password hashing with required parameters.
Definition: password_hashing_bcrypt.cpp:19
CppSecurity::PasswordHashing
Password hashing interface.
Definition: password_hashing.h:27
CppSecurity::PasswordHashing::salt_length
size_t salt_length() const noexcept
Get the unique password salt length.
Definition: password_hashing.h:45
CppSecurity::PasswordHashing::hash_length
size_t hash_length() const noexcept
Get the strong password hash length.
Definition: password_hashing.h:43
password_hashing_bcrypt.h
'bcrypt' password hashing algorithm definition
Generated by doxygen 1.9.1