CppSecurity  1.1.1.0
C++ Security Library
password_hashing_pbkdf2.cpp
Go to the documentation of this file.
1 
9 #include "security/password_hashing_pbkdf2.h"
10 
11 #include <openssl/evp.h>
12 
13 namespace CppSecurity {
14 
15 std::string PBKDF2PasswordHashing::_name = "PBKDF2";
16 
17 PBKDF2PasswordHashing::PBKDF2PasswordHashing(size_t hash_length, size_t salt_length, PBKDF2 algorithm, size_t iterations)
18  : PasswordHashing(hash_length, salt_length),
19  _algorithm(algorithm),
20  _iterations(iterations)
21 {
22 }
23 
24 std::string PBKDF2PasswordHashing::GenerateHash(std::string_view password, std::string_view salt) const
25 {
26  // Generate the strong password hash
27  const EVP_MD* md = nullptr;
28  std::string hash(hash_length(), 0);
29  switch (algorithm())
30  {
31  case PBKDF2::HMAC_SHA1:
32  md = EVP_sha1();
33  break;
34  case PBKDF2::HMAC_SHA256:
35  md = EVP_sha256();
36  break;
37  case PBKDF2::HMAC_SHA512:
38  md = EVP_sha512();
39  break;
40  }
41  if (PKCS5_PBKDF2_HMAC((const char*)password.data(), (int)password.size(), (const uint8_t*)salt.data(), (int)salt.size(), (int)iterations(), md, (int)hash.size(), (uint8_t*)hash.data()) == 0)
42  throwex CppCommon::SecurityException("Cannot generate 'PBKDF2' hash!");
43  return hash;
44 }
45 
46 bool PBKDF2PasswordHashing::Validate(std::string_view password, std::string_view hash, std::string_view salt) const
47 {
48  // Calculate the digest for the given password and salt
49  const EVP_MD* md = nullptr;
50  std::string digest(hash.size(), 0);
51  switch (algorithm())
52  {
53  case PBKDF2::HMAC_SHA1:
54  md = EVP_sha1();
55  break;
56  case PBKDF2::HMAC_SHA256:
57  md = EVP_sha256();
58  break;
59  case PBKDF2::HMAC_SHA512:
60  md = EVP_sha512();
61  break;
62  }
63  if (PKCS5_PBKDF2_HMAC((const char*)password.data(), (int)password.size(), (const uint8_t*)salt.data(), (int)salt.size(), (int)iterations(), md, (int)digest.size(), (uint8_t*)digest.data()) == 0)
64  throwex CppCommon::SecurityException("Cannot calculate 'PBKDF2' hash!");
65 
66  // Compare the digest with the given hash
67  return (digest == hash);
68 }
69 
70 } // namespace CppSecurity
CppSecurity::PBKDF2PasswordHashing::PBKDF2PasswordHashing
PBKDF2PasswordHashing(size_t hash_length=32, size_t salt_length=32, PBKDF2 algorithm=PBKDF2::HMAC_SHA512, size_t iterations=1000)
Initialize 'PBKDF2' password hashing with required parameters.
Definition: password_hashing_pbkdf2.cpp:17
CppSecurity::PBKDF2PasswordHashing::iterations
size_t iterations() const noexcept
Get the count of 'PBKDF2' iterations.
Definition: password_hashing_pbkdf2.h:68
CppSecurity::PBKDF2PasswordHashing::algorithm
PBKDF2 algorithm() const noexcept
Get the 'PBKDF2' algorithm.
Definition: password_hashing_pbkdf2.h:66
CppSecurity::PBKDF2PasswordHashing::GenerateHash
std::string GenerateHash(std::string_view password, std::string_view salt) const override
Generate the strong password hash for the given user password and unique salt.
Definition: password_hashing_pbkdf2.cpp:24
CppSecurity::PBKDF2PasswordHashing::Validate
bool Validate(std::string_view password, std::string_view hash, std::string_view salt) const override
Validate the user password over the given strong password hash and unique salt.
Definition: password_hashing_pbkdf2.cpp:46
CppSecurity::PasswordHashing
Password hashing interface.
Definition: password_hashing.h:27
CppSecurity::PasswordHashing::hash_length
size_t hash_length() const noexcept
Get the strong password hash length.
Definition: password_hashing.h:43
CppSecurity::PBKDF2
PBKDF2
'PBKDF2' algorithm
Definition: password_hashing_pbkdf2.h:18
CppSecurity::PBKDF2::HMAC_SHA1
@ HMAC_SHA1
HMAC-SHA1.
CppSecurity::PBKDF2::HMAC_SHA256
@ HMAC_SHA256
HMAC-SHA256.
CppSecurity::PBKDF2::HMAC_SHA512
@ HMAC_SHA512
HMAC-SHA512.
password_hashing_pbkdf2.h
'PBKDF2' password hashing algorithm definition
Generated by doxygen 1.9.1