Comeonin.Pbkdf2
Pbkdf2 is a password-based key derivation function that uses a password, a variable-length salt and an iteration count and applies a pseudorandom function to these to produce a key.
The original implementation used SHA-1 as the pseudorandom function, but this version uses HMAC-SHA-512.
Summary↑
| checkpw(password, hash) | Check the password |
| dummy_checkpw() | Perform a dummy check for a user that does not exist. This always returns false. The reason for implementing this check is in order to make user enumeration by timing responses more difficult |
| gen_salt(salt_length \\ 16) | Generate a salt for use with the |
| hashpass(password, salt, rounds \\ 40000) | Hash the password using pbkdf2_sha512 |
| hashpwsalt(password, salt_length \\ 16, rounds \\ 40000) | Hash the password with a salt which is randomly generated |
Functions
Check the password.
The check is performed in constant time to avoid timing attacks.
Perform a dummy check for a user that does not exist. This always returns false. The reason for implementing this check is in order to make user enumeration by timing responses more difficult.
Generate a salt for use with the hashpass and
hashpwsalt functions.
Hash the password using pbkdf2_sha512.
Hash the password with a salt which is randomly generated.