Comeonin.Pbkdf2
Pbkdf2 is a password-based key derivation function that uses a password, a variable-length salt and an iteration count and applies a pseudorandom function to these to produce a key.
The original implementation used SHA-1 as the pseudorandom function, but this version uses HMAC-SHA-512.
Summary↑
checkpw(password, hash) | Check the password |
dummy_checkpw() | Perform a dummy check for a user that does not exist. This always returns false. The reason for implementing this check is in order to make user enumeration by timing responses more difficult |
gen_salt(salt_length \\ 16) | Generate a salt for use with the |
hashpass(password, salt, rounds \\ 60000) | Hash the password using pbkdf2_sha512 |
hashpwsalt(password, rounds \\ 60000) | Hash the password with a salt which is randomly generated |
Functions
Check the password.
The check is performed in constant time to avoid timing attacks.
Perform a dummy check for a user that does not exist. This always returns false. The reason for implementing this check is in order to make user enumeration by timing responses more difficult.
Generate a salt for use with the hashpass
function.
The minimum length of the salt is 16 and the maximum length is 1024. The default is 16.
Hash the password using pbkdf2_sha512.
Hash the password with a salt which is randomly generated.