@spec generate_salt() :: binary() | no_return()

Generate a random salt

Examples

iex> salt = ExPBKDF2.generate_salt()
iex> byte_size(salt)
16

@spec pbkdf2(binary(), map() | nil) :: binary() | no_return()

Hash the provided password

It accepts a map with optional parameters:

• :salt - if it's not set, it will be generated
• :alg - the hashing algorithm to be used. it can be "sha512" or "sha256". Default value is "sha512"
• :iterations - the number of iterations. The default value is 4096
• :length - the length of the result. The default value is 64

Examples

iex> opts = %{salt: "salt", alg: "sha256", iterations: 4096, length: 32}
iex> ExPBKDF2.pbkdf2("password", opts)
<<197, 228, 120, 213, 146, 136, 200, 65, 170, 83, 13, 182, 132, 92, 76, 141, 150, 40, 147, 160, 1, 206, 78, 17, 164, 150, 56, 115, 170, 152, 19, 74>>

@spec verify(binary(), binary(), map() | nil) :: boolean() | no_return()

Verify the provided hash

It accepts three parameters:

• hash - hash generated with pbkdf2
• password - used password
• optional parameters map - it's the same as options for pbkdf2/2. If this parameter is not passed, it's assumed that hash is already in the PHC string format

Examples

iex> hash = <<197, 228, 120, 213, 146, 136, 200, 65, 170, 83, 13, 182, 132, 92, 76, 141, 150, 40, 147, 160, 1, 206, 78, 17, 164, 150, 56, 115, 170, 152, 19, 74>>
iex> opts = %{salt: "salt", alg: "sha256", iterations: 4096, length: 32}
iex> ExPBKDF2.verify(hash, "password", opts)
true