class Sodium::Password::Hash
- Sodium::Password::Hash
- Sodium::Password::Abstract
- Reference
- Object
Overview
Argon2 password hashing. A modern substitute for scrypt, bcrypt or crypt.
Often used to store password hashes on a server and authenticate clients against the stored hash.
Usage:
pwhash = Sodium::Password::Hash.new
pwhash.mem = Sodium::Password::MEMLIMIT_MIN
pwhash.ops = Sodium::Password::OPSLIMIT_MIN
pass = "1234"
hash = pwhash.create pass
pwhash.verify hash, pass
Use examples/pwhash_selector.cr
to help choose ops/mem limits.
Defined in:
sodium/password/hash.crInstance Method Summary
-
#create(pass)
Apply the most recent password hashing algorithm against a password.
-
#needs_rehash?(str) : Bool
Check if a password verification string str matches the parameters ops and mem, and the current default algorithm.
-
#verify(str, pass)
Verify a password against a stored String.
Instance methods inherited from class Sodium::Password::Abstract
mem : UInt64
mem,
mem=(mem)
mem=,
ops : UInt64
ops,
ops=(ops)
ops=,
random_salt
random_salt
Class methods inherited from class Sodium::Password::Abstract
from_params(hash)
from_params
Instance Method Detail
Apply the most recent password hashing algorithm against a password. Returns a opaque String which includes:
- the result of a memory-hard, CPU-intensive hash function applied to the password
- the automatically generated salt used for the previous computation
- the other parameters required to verify the password, including the algorithm identifier, its version, ops and mem.
Check if a password verification string str matches the parameters ops and mem, and the current default algorithm.
Verify a password against a stored String. raises PasswordVerifyError on failure.