Wt  4.0.2
Public Member Functions | List of all members
Wt::Auth::BCryptHashFunction Class Referencefinal

An cryptographic hash function that implements bcrypt. More...

#include <Wt/Auth/HashFunction.h>

Inheritance diagram for Wt::Auth::BCryptHashFunction:
Inheritance graph
[legend]

Public Member Functions

 BCryptHashFunction (int count=0)
 Constructor. More...
 
virtual std::string name () const override
 Returns the name for this hash function. More...
 
virtual std::string compute (const std::string &msg, const std::string &salt) const override
 Computes the hash of a message + salt. More...
 
virtual bool verify (const std::string &msg, const std::string &salt, const std::string &hash) const override
 Verifies a message with the salted hash. More...
 
- Public Member Functions inherited from Wt::Auth::HashFunction
virtual ~HashFunction ()
 Destructor.
 

Detailed Description

An cryptographic hash function that implements bcrypt.

This hashing function is intended for password hashes. In addition to be collision-resistant, the bcrypt algorithm has a parameter which makes the computation more computationally intensive. In this way, a dictionary-based attack on a compromised hash is also less feasible.

Constructor & Destructor Documentation

Wt::Auth::BCryptHashFunction::BCryptHashFunction ( int  count = 0)

Constructor.

The count parameter controls the number of iterations, and thus the computational complexity. With a value of 0, a small default is chosen. The computational complexity increases exponentionally with increasing values f count. The parameter only affects new hashes computed with compute(), and its value is stored in the computed hash.

The value of count needs to be 0, or in the range 4-31.

Member Function Documentation

std::string Wt::Auth::BCryptHashFunction::compute ( const std::string &  msg,
const std::string &  salt 
) const
overridevirtual

Computes the hash of a message + salt.

The message is usually an ASCII or UTF-8 string.

The salt and the computed hash are encoded in printable characters. This is usually ASCII-encoded (as for the UNIX crypt() functions) or could be Base64-encoded.

Implements Wt::Auth::HashFunction.

std::string Wt::Auth::BCryptHashFunction::name ( ) const
overridevirtual

Returns the name for this hash function.

Returns "bcrypt".

Implements Wt::Auth::HashFunction.

bool Wt::Auth::BCryptHashFunction::verify ( const std::string &  msg,
const std::string &  salt,
const std::string &  hash 
) const
overridevirtual

Verifies a message with the salted hash.

The base implementation will recompute the hash of the message with the given salt, and compare it to the hash.

Some methods however store the salt and additional settings in the hash, and this information is thus needed to verify the message hash.

Reimplemented from Wt::Auth::HashFunction.


Generated on Fri Nov 24 2017 for the C++ Web Toolkit (Wt) by doxygen 1.8.11