Hydrogen

HydroPWHash

This module contains functions for hashing passwords.

Example:

(def pw "my password")

(let [master-key (HydroPWHash.keygen)
      hash (Maybe.unsafe-from (HydroPWHash.create pw &master-key))]
  (println* (HydroPWHash.verify hash pw &master-key)))

create

defn

(Fn [(Ref String a), (Ref (Array Byte) b)] (Maybe (Array Byte)))

                    (create pwd master-key)

generates a hash from the password pwd, using the master key master-key. The extra parameters used in create-with are filled in with the default values.

create-with

defn

(Fn [(Ref String a), (Ref (Array Byte) b), Int, Int, Int] (Maybe (Array Byte)))

                    (create-with pwd master-key ops-limit mem-limit threads)

generates a hash from the password pwd, using the master key master-key and a set of parameters.

derive-static-key

defn

(Fn [Int, (Ref (Array Byte) a), (Ref String b), (Ptr CChar), (Ref (Array Byte) c)] (Maybe (Array Byte)))

                    (derive-static-key static-key-len stored pwd ctx master-key)

derives a static key of length static-key-len for stored and pwd, using the context ctx and the master key master-key. The extra parameters used in derive-static-key-with are filled in with the default values.

derive-static-key-with

defn

(Fn [Int, (Ref (Array Byte) a), (Ref String b), (Ptr CChar), (Ref (Array Byte) c), Int, Int, Int] (Maybe (Array Byte)))

                    (derive-static-key-with static-key-len stored pwd ctx master-key ops-limit-max mem-limit-max threads-max)

derives a static key of length static-key-len for stored and pwd, using the context ctx, the master key master-key and a set of parameters.

hash-deterministic

defn

(Fn [Int, (Ref String a), (Ref (Array Byte) b), (Ref (Array Byte) c), d] (Maybe (Array Byte)))

                    (hash-deterministic len pwd ctx master-key ops-limit)

generates a deterministic hash of length len from the password pwd, using the context ctx, the master key master-key, and the limit of operations ops-limit. Only use for testing!

keygen

defn

(Fn [] (Array Byte))

                    (keygen)

generates a key for use in password hashing procedures.

mem-limit

def

Int

is the default limit for memory.

ops-limit

def

Int

is the default limit of operations. The higher this number, the slower the operation.

reencrypt

defn

(Fn [(Array Byte), (Ref (Array Byte) a), (Ref (Array Byte) b)] (Maybe (Array Byte)))

                    (reencrypt stored old-master-key new-master-key)

reencrypts stored using a new master key new-master-key from the old master key old-master-key.

threads

def

Int

is the default number of threads.

upgrade

defn

(Fn [(Array Byte), (Ref (Array Byte) a), Int, Int, Int] (Maybe (Array Byte)))

                    (upgrade stored master-key ops-limit mem-limit threads)

upgrades stored with new parameters, using the master key master-key.

verify

defn

(Fn [(Array Byte), (Ref String a), (Ref (Array Byte) b)] Bool)

                    (verify hash pwd master-key)

verifies a hash for the password pwd, using the master key master-key. The extra parameters used in verify-with are filled in with the default values.

verify-with

defn

(Fn [(Array Byte), (Ref String a), (Ref (Array Byte) b), Int, Int, Int] Bool)

                    (verify-with hash pwd master-key ops-limit-max mem-limit-max threads-max)

verifies a hash for the password pwd, using the master key master-key and a set of parameters.