24#ifndef ROUTER_KDF_SHA_CRYPT_INCLUDED
25#define ROUTER_KDF_SHA_CRYPT_INCLUDED
45 static std::string salt();
46 static std::string derive(
Type digest,
unsigned long rounds,
47 const std::string &salt,
56 static std::string
base64_encode(
const std::vector<uint8_t> &data);
73 return std::make_pair(
false, std::string{});
76 static std::pair<bool, Type>
type(
const std::string &
name)
noexcept {
85 return std::make_pair(
false,
Type{});
119 static constexpr unsigned long kDefaultRounds = 5000;
123 static constexpr unsigned long kMinRounds = 1000;
127 static constexpr unsigned long kMaxRounds = 999999999;
133 static constexpr size_t kMaxSaltLength = 16;
136 const std::string &checksum)
137 : digest_{digest}, rounds_{rounds}, salt_{salt}, checksum_{checksum} {
139 if (digest != Type::CachingSha2Password && salt_.size() > kMaxSaltLength) {
140 salt_.resize(kMaxSaltLength);
144 if (rounds_ < kMinRounds) rounds_ = kMinRounds;
145 if (rounds_ > kMaxRounds) rounds_ = kMaxRounds;
157 if (
r.first)
return r.second;
159 throw std::invalid_argument(
"failed to map digest to a name");
174 std::string
salt()
const {
return salt_; }
186 unsigned long rounds()
const {
return rounds_; }
215 std::string to_mcf()
const;
223 checksum_ = kdf_type::derive(digest_, rounds_, salt_,
password);
227 return mcf_type::supports_name(mcf_id);
230 static std::error_code
validate(
const std::string &mcf_line,
233 auto me = from_mcf(mcf_line);
234 if (kdf_type::derive(me.digest(), me.rounds(), me.salt(),
password) ==
240 }
catch (
const std::exception &) {
Definition: kdf_sha_crypt.h:253
static constexpr unsigned long kCachingSha2SaltLength
Definition: kdf_sha_crypt.h:257
static ShaCryptMcfAdaptor from_mcf(const std::string &crypt_data)
Definition: kdf_sha_crypt.cc:124
Definition: authentication.h:42
MCF reader/writer for ShaCrypt.
Definition: kdf_sha_crypt.h:109
static std::error_code validate(const std::string &mcf_line, const std::string &password)
Definition: kdf_sha_crypt.h:230
static bool supports_mcf_id(const std::string mcf_id)
Definition: kdf_sha_crypt.h:226
unsigned long rounds_
Definition: kdf_sha_crypt.h:248
std::string checksum_
Definition: kdf_sha_crypt.h:250
std::string mcf_digest_name() const
name of the digest according to MCF.
Definition: kdf_sha_crypt.h:155
void hash(const std::string &password)
hash a password into checksum.
Definition: kdf_sha_crypt.h:222
std::string salt() const
salt.
Definition: kdf_sha_crypt.h:174
ShaCryptMcfAdaptor(Type digest, unsigned long rounds, const std::string &salt, const std::string &checksum)
Definition: kdf_sha_crypt.h:135
unsigned long rounds() const
rounds.
Definition: kdf_sha_crypt.h:186
Type digest() const
Definition: kdf_sha_crypt.h:179
Type digest_
Definition: kdf_sha_crypt.h:247
std::string salt_
Definition: kdf_sha_crypt.h:249
std::string checksum() const
checksum.
Definition: kdf_sha_crypt.h:167
Definition: kdf_sha_crypt.h:59
static bool supports_name(const std::string &name) noexcept
Definition: kdf_sha_crypt.h:88
static constexpr char kTypeSha512[]
Definition: kdf_sha_crypt.h:102
static constexpr char kTypeSha256[]
Definition: kdf_sha_crypt.h:101
static std::pair< bool, Type > type(const std::string &name) noexcept
Definition: kdf_sha_crypt.h:76
static std::pair< bool, std::string > name(Type type) noexcept
Definition: kdf_sha_crypt.h:63
static constexpr char kTypeCachingSha2Password[]
Definition: kdf_sha_crypt.h:103
sha256_crypt and sha512_crypt are SHA based crypt() key derivation functions.
Definition: kdf_sha_crypt.h:42
Type
Definition: kdf_sha_crypt.h:44
#define HTTP_AUTH_BACKEND_LIB_EXPORT
Definition: http_auth_backend_lib_export.h:15
static int base64_encode(const void *src, size_t src_len, char *dst)
Definition: base64.h:242
static char * password
Definition: mysql_secure_installation.cc:57
std::error_code make_error_code(DynamicLoaderErrc ec)
make error_code from a DynamicLoaderErrc.
Definition: dynamic_loader.cc:78
Type
Definition: resource_group_basic_types.h:32
const mysql_service_registry_t * r
Definition: pfs_example_plugin_employee.cc:85
case opt name
Definition: sslopt-case.h:32
Constants and functionality that facilitate working with digests.