Module pwhash::sha1_crypt
[−]
[src]
HMAC-SHA1 based hash.
This algorithm was developed for NetBSD. It's a modern algorithm with a large salt and a variable number of rounds. Although the SHA-1 hash, on which it's based, is considered insecure and is being phased out in the PKI environment, its use in a HMAC setup, as is the case here, is still acceptable.
Example
use pwhash::sha1_crypt; assert_eq!(sha1_crypt::hash_with( "$sha1$19703$iVdJqfSE$v4qYKl1zqYThwpjJAoKX6UvlHq/a", "password").unwrap(), "$sha1$19703$iVdJqfSE$v4qYKl1zqYThwpjJAoKX6UvlHq/a");
Parameters
-
Password length: unlimited.
-
Salt length: 0 to 64 characters. Default is 8.
-
Rounds: 1 to 232-1. Default is 24680, which is slightly varied if chosen.
Hash Format
The format of the hash is
$sha1${rounds}${salt}${checksum}, where:
-
{rounds}is the number of rounds, encoded as a decimal number without leading zeroes. -
{salt}is the salt string. -
{checksum}is a 28-character Base64 encoding of the checksum.
Constants
| DEFAULT_ROUNDS |
Default number of rounds. |
| DEFAULT_SALT_LEN |
Default salt length. |
Functions
| hash |
Hash a password with a randomly generated salt and the default number of rounds (varied by a small amount, like on NetBSD). |
| hash_with |
Hash a password with user-provided parameters. |
| verify |
Verify that the hash corresponds to a password. |