#ifndef BCRYPT_H_ #define BCRYPT_H_ /* * bcrypt wrapper library * * Written in 2011, 2013, 2014, 2015 by Ricardo Garcia * * To the extent possible under law, the author(s) have dedicated all copyright * and related and neighboring rights to this software to the public domain * worldwide. This software is distributed without any warranty. * * You should have received a copy of the CC0 Public Domain Dedication along * with this software. If not, see * . */ #define BCRYPT_HASHSIZE (64) #ifdef __cplusplus extern "C" { #endif /* * This function expects a work factor between 4 and 31 and a char array to * store the resulting generated salt. The char array should typically have * BCRYPT_HASHSIZE bytes at least. If the provided work factor is not in the * previous range, it will default to 12. * * The return value is zero if the salt could be correctly generated and * nonzero otherwise. * */ int bcrypt_gensalt(int workfactor, char salt[BCRYPT_HASHSIZE]); /* * This function expects a password to be hashed, a salt to hash the password * with and a char array to leave the result. Both the salt and the hash * parameters should have room for BCRYPT_HASHSIZE characters at least. * * It can also be used to verify a hashed password. In that case, provide the * expected hash in the salt parameter and verify the output hash is the same * as the input hash. However, to avoid timing attacks, it's better to use * bcrypt_checkpw when verifying a password. * * The return value is zero if the password could be hashed and nonzero * otherwise. */ int bcrypt_hashpw(const char *passwd, const char salt[BCRYPT_HASHSIZE], char hash[BCRYPT_HASHSIZE]); /* * This function expects a password and a hash to verify the password against. * The internal implementation is tuned to avoid timing attacks. * * The return value will be -1 in case of errors, zero if the provided password * matches the given hash and greater than zero if no errors are found and the * passwords don't match. * */ int bcrypt_checkpw(const char *passwd, const char hash[BCRYPT_HASHSIZE]); /* * This function expects a string and return bcrypt result with random salt. */ char* bcrypt_hash(const char *data); /* * This function verifies that the data matches the hash value. */ int bcrypt_verify(const char *data, const char *hash); /* * Brief Example * ------------- * * Hashing a password: * * char salt[BCRYPT_HASHSIZE]; * char hash[BCRYPT_HASHSIZE]; * int ret; * * ret = bcrypt_gensalt(12, salt); * assert(ret == 0); * ret = bcrypt_hashpw("thepassword", salt, hash); * assert(ret == 0); * * * Verifying a password: * * int ret; * * ret = bcrypt_checkpw("thepassword", "expectedhash"); * assert(ret != -1); * * if (ret == 0) { * printf("The password matches\n"); * } else { * printf("The password does NOT match\n"); * } * */ #ifdef __cplusplus } #endif #endif