nimword icon indicating copy to clipboard operation
nimword copied to clipboard

Published 20 hours ago verified publisher icon PhilippMDoerner

Add bcrypt support

Open PhilippMDoerner opened this issue 2 years ago • 0 comments

So far only pbkdf2 and argon are supported.

A new module under src/nimword could be added to provide a module with the following procs for bcrypt support:

proc hashEncodePassword*(password: string, iterations: int, <whatever optional additional parameters>): string
proc isValidPassword*(password: string, encodedHash: string): bool

proc hashPassword*( <whatever parameters>): string
proc encodeHash*( <whatever parameters>): string

Where:

  1. hashPassword is the core hashing proc that hashes a password with scrypt and has whatever parameters it needs
  2. encodeHash is a way to encode the output of bcrypt into a string that can be stored in a db and be used with isValidPassword
  3. hashEncodePassword a way to call 1) and 2) together for convenience
  4. isValidPassword to be able to validate whether a given clear-text password when hashed equal the hash included somewhere within the output of encodeHash

That module should also touch nimword.nim in order to include bcrypt into the overarching hashEncodePassword and isValidPassword procs there.

PhilippMDoerner avatar Sep 05 '23 16:09 PhilippMDoerner