💾 Archived View for gmi.noulin.net › gitRepositories › bcrypt › file › README.md.gmi captured on 2024-09-29 at 00:24:10. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-01-29)
-=-=-=-=-=-=-
README.md (2309B)
1 # async bcrypt implemented in C 2 3 ## Security Issues/Concerns 4 5 > Per bcrypt implementation, only the first 72 characters of a string are used. Any extra characters are ignored when matching passwords. 6 7 As should be the case with any security tool, this library should be scrutinized by anyone using it. If you find or suspect an issue with the code- please bring it to my attention and I'll spend some time trying to make sure that this tool is as secure as possible. 8 9 ## Install 10 11 With SPM (get SPM from [sheepy](https://spartatek.se/r/sheepy/file/README.md.html)): 12 13 ``` 14 spm install bcrypt 15 ``` 16 17 ## Usage 18 19 ### async 20 21 #### To hash password 22 23 ```c 24 void callback(i64 err, char hash[BCRYPT_HASHSIZE], void *env) { 25 puts(hash); 26 } 27 28 bcryptHash("passwd", 12, callback, NULL); 29 ``` 30 31 #### To check password 32 33 ```c 34 void checkCallback(i64 err, int result, void *callbackEnv) { 35 if (result) { 36 printf("The password matches\n"); 37 } else { 38 printf("The password does NOT match\n"); 39 } 40 } 41 42 char hash[BCRYPT_HASHSIZE]; 43 bcryptCheck("passwd", hash, checkCallback, NULL); 44 ``` 45 46 (you might add __tpoolWait__ at the program end to wait until the jobs in the threadpool are finished) 47 48 ### sync 49 50 ```c 51 // Hashing a password: 52 53 char salt[BCRYPT_HASHSIZE]; 54 char hash[BCRYPT_HASHSIZE]; 55 int ret; 56 57 ret = bcryptGensaltSync(12, salt); 58 assert(ret); 59 ret = bcryptHashSync("thepassword", salt, hash); 60 assert(ret); 61 62 63 // Verifying a password: 64 65 int ret; 66 67 ret = bcryptCheckSync("thepassword", "expectedhash"); 68 assert(ret != -1); 69 70 if (ret) { 71 printf("The password matches\n"); 72 } else { 73 printf("The password does NOT match\n"); 74 } 75 ``` 76 77 ## A Note on Rounds 78 79 A note about the cost. When you are hashing your data the module will go through a series of rounds to give you a secure hash. The value you submit there is not just the number of rounds that the module will go through to hash your data. The module will use the value you enter and go through `2^rounds` iterations of processing. 80 81 From @garthk, on a 2GHz core you can roughly expect: 82 83 rounds=8 : ~40 hashes/sec 84 rounds=9 : ~20 hashes/sec 85 rounds=10: ~10 hashes/sec 86 rounds=11: ~5 hashes/sec 87 rounds=12: 2-3 hashes/sec 88 rounds=13: ~1 sec/hash 89 rounds=14: ~1.5 sec/hash 90 rounds=15: ~3 sec/hash 91 rounds=25: ~1 hour/hash 92 rounds=31: 2-3 days/hash