/usr/include/Wt/Auth/HashFunction is in libwt-dev 3.3.6+dfsg-1.1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 | // This may look like C code, but it's really -*- C++ -*-
/*
* Copyright (C) 2011 Emweb bvba, Kessel-Lo, Belgium.
*
* See the LICENSE file for terms of use.
*/
#ifndef WT_AUTH_HASH_FUNCTION
#define WT_AUTH_HASH_FUNCTION
#include <string>
#include <Wt/WDllDefs.h>
namespace Wt {
namespace Auth {
/*! \class HashFunction Wt/Auth/HashFunction
* \brief An abstract cryptographic hash function interface.
*
* A cryptographic hash function computes a hash value from a message,
* for which it is hard to guess another message that generates the
* same hash.
*
* These hash functions are intended for short messages, typically
* passwords or random tokens, and thus not suitable for computing the
* hash value of a large document.
*
* When used for passwords, to avoid dictionary attacks, the hash
* functions accept also a random salt which is hashed together with
* the password. Not all hash functions are adequate for passwords
* hashes.
*
* \ingroup auth
*/
class WT_API HashFunction
{
public:
/*! \brief Destructor.
*/
virtual ~HashFunction();
/*! \brief Returns the name for this hash function.
*
* This should return a (short) name that uniquely identifies this
* hash function.
*/
virtual std::string name() const = 0;
/*! \brief Computes the hash of a message + salt.
*
* The message is usually an ASCII or UTF-8 string.
*
* The \p salt and the computed hash are encoded in printable
* characters. This is usually ASCII-encoded \if cpp (as for the UNIX crypt()
* functions) \endif or could be Base64-encoded.
*/
virtual std::string compute(const std::string& msg, const std::string& salt)
const = 0;
/*! \brief Verifies a message with the salted hash
*
* The base implementation will recompute the hash of the message with
* the given salt, and compare it to the \p hash.
*
* Some methods however store the salt and additional settings in
* the \p hash, and this information is thus needed to verify the message
* hash.
*/
virtual bool verify(const std::string& msg,
const std::string& salt,
const std::string& hash) const;
};
/*! \class MD5HashFunction Wt/Auth/HashFunction
* \brief A cryptograhpic hash function implemented using MD5.
*
* This hash function is useful for creating token hashes, but
* should not be used for password hashes.
*
* \ingroup auth
*/
class WT_API MD5HashFunction : public HashFunction
{
public:
/*! \brief Returns the name for this hash function.
*
* Returns <tt>"MD5"</tt>.
*/
virtual std::string name() const;
virtual std::string compute(const std::string& msg,
const std::string& salt) const;
};
#ifndef WT_TARGET_JAVA
/*! \class SHA1HashFunction Wt/Auth/HashFunction
* \brief A cryptographic hash function implemented using SHA1.
*
* This hash function is only available if %Wt was compiled with
* OpenSSL support.
*
* This hashing function is useful for creating token hashes, and is
* also considered adequate for password hashes.
*
* \ingroup auth
*/
class WT_API SHA1HashFunction : public HashFunction
{
public:
/*! \brief Returns the name for this hash function.
*
* Returns <tt>"SHA1"</tt>.
*/
virtual std::string name() const;
virtual std::string compute(const std::string& msg,
const std::string& salt) const;
};
/*! \class BCryptHashFunction Wt/Auth/HashFunction
* \brief An cryptographic hash function that implements bcrypt.
*
* This hashing function is intended for password hashes. In addition
* to be collision-resistant, the bcrypt algorithm has a parameter
* which makes the computation more computationally intensive. In this
* way, a dictionary-based attack on a compromised hash is also less
* feasible.
*
* \ingroup auth
*/
class WT_API BCryptHashFunction : public HashFunction
{
public:
/*! \brief Constructor.
*
* The \p count parameter controls the number of iterations, and
* thus the computational complexity. With a value of 0, a small
* default is chosen. The computational complexity increases
* exponentionally with increasing values f \p count. The parameter
* only affects new hashes computed with compute(), and its value is
* stored in the computed hash.
*
* The value of \p count needs to be 0, or in the range 4-31.
*/
BCryptHashFunction(int count = 0);
/*! \brief Returns the name for this hash function.
*
* Returns <tt>"bcrypt"</tt>.
*/
virtual std::string name() const;
virtual std::string compute(const std::string& msg,
const std::string& salt) const;
virtual bool verify(const std::string& msg,
const std::string& hash,
const std::string& salt) const;
private:
int count_;
};
#endif
}
}
#endif // WT_AUTH_HASH_FUNCTION
|