The RustCrypto Org has released v0.1 of the password-hash
crate, which provides traits and types for password hashing functions:
- repo: traits/password-hash at master · RustCrypto/traits · GitHub
- crate: https://crates.io/crates/password-hash
- docs: https://docs.rs/password-hash/
It provides an implementation of the PHC string format as well as support for upgrading password hashes in the legacy Modular Crypt Format (MCF).
The password-hash
crate is used by the following RustCrypto password hashing crates:
The PasswordHash::verify_password
function makes it possible to specify multiple algorithms to verify a password hash against, allowing you to store password hashes with multiple algorithms and verify a password against all of them:
use password_hash::PasswordHash;
use argon2::Argon2;
use pbkdf2::Pbkdf2;
use scrypt::Scrypt;
let hash_string = load_hash_string_for_user(...); // e.g. `$argon2id$...`
let input_password = read_password_from_user();
let password_hash = PasswordHash::new(&hash_string)
.expect("invalid password hash");
// Trait objects for algorithms to support
let algs = &[Argon2::default(), Pbkdf2, Scrypt];
if password_hash.verify_password(algs, input_password).is_ok() {
access_granted();
} else {
access_denied();
}
Enjoy!