use v6;

use NativeCall :TEST,:DEFAULT;
use NativeLibs:ver<0.0.5+>;
use NativeHelpers::Array;



head

Crypt::SodiumPasswordHash - scrypt password hashing using libsodium


code

=begin code

use Crypt::SodiumPasswordHash;

my $password =  'somepa55word';

my $hash     =  sodium-hash($password);

if sodium-verify($hash, $password ) {

    #  password ok

}

=end code


This module provides a binding to the password hashing functions provided
by L<libsodium|https://libsodium.gitbook.io/doc/>.


The algorithm used is the one recomended by the installed version of
libsodium. as of version 23 this is a variant of Argon2, but older
versions may provide a different one as may future versions. Additionally
the C<sodium-verify> should be able to verify a password hash created
by other libraries that support the Argon2 family such as L<Crypt::Argon2||https://github.com/skinkade/p6-crypt-argon2>.


The hash returned by C<sodium-hash> is in the format used in
C</etc/shadow> and can be verified by other libraries that understand
the algorithm.  By default the I<interactive> limits for memory and
CPU usage are used, which is a reasonable compromise for the time
taken for both hashing and verification.  If the C<:sensitive> switch
is supplied to C<sodium-hash> then both hashing and verification take
significantly longer (and use more memory,) so this may not suitable
for some applications.



module Crypt::SodiumPasswordHash {

    constant LIB = NativeLibs::Searcher.at-runtime(
        'sodium',
        'crypto_pwhash_strbytes',
        15..23
    );


    sub crypto_pwhash_alg_argon2i13( --> int32 ) is native(LIB) { * }

    sub crypto_pwhash_alg_argon2id13( --> int32 ) is native(LIB) { * }

    sub crypto_pwhash_alg_default( --> int32 ) is native(LIB) { * }


    enum HashAlgorithm is export (
        ARGON2I13   => crypto_pwhash_alg_argon2i13(),
        ARGON2ID13  => crypto_pwhash_alg_argon2id13()
    );

    sub crypto_pwhash_strbytes( --> size_t ) is native(LIB) { * }

    constant SODIUM_STRBYTES = crypto_pwhash_strbytes();


    sub crypto_pwhash_opslimit_interactive( --> size_t ) is native(LIB) { * }

    constant OPSLIMIT_INTERACTIVE = crypto_pwhash_opslimit_interactive();

    sub crypto_pwhash_memlimit_interactive( --> size_t ) is native(LIB) { * }

    constant MEMLIMIT_INTERACTIVE = crypto_pwhash_memlimit_interactive();

    sub crypto_pwhash_opslimit_sensitive( --> size_t ) is native(LIB) { * }

    constant OPSLIMIT_SENSITIVE = crypto_pwhash_opslimit_sensitive();

    sub crypto_pwhash_memlimit_sensitive( --> size_t ) is native(LIB) { * }

    constant MEMLIMIT_SENSITIVE = crypto_pwhash_memlimit_sensitive();

    sub crypto_pwhash_str_alg(CArray[uint8] $out, Str $passwd, ulonglong $passwdlen, ulonglong $opslimit, size_t $memlimit, int32 $alg --> int32) is native(LIB) { * }

    sub sodium-hash(Str $password, HashAlgorithm $algo = HashAlgorithm(crypto_pwhash_alg_default()), Bool :$sensitive --> Str ) is export {

        my $opslimit = $sensitive ?? OPSLIMIT_SENSITIVE !! OPSLIMIT_INTERACTIVE;
        my $memlimit = $sensitive ?? MEMLIMIT_SENSITIVE !! MEMLIMIT_INTERACTIVE;
        my $password-length = $password.encode.bytes;
        my $hashed        = CArray[uint8].allocate(SODIUM_STRBYTES);

        if crypto_pwhash_str_alg($hashed, $password, $password-length, $opslimit, $memlimit, $algo) {
            die 'out of memory in sodium-hash';
        }

        my $buf = copy-carray-to-buf($hashed, SODIUM_STRBYTES);
        $buf.decode.subst(/\0+$/,'');
    }

    sub crypto_pwhash_str_verify(Str $str, Str $passwd, ulonglong $passwdlen --> int32) is native(LIB) { * }

    sub sodium-verify(Str $hash, Str $password --> Bool ) is export {
        my $password-length = $password.encode.bytes;
        !crypto_pwhash_str_verify($hash, $password, $password-length);
    }

}

# vim: ft=raku


root

README

React

=begin React :component<HeaderCol> :id<menu> 
=para L<Documentation|/doc/introduction>
=para L<Modules| /mods>
=para L<Examples| file:../examples/index.podlite>
=para L<Download |file:../download/index.podlite>
=para L<About|file:../about/index.podlite>
=para 🔍 K<⌘K>/K<ctrl-K>
=end React


=begin React :component<HeaderCol> :id<footer>  
=begin nested :!nested
=item1 B<Language>
    =item2 L<Get started|file:../getting-started/getting-started.podlite>
    =item2 L<Why Raku?|/doc/language/faq#Why-should-I-learn-Raku-What's-so-great-about-it>
    =item2 L<Try Raku|https://glot.io/new/raku>
    =item2 L<Raku cheat sheet|https://github.com/Raku/mu/blob/master/docs/Perl6/Cheatsheet/cheatsheet.txt>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<Raku on Exercism|https://exercism.org/tracks/raku>
    =item2 L<Wikipedia|https://en.wikipedia.org/wiki/Raku_(programming_language)>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>

=end nested
=begin nested :!nested

=item1 B<L<Documentation|/doc>>
    =item2 L<Getting started, Migration guides from other languages, & Tutorials | file:../doc/introduction.podlite>
    =item2 L<Language References|file:../doc/reference.podlite>
    =item2 L<Type Reference| file:../doc/types.podlite>
    =item2 L<Miscellaneous| file:../doc/miscellaneous.podlite>
    =item2 L<FAQs (Frequently Asked Questions)|/doc/language/faq>
    =item2 L<Community|/doc/language/community>
    =item2 L<The list of all documents|file:../doc/index.podlite>

=item1 B<Resources>
    =item2 L<The Raku Guide|https://raku.guide/>
    =item2 L<Books |https://perl6book.com/>
    =item2 L<Rosetta Code | https://www.raku.org/community/rosettacode>

=end nested
=begin nested :!nested

=item1 B<Resoures>
    =item2 L<Download | file:../download/index.podlite>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>

=item1 B<Learning>
    =item2 L<The Raku Guide|https://raku.guide/>
    =item2 L<Wikibook |https://en.wikibooks.org/wiki/Raku_Programming>
    =item2 L<Books |https://perl6book.com/>
    =item2 L<Rosetta Code | https://www.raku.org/community/rosettacode>
    =item2 L<Learn Raku in Y minutes|https://learnxinyminutes.com/docs/raku/>
    =item2 L<Golfing |https://github.com/AlexDaniel/raku-golf-cheatsheet>
=end nested
=begin nested :!nested

=item1 B<Explore>
    =item2 L<Raku Blog Aggregator|https://planet.raku.org/>
    =item2 L<Rakudo Weekly|https://rakudoweekly.blog/>
    =item2 L<The Weekly Challenge |https://perlweeklychallenge.org/>
    =item2 L<Raku Advent Calendar|https://raku-advent.blog/>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>
    =item2 L<empty|#>

=end nested
=end React


=begin React :component<CookieConsent> :id<CookieConsent> :buttonCaption("Got it!")
=para
This website uses cookies for analytics.
=end React


SodiumPasswordHash

NAME

SYNOPSIS

DESCRIPTION

Crypt::SodiumPasswordHash v0.0.5

Authors

License

Dependencies

Test Dependencies

Provides

Documentation