Skip to content

A set of high-level APIs over PointyCastle and CryptoUtils to hash and verify passwords securely.

License

Notifications You must be signed in to change notification settings

leocavalcante/password-dart

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

password

Pub Package Build Status Donate

A set of high-level APIs over PointyCastle to hash and verify passwords securely.
Heavily inspired on PHP's Password Hashing Functions.

Looking for two-way cryptography (encryption decryption)? Please, visit encrypt.

API

Password.hash

Password.hash('password', new PBKDF2());
// $pcks$64,10000,64$530f8afbc74536b9a963b4f1c4cb738bcea7403d4d606b6e074ec5d3baf39d18$56158864e365bd78f6afda27f9a239bcb3f2b7a4773d4c0d0858c86266119d1e35aae9ca1a4777ed3d85c42caeed0c57cc7e09fe7d152d5d4d4ee08506c2b41a

Password.verify

Password.verify('password', previousOutput);
// true

Password.verify('secret', previousOutput);
// false

Defaults

In almost cases, you should rely on default PRNG for salts. It is cryptographically secure and unique for each password.

On the other hand, you are encouraged to change interations count for what your hardware can handle.

PBKDF2

Digest SHA-512
Block size 64 bytes
Salt 32 bytes Fortuna
Iteration count 10000
Key length 64 bytes

Waiting for Argon2.

About

A set of high-level APIs over PointyCastle and CryptoUtils to hash and verify passwords securely.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages