[erlang-questions] SHA-256/512 password hashing

Per Hedeland per@REDACTED
Wed May 21 21:33:06 CEST 2014


Fred Hebert <mononcqc@REDACTED> wrote:
>
>I know you asked for SHA, and this might be an external requirement you
>can do nothing about. However, in the possibility you can choose the
>technology you want there, I'd like to possibly recommend erlpass
>(https://github.com/ferd/erlpass) which uses bcrypt to encapsulate
>common password operations, and should be safer.
>
>Sorry if that ends up not being helpful,

Thanks anyway, but no, compatibility with libc crypt(3) is a
requirement. It's actually pretty trivial to transcribe Drepper's
22-step specification of the algorithm to Erlang, just boring and
error-prone - which is why I hoped that someone else had already
done it.:-)

--Per




More information about the erlang-questions mailing list