The cl-pass Reference Manual

This is the cl-pass Reference Manual, version 0.1, generated automatically by Declt version 4.0 beta 2 "William Riker" on Sun Sep 15 04:19:34 2024 GMT+0.

Table of Contents


1 Introduction


2 Systems

The main system appears first, followed by any subsystem dependency.


2.1 cl-pass

Password hashing and verification library.

Author

Fernando Borretti

Home Page

https://github.com/eudoxia0/cl-pass

License

MIT

Long Description

# cl-pass

[![Build Status](https://travis-ci.org/eudoxia0/cl-pass.svg?branch=master)](https://travis-ci.org/eudoxia0/cl-pass) [![Quicklisp badge](http://quickdocs.org/badge/cl-pass.svg)](http://quickdocs.org/cl-pass)

cl-pass is a password hashing and verification library. The source code was
originally part of [hermetic](https://github.com/eudoxia0/hermetic), and was
factored out to allow other libraries to use it.

# Usage

“‘lisp
cl-user> (cl-pass:hash "test") "PBKDF2$sha256:20000$5cf6ee792cdf05e1ba2b6325c41a5f10$19c7f2ccb3880716bf7cdf999b3ed99e07c7a8140bab37af2afdc28d8806e854" cl-user> (cl-pass:check-password "test" *)
t
cl-user> (cl-pass:check-password "nope" **)
nil
“‘

# License

Copyright (c) 2014-2015 Fernando Borretti (eudoxiahp@gmail.com)

Licensed under the MIT License.

Version

0.1

Dependencies
  • ironclad (system).
  • trivial-utf-8 (system).
  • split-sequence (system).
Source

cl-pass.asd.

Child Component

src (module).


3 Modules

Modules are listed depth-first from the system components tree.


3.1 cl-pass/src

Source

cl-pass.asd.

Parent Component

cl-pass (system).

Child Component

cl-pass.lisp (file).


4 Files

Files are sorted by type and then listed depth-first from the systems components trees.


4.1 Lisp


4.1.1 cl-pass/cl-pass.asd

Source

cl-pass.asd.

Parent Component

cl-pass (system).

ASDF Systems

cl-pass.


4.1.2 cl-pass/src/cl-pass.lisp

Source

cl-pass.asd.

Parent Component

src (module).

Packages

cl-pass.

Public Interface
Internals

5 Packages

Packages are listed by definition order.


5.1 cl-pass

Source

cl-pass.lisp.

Use List

common-lisp.

Public Interface
Internals

6 Definitions

Definitions are sorted by export status, category, package, and then by lexicographic order.


6.1 Public Interface


6.1.1 Ordinary functions

Function: check-password (pass password-hash)

Verify that PASS hashes to PASSWORD-HASH. Extracts the parameters (Salt, algorithm, number of iterations) in PASSWORD-HASH, so you don’t have to pass anything else.

Package

cl-pass.

Source

cl-pass.lisp.

Function: hash (password &key type salt iterations)

Hash a password string.

Package

cl-pass.

Source

cl-pass.lisp.

Function: salt (&optional size)

Generate a salt of a given size.

Package

cl-pass.

Source

cl-pass.lisp.


6.2 Internals


6.2.1 Special variables

Special Variable: *package-random-state*

Holds the random state used for generation of random numbers.

Package

cl-pass.

Source

cl-pass.lisp.

Special Variable: +known-digests+
Package

cl-pass.

Source

cl-pass.lisp.


6.2.2 Ordinary functions

Function: constant-string= (a b)

Custom string equality function to defeat timing attacks.

Package

cl-pass.

Source

cl-pass.lisp.

Function: parse-password-hash (password-hash)

Parse a combined string into a list containing the digest; and the number of iterations, salt and algorithm used to produce it.

Package

cl-pass.

Source

cl-pass.lisp.

Function: pbkdf2 (password salt digest iterations)
Package

cl-pass.

Source

cl-pass.lisp.


Appendix A Indexes


A.1 Concepts