I'm trying to replicate the functionality of the following Python snippet:
from passlib.hash import sha512_crypt
sha512_crypt.encrypt(password, rounds=5000)
But I'm not sure how to do so with Erlang.
I'm trying to replicate the functionality of the following Python snippet:
from passlib.hash import sha512_crypt
sha512_crypt.encrypt(password, rounds=5000)
But I'm not sure how to do so with Erlang.
There's a fair amount of crypto in scutil.
I usually just os:cmd()
to a standard crypto tool, instead, because crypto tools need to be very well validated.
There are three key-derivation (aka advanced password hashing) algorithms in passlib. At least two of those exist as erlang projects (but not sha512_crypt, although you could code one yourself (DON'T !!)):
Just don't come up with your own incarnation of a password-derivation function. Use existing & verified stuff. Erlang-pbkdf2 is from the CouchDB codebase, which adds some trustworthiness to it.
Disclaimer: I am no crypto expert.
I assume that CouchDB's password hashing functionality is good enough as it's a big open-source project and lots of eyeballs have seen it... So I use that in my projects. It's very easy to extract from CouchDB (results in about 50 lines of code), and the license is OK with you taking bits for use in your own projects. Have a look at couch_passwords:pbkdf2/3
https://github.com/apache/couchdb/blob/master/src/couchdb/couch_passwords.erl#L53