On this page:
19.1 Hasher Interface
gen:  hasher
hasher?
hasher-make-hash
hasher-hash-matches?
19.2 Implementations
19.2.1 argon2id
argon2id-hasher?
make-argon2id-hasher-factory

19 Password Hashing

 (require koyo/hasher) package: koyo-lib

This module provides functionality for creating and verifying password hashes.

19.1 Hasher Interface

interface

gen:hasher

The generic interface for password hashers. Every hasher is also a gen:component.

procedure

(hasher? v)  boolean?

  v : any/c
Returns #t when v implements the password hasher interface.

procedure

(hasher-make-hash h pass)  string?

  h : hasher?
  pass : string?
Hashes pass in an implementation-specific way.

procedure

(hasher-hash-matches? h pass-hash pass)  boolean?

  h : hasher?
  pass-hash : string?
  pass : string?
Returns #t when pass-hash is a hash of pass.

19.2 Implementations

19.2.1 argon2id

This hasher is based on the hybrid variant argon2 KDF. It is the recommended hasher for koyo applications and it’s what you currently get when you create an application using the standard blueprint.

procedure

(argon2id-hasher? v)  boolean?

  v : any/c
Returns #t when v is an argon2id hasher.

procedure

(make-argon2id-hasher-factory #:parallelism parallelism 
  #:iterations iterations 
  #:memory memory) 
  (-> argon2id-hasher?)
  parallelism : (processor-count)
  iterations : 256
  memory : 2048
Returns an argon2id-based hasher with the given configuration. It’s strongly recommended that you pick config values suitable to your own environment.

> (define the-hasher
   (component-start ((make-argon2id-hasher-factory))))
>
> (define p "supersecret")
> (define h (hasher-make-hash the-hasher p))
> h

"$argon2id$v=19$m=2048,t=256,p=16$e0gUGCU9E3MH3ik94QEX8A$4AASykMvNYkxpvZg2gCwWpHsP6brXszduYHbeu1bqwE"

>
> (hasher-hash-matches? the-hasher h "nope")

#f

> (hasher-hash-matches? the-hasher h p)

#t