Webs_hash.Sha_256SHA-256 hashes, HMAC-SHA-256 and PBKDF2-HMAC-SHA-256.
val length : t -> intlength h is the length of h in bytes (i.e. 32).
val hash : string -> thash s is the SHA-256 hash of s.
val hmac : key:string -> string -> thmac ~key msg is the RFC 2104 HMAC-SHA-256 for key key and message msg. key should not be less than 32 bytes.
val random_salt :
?random_state:Stdlib.Random.State.t ->
length:int ->
unit ->
saltrandom_salt ~length () are length bytes sourced from the given PRNG state (defaults to Stdlib.Random.make_self_init).
pbkdf2_hmac ~key_length ~iterations ~salt ~password () derives a key for password password with a salt salt and iterations iterations to generate a key of length key_length using RFC 8018's PBKFD2-HMAC-SHA-256.
Important. Use equal_key to compare derived keys, not String.equal or ( = ).
In 2023, here is a good baseline of parameters:
key_length of 32 bytes.iterations of 600_000.salt length of 16 bytes.See also the OWASP password storage cheet.
Raises Invalid_argument if key_len or iterations are smaller or equal to 0 or if key_len is greater than 232 - 1 * 32 or max_int.
equal_key k0 k1 is a constant time string equality for k0 and k1 of the same length. Do not use to compare strings of different lengths this raises Invalid_argument in that case.
equal h0 h1 is a constant time equality comparison function between hashes h0 and h1.
val to_binary_string : t -> stringto_binary_string h is the sequence of bytes of h.
val of_binary_string : string -> (t, unit) Stdlib.resultof_binary_string s is the sequence of bytes of s as a hash value. An error is returned if the length of s in not 32.
val to_hex : t -> stringto_hex h is the sequence of bytes of h as US-ASCII lowercase hexadecimal digits.
val of_hex : string -> (t, int) Stdlib.resultof_hex s parses a sequence of US-ASCII (lower or upper cased) hexadecimal digits to its hash value. Errors with an offending index or the length of the string in case s was not exactly made of 64 US-ASCII hex digits.