Diff coverage report for

//

//

// Copyright (c) 2025 Vinnie Falco (vinnie.falco@gmail.com)

// Copyright (c) 2025 Vinnie Falco (vinnie.falco@gmail.com)

//

//

// Distributed under the Boost Software License, Version 1.0. (See accompanying

// Distributed under the Boost Software License, Version 1.0. (See accompanying

// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)

// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)

//

//

// Official repository: https://github.com/cppalliance/http

// Official repository: https://github.com/cppalliance/http

//

//

/** @file

/** @file

    bcrypt password hashing library.

    bcrypt password hashing library.

    This header provides bcrypt password hashing with three API tiers:

    This header provides bcrypt password hashing with three API tiers:

    **Tier 1 -- Synchronous** (low-level, no capy dependency):

    **Tier 1 -- Synchronous** (low-level, no capy dependency):

    @code

    @code

    bcrypt::result r = bcrypt::hash("password", 12);

    bcrypt::result r = bcrypt::hash("password", 12);

    system::error_code ec;

    system::error_code ec;

    bool ok = bcrypt::compare("password", r.str(), ec);

    bool ok = bcrypt::compare("password", r.str(), ec);

    @endcode

    @endcode

    **Tier 2 -- Capy Task** (lazy coroutine, caller controls executor):

    **Tier 2 -- Capy Task** (lazy coroutine, caller controls executor):

    @code

    @code

    auto r = co_await bcrypt::hash_task("password", 12);

    auto r = co_await bcrypt::hash_task("password", 12);

    @endcode

    @endcode

    **Tier 3 -- Friendly Async** (auto-offloads to system thread pool):

    **Tier 3 -- Friendly Async** (auto-offloads to system thread pool):

    @code

    @code

    auto r = co_await bcrypt::hash_async("password", 12);

    auto r = co_await bcrypt::hash_async("password", 12);

    bool ok = co_await bcrypt::compare_async("password", r.str());

    bool ok = co_await bcrypt::compare_async("password", r.str());

    @endcode

    @endcode

*/

*/

#ifndef BOOST_HTTP_BCRYPT_HPP

#ifndef BOOST_HTTP_BCRYPT_HPP

#define BOOST_HTTP_BCRYPT_HPP

#define BOOST_HTTP_BCRYPT_HPP

#include <boost/http/detail/config.hpp>

#include <boost/http/detail/config.hpp>

#include <boost/http/detail/except.hpp>

#include <boost/http/detail/except.hpp>

#include <boost/core/detail/string_view.hpp>

#include <boost/core/detail/string_view.hpp>

#include <boost/system/error_category.hpp>

#include <boost/system/error_category.hpp>

#include <boost/system/error_code.hpp>

#include <boost/system/error_code.hpp>

#include <boost/system/is_error_code_enum.hpp>

#include <boost/system/is_error_code_enum.hpp>

#include <boost/capy/coro.hpp>

#include <boost/capy/coro.hpp>

#include <boost/capy/task.hpp>

#include <boost/capy/task.hpp>

#include <boost/capy/ex/executor_ref.hpp>

#include <boost/capy/ex/executor_ref.hpp>

#include <boost/capy/ex/run_async.hpp>

#include <boost/capy/ex/run_async.hpp>

#include <boost/capy/ex/system_context.hpp>

#include <boost/capy/ex/system_context.hpp>

#include <cstddef>

#include <cstddef>

#include <cstring>

#include <cstring>

#include <exception>

#include <exception>

#include <stop_token>

#include <stop_token>

#include <string>

#include <string>

#include <system_error>

#include <system_error>

namespace boost {

namespace boost {

namespace http {

namespace http {

namespace bcrypt {

namespace bcrypt {

//------------------------------------------------

//------------------------------------------------

/** bcrypt hash version prefix.

/** bcrypt hash version prefix.

    The version determines which variant of bcrypt is used.

    The version determines which variant of bcrypt is used.

    All versions produce compatible hashes.

    All versions produce compatible hashes.

*/

*/

enum class version

enum class version

{

{

    /// $2a$ - Original specification

    /// $2a$ - Original specification

    v2a,

    v2a,

    /// $2b$ - Fixed handling of passwords > 255 chars (recommended)

    /// $2b$ - Fixed handling of passwords > 255 chars (recommended)

    v2b

    v2b

};

};

//------------------------------------------------

//------------------------------------------------

/** Error codes for bcrypt operations.

/** Error codes for bcrypt operations.

    These errors indicate malformed input from untrusted sources.

    These errors indicate malformed input from untrusted sources.

*/

*/

enum class error

enum class error

{

{

    /// Success

    /// Success

    ok = 0,

    ok = 0,

    /// Salt string is malformed

    /// Salt string is malformed

    invalid_salt,

    invalid_salt,

    /// Hash string is malformed

    /// Hash string is malformed

    invalid_hash

    invalid_hash

};

};

} // bcrypt

} // bcrypt

} // http

} // http

namespace system {

namespace system {

template<>

template<>

struct is_error_code_enum<

struct is_error_code_enum<

    ::boost::http::bcrypt::error>

    ::boost::http::bcrypt::error>

{

{

    static bool const value = true;

    static bool const value = true;

};

};

} // system

} // system

} // boost

} // boost

namespace std {

namespace std {

template<>

template<>

struct is_error_code_enum<

struct is_error_code_enum<

    ::boost::http::bcrypt::error>

    ::boost::http::bcrypt::error>

    : std::true_type {};

    : std::true_type {};

} // std

} // std

namespace boost {

namespace boost {

namespace http {

namespace http {

namespace bcrypt {

namespace bcrypt {

namespace detail {

namespace detail {

struct BOOST_SYMBOL_VISIBLE

struct BOOST_SYMBOL_VISIBLE

    error_cat_type

    error_cat_type

    : system::error_category

    : system::error_category

{

{

    BOOST_HTTP_DECL const char* name(

    BOOST_HTTP_DECL const char* name(

        ) const noexcept override;

        ) const noexcept override;

    BOOST_HTTP_DECL std::string message(

    BOOST_HTTP_DECL std::string message(

        int) const override;

        int) const override;

    BOOST_HTTP_DECL char const* message(

    BOOST_HTTP_DECL char const* message(

        int, char*, std::size_t

        int, char*, std::size_t

            ) const noexcept override;

            ) const noexcept override;

    BOOST_SYSTEM_CONSTEXPR error_cat_type()

    BOOST_SYSTEM_CONSTEXPR error_cat_type()

        : error_category(0xbc8f2a4e7c193d56)

        : error_category(0xbc8f2a4e7c193d56)

    {

    {

    }

    }

};

};

BOOST_HTTP_DECL extern

BOOST_HTTP_DECL extern

    error_cat_type error_cat;

    error_cat_type error_cat;

} // detail

} // detail

inline

inline

BOOST_SYSTEM_CONSTEXPR

BOOST_SYSTEM_CONSTEXPR

system::error_code

system::error_code

    error ev) noexcept

    error ev) noexcept

{

{

    return system::error_code{

    return system::error_code{

        static_cast<std::underlying_type<

        static_cast<std::underlying_type<

            error>::type>(ev),

            error>::type>(ev),

}

}

//------------------------------------------------

//------------------------------------------------

/** Fixed-size buffer for bcrypt hash output.

/** Fixed-size buffer for bcrypt hash output.

    Stores a bcrypt hash string (max 60 chars) in an

    Stores a bcrypt hash string (max 60 chars) in an

    inline buffer with no heap allocation.

    inline buffer with no heap allocation.

    @par Example

    @par Example

    @code

    @code

    bcrypt::result r = bcrypt::hash("password", 10);

    bcrypt::result r = bcrypt::hash("password", 10);

    core::string_view sv = r;  // or r.str()

    core::string_view sv = r;  // or r.str()

    std::cout << r.c_str();    // null-terminated

    std::cout << r.c_str();    // null-terminated

    @endcode

    @endcode

*/

*/

class result

class result

{

{

    char buf_[61];

    char buf_[61];

    unsigned char size_;

    unsigned char size_;

public:

public:

    /** Default constructor.

    /** Default constructor.

        Constructs an empty result.

        Constructs an empty result.

    */

    */

    {

    {

    /** Return the hash as a string_view.

    /** Return the hash as a string_view.

    */

    */

    core::string_view

    core::string_view

    {

    {

    }

    }

    /** Implicit conversion to string_view.

    /** Implicit conversion to string_view.

    */

    */

    operator core::string_view() const noexcept

    operator core::string_view() const noexcept

    {

    {

        return str();

        return str();

    }

    }

    /** Return null-terminated C string.

    /** Return null-terminated C string.

    */

    */

    char const*

    char const*

    {

    {

    }

    }

    /** Return pointer to data.

    /** Return pointer to data.

    */

    */

    char const*

    char const*

    data() const noexcept

    data() const noexcept

    {

    {

        return buf_;

        return buf_;

    }

    }

    /** Return size in bytes (excludes null terminator).

    /** Return size in bytes (excludes null terminator).

    */

    */

    std::size_t

    std::size_t

    {

    {

    }

    }

    /** Check if result is empty.

    /** Check if result is empty.

    */

    */

    bool

    bool

    {

    {

    }

    }

    /** Check if result contains valid data.

    /** Check if result contains valid data.

    */

    */

    explicit

    explicit

    {

    {

    }

    }

private:

private:

    friend BOOST_HTTP_DECL result gen_salt(unsigned, version);

    friend BOOST_HTTP_DECL result gen_salt(unsigned, version);

    friend BOOST_HTTP_DECL result hash(core::string_view, unsigned, version);

    friend BOOST_HTTP_DECL result hash(core::string_view, unsigned, version);

    friend BOOST_HTTP_DECL result hash(core::string_view, core::string_view, system::error_code&);

    friend BOOST_HTTP_DECL result hash(core::string_view, core::string_view, system::error_code&);

    {

    {

};

};

//------------------------------------------------

//------------------------------------------------

/** Generate a random salt.

/** Generate a random salt.

    Creates a bcrypt salt string suitable for use with

    Creates a bcrypt salt string suitable for use with

    the hash() function.

    the hash() function.

    @par Preconditions

    @par Preconditions

    @code

    @code

    rounds >= 4 && rounds <= 31

    rounds >= 4 && rounds <= 31

    @endcode

    @endcode

    @par Exception Safety

    @par Exception Safety

    Strong guarantee.

    Strong guarantee.

    @par Complexity

    @par Complexity

    Constant.

    Constant.

    @param rounds Cost factor. Each increment doubles the work.

    @param rounds Cost factor. Each increment doubles the work.

    Default is 10, which takes approximately 100ms on modern hardware.

    Default is 10, which takes approximately 100ms on modern hardware.

    @param ver Hash version to use.

    @param ver Hash version to use.

    @return A 29-character salt string.

    @return A 29-character salt string.

    @throws std::invalid_argument if rounds is out of range.

    @throws std::invalid_argument if rounds is out of range.

    @throws system_error on RNG failure.

    @throws system_error on RNG failure.

*/

*/

BOOST_HTTP_DECL

BOOST_HTTP_DECL

result

result

gen_salt(

gen_salt(

    unsigned rounds = 10,

    unsigned rounds = 10,

    version ver = version::v2b);

    version ver = version::v2b);

/** Hash a password with auto-generated salt.

/** Hash a password with auto-generated salt.

    Generates a random salt and hashes the password.

    Generates a random salt and hashes the password.

    @par Preconditions

    @par Preconditions

    @code

    @code

    rounds >= 4 && rounds <= 31

    rounds >= 4 && rounds <= 31

    @endcode

    @endcode

    @par Exception Safety

    @par Exception Safety

    Strong guarantee.

    Strong guarantee.

    @par Complexity

    @par Complexity

    O(2^rounds).

    O(2^rounds).

    @param password The password to hash. Only the first 72 bytes

    @param password The password to hash. Only the first 72 bytes

    are used (bcrypt limitation).

    are used (bcrypt limitation).

    @param rounds Cost factor. Each increment doubles the work.

    @param rounds Cost factor. Each increment doubles the work.

    @param ver Hash version to use.

    @param ver Hash version to use.

    @return A 60-character hash string.

    @return A 60-character hash string.

    @throws std::invalid_argument if rounds is out of range.

    @throws std::invalid_argument if rounds is out of range.

    @throws system_error on RNG failure.

    @throws system_error on RNG failure.

*/

*/

BOOST_HTTP_DECL

BOOST_HTTP_DECL

result

result

hash(

hash(

    core::string_view password,

    core::string_view password,

    unsigned rounds = 10,

    unsigned rounds = 10,

    version ver = version::v2b);

    version ver = version::v2b);

/** Hash a password using a provided salt.

/** Hash a password using a provided salt.

    Uses the given salt to hash the password. The salt should

    Uses the given salt to hash the password. The salt should

    be a string previously returned by gen_salt() or extracted

    be a string previously returned by gen_salt() or extracted

    from a hash string.

    from a hash string.

    @par Exception Safety

    @par Exception Safety

    Strong guarantee.

    Strong guarantee.

    @par Complexity

    @par Complexity

    O(2^rounds).

    O(2^rounds).

    @param password The password to hash.

    @param password The password to hash.

    @param salt The salt string (29 characters).

    @param salt The salt string (29 characters).

    @param ec Set to bcrypt::error::invalid_salt if the salt

    @param ec Set to bcrypt::error::invalid_salt if the salt

    is malformed.

    is malformed.

    @return A 60-character hash string, or empty result on error.

    @return A 60-character hash string, or empty result on error.

*/

*/

BOOST_HTTP_DECL

BOOST_HTTP_DECL

result

result

hash(

hash(

    core::string_view password,

    core::string_view password,

    core::string_view salt,

    core::string_view salt,

    system::error_code& ec);

    system::error_code& ec);

/** Compare a password against a hash.

/** Compare a password against a hash.

    Extracts the salt from the hash, re-hashes the password,

    Extracts the salt from the hash, re-hashes the password,

    and compares the result.

    and compares the result.

    @par Exception Safety

    @par Exception Safety

    Strong guarantee.

    Strong guarantee.

    @par Complexity

    @par Complexity

    O(2^rounds).

    O(2^rounds).

    @param password The plaintext password to check.

    @param password The plaintext password to check.

    @param hash The hash string to compare against.

    @param hash The hash string to compare against.

    @param ec Set to bcrypt::error::invalid_hash if the hash

    @param ec Set to bcrypt::error::invalid_hash if the hash

    is malformed.

    is malformed.

    @return true if the password matches the hash, false if

    @return true if the password matches the hash, false if

    it does not match OR if an error occurred. Always check

    it does not match OR if an error occurred. Always check

    ec to distinguish between a mismatch and an error.

    ec to distinguish between a mismatch and an error.

*/

*/

BOOST_HTTP_DECL

BOOST_HTTP_DECL

bool

bool

compare(

compare(

    core::string_view password,

    core::string_view password,

    core::string_view hash,

    core::string_view hash,

    system::error_code& ec);

    system::error_code& ec);

/** Extract the cost factor from a hash string.

/** Extract the cost factor from a hash string.

    @par Exception Safety

    @par Exception Safety

    Strong guarantee.

    Strong guarantee.

    @par Complexity

    @par Complexity

    Constant.

    Constant.

    @param hash The hash string to parse.

    @param hash The hash string to parse.

    @param ec Set to bcrypt::error::invalid_hash if the hash

    @param ec Set to bcrypt::error::invalid_hash if the hash

    is malformed.

    is malformed.

    @return The cost factor (4-31) on success, or 0 if an

    @return The cost factor (4-31) on success, or 0 if an

    error occurred.

    error occurred.

*/

*/

BOOST_HTTP_DECL

BOOST_HTTP_DECL

unsigned

unsigned

get_rounds(

get_rounds(

    core::string_view hash,

    core::string_view hash,

    system::error_code& ec);

    system::error_code& ec);

namespace detail {

namespace detail {

// bcrypt truncates passwords to 72 bytes

// bcrypt truncates passwords to 72 bytes

struct password_buf

struct password_buf

{

{

    char data_[72];

    char data_[72];

    unsigned char size_;

    unsigned char size_;

        core::string_view s) noexcept

        core::string_view s) noexcept

    {

    {

    {

    {

    }

    }

};

};

// bcrypt hashes are always 60 characters

// bcrypt hashes are always 60 characters

struct hash_buf

struct hash_buf

{

{

    char data_[61];

    char data_[61];

    unsigned char size_;

    unsigned char size_;

        core::string_view s) noexcept

        core::string_view s) noexcept

    {

    {

    {

    {

    }

    }

};

};

} // detail

} // detail

//------------------------------------------------

//------------------------------------------------

/** Hash a password, returning a lazy task.

/** Hash a password, returning a lazy task.

    Returns a @ref capy::task that wraps the synchronous

    Returns a @ref capy::task that wraps the synchronous

    hash() call. The caller can co_await this task directly

    hash() call. The caller can co_await this task directly

    or launch it on a specific executor via run_async().

    or launch it on a specific executor via run_async().

    @par Example

    @par Example

    @code

    @code

    // co_await in current context

    // co_await in current context

    bcrypt::result r = co_await bcrypt::hash_task("password", 12);

    bcrypt::result r = co_await bcrypt::hash_task("password", 12);

    // or launch on a specific executor

    // or launch on a specific executor

    run_async(my_executor)(bcrypt::hash_task("password", 12));

    run_async(my_executor)(bcrypt::hash_task("password", 12));

    @endcode

    @endcode

    @param password The password to hash.

    @param password The password to hash.

    @param rounds Cost factor. Each increment doubles the work.

    @param rounds Cost factor. Each increment doubles the work.

    @param ver Hash version to use.

    @param ver Hash version to use.

    @return A lazy task yielding `result`.

    @return A lazy task yielding `result`.

    @throws std::invalid_argument if rounds is out of range.

    @throws std::invalid_argument if rounds is out of range.

    @throws system_error on RNG failure.

    @throws system_error on RNG failure.

*/

*/

inline

inline

capy::task<result>

capy::task<result>

    core::string_view password,

    core::string_view password,

    unsigned rounds = 10,

    unsigned rounds = 10,

    version ver = version::v2b)

    version ver = version::v2b)

{

{

    detail::password_buf pw(password);

    detail::password_buf pw(password);

    co_return hash(pw, rounds, ver);

    co_return hash(pw, rounds, ver);

/** Compare a password against a hash, returning a lazy task.

/** Compare a password against a hash, returning a lazy task.

    Returns a @ref capy::task that wraps the synchronous

    Returns a @ref capy::task that wraps the synchronous

    compare() call. Errors are translated to exceptions.

    compare() call. Errors are translated to exceptions.

    @par Example

    @par Example

    @code

    @code

    bool ok = co_await bcrypt::compare_task("password", stored_hash);

    bool ok = co_await bcrypt::compare_task("password", stored_hash);

    @endcode

    @endcode

    @param password The plaintext password to check.

    @param password The plaintext password to check.

    @param hash_str The hash string to compare against.

    @param hash_str The hash string to compare against.

    @return A lazy task yielding `bool`.

    @return A lazy task yielding `bool`.

    @throws system_error if the hash is malformed.

    @throws system_error if the hash is malformed.

*/

*/

inline

inline

capy::task<bool>

capy::task<bool>

    core::string_view password,

    core::string_view password,

    core::string_view hash_str)

    core::string_view hash_str)

{

{

    detail::password_buf pw(password);

    detail::password_buf pw(password);

    detail::hash_buf hs(hash_str);

    detail::hash_buf hs(hash_str);

    system::error_code ec;

    system::error_code ec;

    bool ok = compare(pw, hs, ec);

    bool ok = compare(pw, hs, ec);

    if(ec.failed())

    if(ec.failed())

        http::detail::throw_system_error(ec);

        http::detail::throw_system_error(ec);

    co_return ok;

    co_return ok;

//------------------------------------------------

//------------------------------------------------

namespace detail {

namespace detail {

struct hash_async_op

struct hash_async_op

{

{

    password_buf password_;

    password_buf password_;

    unsigned rounds_;

    unsigned rounds_;

    version ver_;

    version ver_;

    result result_;

    result result_;

    std::exception_ptr ep_;

    std::exception_ptr ep_;

    {

    {

    }

    }