// use base64::{engine::general_purpose::STANDARD, Engine};
use pbkdf2::{
password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString},
Pbkdf2,
};
// let b64_hashed_pw = "2oXm6sZHWbTHFgjgkGQsc2Ec9ZM=";
fn main() -> Result<(), Box<dyn std::error::Error>> {
let b64_hashed_salt = "wFgjUfhdUFOCKQiI61vtiQ==";
let password = b"MySecret!";
// let salt = SaltString::generate(&mut OsRng);
let salt = SaltString::from_b64(b64_hashed_salt).unwrap();
// Hash password to PHC string ($pbkdf2-sha256$...)
let password_hash = match Pbkdf2.hash_password(password, &salt) {
Ok(h) => h.to_string(),
Err(e) => {
let string = format!("Error hashing password: {}", e);
return Err(string.into());
}
};
// Verify password against PHC string
let parsed_hash = match PasswordHash::new(&password_hash) {
Ok(h) => h,
Err(e) => {
let string = format!("Error verifying password: {}", e);
return Err(string.into());
}
};
assert!(Pbkdf2.verify_password(password, &parsed_hash).is_ok());
println!("Password hash: {}", password_hash);
println!("Parsed hash: {:?}", parsed_hash);
println!("Password: {}", std::str::from_utf8(password).unwrap());
Ok(())
}
but
thread 'main' panicked at src/main.rs:15:54:
called `Result::unwrap()` on an `Err` value: SaltInvalid(InvalidChar('='))
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
newpavlov
commented
3 hours ago
I'm trying to work over ASPNET password encryption: https://learn.microsoft.com/en-us/aspnet/web-forms/overview/older-versions-security/membership/creating-the-membership-schema-in-sql-server-cs#securing-passwords
I wrote some simple code:
but