BCrypt.Net

BCrypt implementation.

BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future- Adaptable Password Scheme" by Niels Provos and David Mazieres. This password hashing system tries to thwart off-line password cracking using a computationally-intensive hashing algorithm, based on Bruce Schneier's Blowfish cipher. The work factor of the algorithm is parameterised, so it can be increased as computers get faster. Usage is really simple. To hash a password for the first time, call the method with a random salt, like this: string pw_hash = BCrypt.HashPassword(plain_password); To check whether a plaintext password matches one that has been hashed previously, use the method:


                if (BCrypt.Verify(candidate_password, stored_hash))
                    Console.WriteLine("It matches");
                else
                    Console.WriteLine("It does not match");

The method takes an optional parameter (workFactor) that determines the computational complexity of the hashing:


                string strong_salt = BCrypt.GenerateSalt(10);
                string stronger_salt = BCrypt.GenerateSalt(12);

The amount of work increases exponentially (2**log_rounds), so each increment is twice as much work. The default log_rounds is 10, and the valid range is 4 to 31.

Hash a string using the OpenBSD bcrypt scheme and a salt generated by .

Just an alias for HashPassword. The string to hash. The hashed string.

Hash a string using the OpenBSD bcrypt scheme and a salt generated by .

Just an alias for HashPassword. The string to hash. The log2 of the number of rounds of hashing to apply - the work factor therefore increases as 2**workFactor. The hashed string.

Hash a password using the OpenBSD bcrypt scheme and a salt generated by .

The password to hash. The hashed password.

Hash a password using the OpenBSD bcrypt scheme and a salt generated by using the given .

The password to hash. The log2 of the number of rounds of hashing to apply - the work factor therefore increases as 2**workFactor. The hashed password.

Hash a password using the OpenBSD bcrypt scheme.

Thrown when one or more arguments have unsupported or illegal values. The password to hash. the salt to hash with (perhaps generated using BCrypt.gensalt). The hashed password

Generate a salt for use with the method.

The log2 of the number of rounds of hashing to apply - the work factor therefore increases as 2**workFactor. A base64 encoded salt value.

Generate a salt for use with the method selecting a reasonable default for the number of hashing rounds to apply.

A base64 encoded salt value.

Verifies that the hash of the given matches the provided

The text to verify. The previously-hashed password. true if the passwords match, false otherwise.

Encode a byte array using bcrypt's slightly-modified base64 encoding scheme. Note that this is *not* compatible with the standard MIME-base64 encoding.

Thrown when one or more arguments have unsupported or illegal values. The byte array to encode. The number of bytes to encode. Base64-encoded string.

Decode a string encoded using bcrypt's base64 scheme to a byte array. Note that this is *not* compatible with the standard MIME-base64 encoding.

Thrown when one or more arguments have unsupported or illegal values. The string to decode. The maximum bytes to decode. The decoded byte array.

Look up the 3 bits base64-encoded by the specified character, range-checking against conversion table.

The base64-encoded value. The decoded value of x.

Blowfish encipher a single 64-bit block encoded as two 32-bit halves.

An array containing the two 32-bit half blocks. The position in the array of the blocks.

Cycically extract a word of key material.

The string to extract the data from. [in,out] The current offset. The next word of material from data.

Initializes the Blowfish key schedule.

Key the Blowfish cipher.

The key byte array.

Perform the "enhanced key schedule" step described by Provos and Mazieres in "A Future- Adaptable Password Scheme" http://www.openbsd.org/papers/bcrypt-paper.ps.

Salt byte array. Input byte array.

Perform the central hashing step in the bcrypt scheme.

Thrown when one or more arguments have unsupported or illegal values. The input byte array to hash. The salt byte array to hash with. The binary logarithm of the number of rounds of hashing to apply. A byte array containing the hashed result.

Exception for signalling parse errors.

Default constructor.

Initializes a new instance of .

The message.

Initializes a new instance of .

The message. The inner exception.

Initializes a new instance of .

The information. The context.