safepass

Facilities for the safe storage of user passwords
README

Overview

OCaml-safepass is a library offering facilities for the safe storage of
user passwords. By "safe" we mean that passwords are salted and hashed
using the Bcrypt algorithm. Salting prevents rainbow-table based
attacks
, whereas hashing by a very time-consuming algorithm such as
Bcrypt renders brute-force password cracking impractical.

OCaml-safepass's obvious usage domain are web applications, though it does not
depend on any particular framework. Internally, OCaml-safepass binds to the C
routines from Openwall's Crypt_blowfish. However, it would be
incorrect to describe OCaml-safepass as an OCaml binding to Crypt_blowfish,
because the API it exposes is higher-level and more compact than that offered
by Crypt_blowfish. Moreover, OCaml-safepass's API takes advantage of OCaml's
type-system to make usage mistakes nearly impossible.

Dependencies

OCaml-safepass has no external dependencies. Note that it bundles
the Public Domain licensed crypt_blowfish.h and crypt_blowfish.c
C modules from Openwall's Crypt_blowfish.

Building and installing

OCaml-safepass is available in OPAM, which is the recommended installation
method. If you wish to compile it yourself manually, note that the build system
uses Dune. You can use the customary make to build OCaml-safepass, and
make doc to generate the API documentation.

License

OCaml-safepass is distributed under the terms of the GNU LGPL version 2.1 with
the usual OCaml linking exception. See LICENSE file for full license text.

Install
Published
20 Mar 2021
Sources
v3.1.tar.gz
md5=e4dd243aa94c6895158f117ea6b4dbe3
sha512=87eef5f9c39067c9581cca56cdc7dec7d3e412c8ec0474a7dc6150ef9dc76aebfd791cfc3dc0256a887fa24f78be9c82d452743f1152b1635fbc555487c50327
Dependencies
dune
>= "2.0"
ocaml
>= "4.02"
Reverse Dependencies
links
>= "0.7.2"
sihl
< "0.2.0" | >= "0.3.0~rc2"