I am planning to use Botan to generate Argon2 hashes and store the generated hashes and salt in a database as login info. For this, I need to be able to:
a- Get the salt from generated hash
b- Generate hash using an existing salt for password comparison
I wanted to test if I don’t need to do these things at all since Botan has an Argon2 password hash check function, but after trying the example below, I found out that it doesn’t work the way I wanted.
#include <iostream>
#include <string>
#include <botan/argon2.h>
#include <botan/system_rng.h>
int main() {
Botan::System_RNG rng;
std::string password = "cool_password";
std::string generated_hash = Botan::argon2_generate_pwhash(password.c_str(), password.length(), rng, 1, 4000, 1);
std::string other_hash = Botan::argon2_generate_pwhash(password.c_str(), password.length(), rng, 1, 4000, 1);
// prints false
std::cout << std::boolalpha << Botan::argon2_check_pwhash(other_hash.c_str(), other_hash.length(), generated_hash) << "n";
}
As far as I could find from Botan documents, there is no way of achieving these objects. What should I do? Should I get the salt from generated hash using some kind of regex? Or do I need a different library for my needs?
Source: Windows Questions C++