Botan tutorials or examples for creating the SHA-256 hash of a password

Question

I'm porting a portion of a .NET application to Qt on Linux. I am trying to replicate the results of a .NET function to create the SHA-256 hash of a password + salt. The .NET code is

return new SHA256Managed().ComputeHash(buffer);

Where buffer is the salt concatenated to the password.

I considered several crytopgraphic libraries including QCA and Botan and after reading several comments, I decided to try Botan. However, I'm not finding the right place in the documentation to perform the equivalent of the code listed above.

Can someone point me to the place in the fine manual or a tutorial that discusses the use of Botan to create a simple hash? I've been google searching for a couple hours without finding a solution. There are many example of SHA-256 hashing for pipes and streams but I have yet to find the example of a simple hash calculation.

Answer 1

I'm guessing you just need the documentation.

The code to do what you want is something like:

#include <vector>
#include <sha2_32.h>

using namespace Botan;

secure_vector<byte> somefunction(std::vector<byte> input) {
    SHA_256 sha;
    return sha.process(input);
}

As I mentioned in my comment, this is an incredibly insecure way to store passwords, so I'd recommend using bcrypt or PBKDF2 (both of which are implemented in Botan). PBKDF2 is part of the .NET standard library too, so there's really no excuse to use a general-purpose hash function instead of a secure password hashing function.

All you need for bcrypt is:

generate_bcrypt(password, random_number_generator, work_factor)