generateSCryptHash

It is a salted password-hashing cryptographic function that takes an input and hashes it into a fixed size output.
NOTE: This function is less secure than BCrypt.

generateSCryptHash(plaintext,options); → returns string

This function requires Adobe ColdFusion 2021 and up. Not supported on Lucee, etc.

Argument Reference

plaintext string
Required

The input string to hash.

options struct
Default: `{"memorycost":8,"CpuCost":16348,"Parallel":1,"KeyLength":32,"saltLength":8}`

A struct containing the optional values:
- memorycost - Default is 8.
- CpuCost - CPU cost of the algorithm (as defined in scrypt, this is N) that must be a power of 2 and greater than 1. Default is currently 16,348 or 2^14.
- Parallel - the parallelization of the algorithm (as defined in scrypt, this is P). Default is currently 1.
- Keylength - key length for the algorithm (as defined in scrypt, this is dkLen). Default is currently 32.
- saltLength - length of the salt to use. Default is 8.

Links more information about generateSCryptHash

OWASP Password Storage Cheat Sheet - General advice from OWASP about how to work with passwords.
Using Password4j And The BCrypt, SCrypt, And Argon2 Password Hashing Algorithms In Lucee CFML 5.3.7.47 - Blog by Ben Nadel about using hashing algorithms.
Best practices for password hashing and storage - IETF info on password hashing best practices.
Hashing Passwords: One-Way Road to Security - Blog by Dan Arias on password hashing strategies.
scrypt - Wikipedia article about SCrypt.
CFPASSPhrase - Related project to help other engines utilize hashing functions.

Examples
Sample code invoking the generateSCryptHash function

Example of SCrypt Hashing - No Options

This is an example of using the function with no options.

secretMsg=generateSCryptHash("My voice is my passport. Verify me.");
writeOutput(secretMsg)

Expected Result: $e0801$BEJ9Ob8ZvoY=$LpQ79jMomeePrvBjcWRl3SrVf69962Ztn4WV/Sse4jg=

Example of SCrypt Hashing - With Options

This is an example of using the function with options specified.

secretMsg=generateBCryptHash("My voice is my passport. Verify me.",{"memorycost":4,"CpuCost":4096,"Parallel":1,"KeyLength":28,"saltLength":10});
writeOutput(secretMsg)

Expected Result: $c0401$6TTkF3GRLGrHAw==$NGPASIOKsgNLDOZPyTvn9rrSW3F+IkHLlPWevQ==

Signup for cfbreak to stay updated on the latest news from the ColdFusion / CFML community. One email, every friday.

Fork me on GitHub