passwordHash

package module
v0.2.1-0...-a70ad01 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2018 License: Unlicense Imports: 8 Imported by: 0

README

#passwordHash

Codeship Status

An easy to use wrapper around https://godoc.org/golang.org/x/crypto/scrypt

Extracted from a bigger application so this can be used by others if it helps.

This wrapper sets sensible defaults for use with the scrypt package, it also generates a cryptographically secure pseudorandom number for a per password salt using crypto/rand.

#defaults

Name Setting Description
defaultByteLength 64 used salt and password hash length
defaultR 16 number of rounds
defaultN 16384 CPU / Memory cost, needs to be power of 2

#Usage

package main
import (
	"fmt"

	"github.com/richardbowden/passwordHash"
)

func main() {
	mypass := "mypassword"
	fmt.Println("Test password=", mypass)
	hashToStore, _ := passwordHash.HashWithDefaults(mypass, mypass)

	valid := passwordHash.Validate(mypass, mypass, hashToStore)

	fmt.Printf("Password is valid=%v\n", valid)

	fmt.Println("Testing invalid password=no against passowrd=mypassword")
	valid = passwordHash.Validate("no", hashToStore)
	fmt.Printf("Password is not valid=%v\n", valid)
}

Documentation

Index

Constants

View Source 
const (
	// DefaultSaltByteLength is the default length (bytes) of a generated secure
	// random salt
	DefaultSaltByteLength = 64

	// DefaultKeyByteLength is the default length (bytes) of the hash that will be
	// generated
	DefaultKeyByteLength = 64

	// DefaultR is the number of rounds of hashing used to generated a hashed
	// password
	DefaultR = 16

	// DefaultN is a CPU/memory cost parameter which must be a power of two
	// greater than 1
	DefaultN = 16384
)

Variables

This section is empty.

Functions

func GenerateSalt 

func GenerateSalt(byteLength int) ([]byte, error)

GenerateSalt takes a byte size as an int, returns a secure random stirng to the size of byteSize.

See: https://golang.org/pkg/crypto/rand/

func Hash 

func Hash(p1 string, p2 string, r int, n int, saltByteLength int, keyByteLength int) (string, error)

Hash hashes p1 (password) using r (rounds), n (costParam) and a securely generated salt (see GenerateSalt func).

p1 and p2 are compared using ConstantTimeCompare, if no match, err is returned.

A string in the following format is returned r:n:keyLength:salt:hashedPassword

See Validate func for password validation

func HashWithDefaults 

func HashWithDefaults(pw1 string, pw2 string) (string, error)

HashWithDefaults is the same as Hash, but uses the default settings

default r (rounds) = 16 default N (cpu/ memory cost) = 16386 default h (hashByteSize) = 64 default s (saltByteSize) = 64

returns a string as: r:n:keyLength:salt:hashedPassword

func Validate 

func Validate(password string, hashPackage string) (bool, error)

Validate compares password against stored hash. password is the password as a string, hashPackage is the string that has been generated by HashWithDefaults or Hash functions

returns true or false

NOTE: If this func returns any errors, calling func should log there was an error decoding said password, dont log the password but just a ref to the user in question and investigate accordingly

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.