simple-scrypt: Index | Examples | Files

package scrypt

import ""

Package scrypt provides a convenience wrapper around Go's existing scrypt package that makes it easier to securely derive strong keys from weak inputs (i.e. user passwords). The package provides password generation, constant-time comparison and parameter upgrading for scrypt derived keys.



Package Files



var DefaultParams = Params{N: 16384, R: 8, P: 1, SaltLen: 16, DKLen: 32}

DefaultParams provides sensible default inputs into the scrypt function for interactive use (i.e. web applications). These defaults will consume approxmiately 16MB of memory (128 * r * N). The default key length is 256 bits.

var ErrInvalidHash = errors.New("scrypt: the provided hash is not in the correct format")

ErrInvalidHash is returned when failing to parse a provided scrypt hash and/or parameters.

var ErrInvalidParams = errors.New("scrypt: the parameters provided are invalid")

ErrInvalidParams is returned when the cost parameters (N, r, p), salt length or derived key length are invalid.

var ErrMismatchedHashAndPassword = errors.New("scrypt: the hashed password does not match the hash of the given password")

ErrMismatchedHashAndPassword is returned when a password (hashed) and given hash do not match.

func CompareHashAndPassword Uses

func CompareHashAndPassword(hash []byte, password []byte) error

CompareHashAndPassword compares a derived key with the possible cleartext equivalent. The parameters used in the provided derived key are used. The comparison performed by this function is constant-time. It returns nil on success, and an error if the derived keys do not match.

func GenerateFromPassword Uses

func GenerateFromPassword(password []byte, params Params) ([]byte, error)

GenerateFromPassword returns the derived key of the password using the parameters provided. The parameters are prepended to the derived key and separated by the "$" character (0x24). If the parameters provided are less than the minimum acceptable values, an error will be returned.

func GenerateRandomBytes Uses

func GenerateRandomBytes(n int) ([]byte, error)

GenerateRandomBytes returns securely generated random bytes. It will return an error if the system's secure random number generator fails to function correctly, in which case the caller should not continue.

type Params Uses

type Params struct {
    N       int // CPU/memory cost parameter (logN)
    R       int // block size parameter (octets)
    P       int // parallelisation parameter (positive int)
    SaltLen int // bytes to use as salt (octets)
    DKLen   int // length of the derived key (octets)

Params describes the input parameters to the scrypt key derivation function as per Colin Percival's scrypt paper:

func Calibrate Uses

func Calibrate(timeout time.Duration, memMiBytes int, params Params) (Params, error)

Calibrate returns the hardest parameters, allowed by the given limits. The returned params will not use more memory than the given (MiB); will not take more time than the given timeout, but more than timeout/2.

The default timeout (when the timeout arg is zero) is 200ms.
The default memMiBytes (when memMiBytes is zero) is 16MiB.
The default parameters (when params == Params{}) is DefaultParams.


p, err := Calibrate(1*time.Second, 128, Params{})
if err != nil {
dk, err := GenerateFromPassword([]byte("super-secret-password"), p)
fmt.Printf("generated password is %q (%v)", dk, err)

func Cost Uses

func Cost(hash []byte) (Params, error)

Cost returns the scrypt parameters used to generate the derived key. This allows a package user to increase the cost (in time & resources) used as computational performance increases over time.

func (*Params) Check Uses

func (p *Params) Check() error

Check checks that the parameters are valid for input into the scrypt key derivation function.

Package scrypt imports 9 packages (graph) and is imported by 14 packages. Updated 2018-06-07. Refresh now. Tools for package owners.