pasap

package module
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 21, 2020 License: MIT Imports: 8 Imported by: 1

README

pasap

GoDoc Build Status Go Report Card Coverage Status

Package pasap provides a way to derive fixed length cryptographically secure secret key from password using different key derivation algorithm, provides an encoded string and verify the password against the encoded string

Usage

➜ go get github.com/mkawserm/pasap

package main

import "fmt"
import "github.com/mkawserm/pasap"

func main()  {
	a := pasap.NewArgon2idHasher()
	ec := &pasap.ByteBasedEncoderCredentials{
		Salt:     []byte("123456789"),
		Password: []byte("pass"),
	}
	secretKey, encodedKey, err := a.Encode(ec)

	if err != nil {
		panic(err)
	}

	fmt.Printf("Secret key: %v\n", secretKey)
	fmt.Printf("Encoded key: %v\n", encodedKey)

	vc := &pasap.ByteBasedVerifierCredentials{
		Password:   []byte("pass"),
		EncodedKey: encodedKey,
	}
	_, ok, err := a.Verify(vc)
	if err != nil {
		panic(err)
	}

	if ok {
		fmt.Println("Valid password")
	}
}

Documentation

Overview

Package pasap provides a way to derive fixed length cryptographically secure secret key from password using different key derivation algorithm, provides an encoded string and verify the password against the encoded string

By Md Kawser Munshi

Index

Examples

Constants

This section is empty.

Variables

View Source 
var (
	// ErrHashComponentUnreadable occurs when unreadable component in hashed password
	ErrHashComponentUnreadable = errors.New("pasap: unreadable component in hashed password")

	// ErrHashComponentMismatch occurs when hashed password components does not match
	ErrHashComponentMismatch = errors.New("pasap: hashed password components mismatch")

	// ErrAlgorithmMismatch occurs when algorithm does not match
	ErrAlgorithmMismatch = errors.New("pasap: algorithm mismatch")

	// ErrIncompatibleVersion occurs when version in to compatible
	ErrIncompatibleVersion = errors.New("pasap: incompatible version")

	// ErrInvalidData occurs when given data is not valid, normally for
	// salt, password and encoded key
	ErrInvalidData = errors.New("pasap: invalid data")
)

Functions

func GetSalt 

func GetSalt(length int, reader io.Reader) []byte

GetSalt receives salt from the reader

Types

type AlgorithmName 

type AlgorithmName interface {
	Name() string
}

AlgorithmName basic interface

type AlgorithmParameters added in v0.4.0 

type AlgorithmParameters interface {
	Parameters() string
}

AlgorithmParameters basic interface

type AlgorithmVersion added in v0.4.0 

type AlgorithmVersion interface {
	Version() int
}

AlgorithmVersion basic interface

type Argon2idHasher 

type Argon2idHasher struct {
	// Defines the amount of computation time, given in number of iterations.
	Time uint32
	// Defines the memory usage (KiB).
	Memory uint32
	// Defines the number of parallel threads.
	Threads uint8
	// Defines the length of the hash in bytes.
	Length uint32
}

Argon2idHasher uses argon2id password hashing algorithm to generate secret key and verify encoded key

func NewArgon2idHasher 

func NewArgon2idHasher() *Argon2idHasher

NewArgon2idHasher returns a new Argon2idHasher instance

Example 
package main

import (
	"fmt"
	"github.com/mkawserm/pasap"
)

func main() {
	a := pasap.NewArgon2idHasher()
	ec := &pasap.ByteBasedEncoderCredentials{
		Salt:     []byte("123456789"),
		Password: []byte("pass"),
	}
	secretKey, encodedKey, err := a.Encode(ec)

	if err != nil {
		panic(err)
	}

	fmt.Printf("Secret key: %v\n", secretKey)
	fmt.Printf("Encoded key: %v\n", encodedKey)

	vc := &pasap.ByteBasedVerifierCredentials{
		Password:   []byte("pass"),
		EncodedKey: encodedKey,
	}
	_, ok, err := a.Verify(vc)
	if err != nil {
		panic(err)
	}

	if ok {
		fmt.Println("Valid password")
	}
}

Output:

func (*Argon2idHasher) Encode 

func (a *Argon2idHasher) Encode(encoderCredentials EncoderCredentialsReader) (secretKey, encodedKey []byte, err error)

Encode the password using argon2.IDKey algorithm

func (*Argon2idHasher) Name 

func (a *Argon2idHasher) Name() string

Name returns Argon2idHasher name

func (*Argon2idHasher) Parameters added in v0.4.0 

func (a *Argon2idHasher) Parameters() string

Parameters returns current active parameters

func (*Argon2idHasher) Verify 

func (a *Argon2idHasher) Verify(verifierCredentials VerifierCredentialsReader) (secretKey []byte, ok bool, err error)

Verify the password against the encoded key

func (*Argon2idHasher) Version added in v0.4.0 

func (a *Argon2idHasher) Version() int

Version returns Algorithm version

type ByteBasedEncoderCredentials added in v0.3.0 

type ByteBasedEncoderCredentials struct {
	Salt     []byte
	Password []byte
}

ByteBasedEncoderCredentials implements EncoderCredentials

func (*ByteBasedEncoderCredentials) ReadPassword added in v0.3.0 

func (b *ByteBasedEncoderCredentials) ReadPassword() (password []byte, err error)

ReadPassword from the given bytes

func (*ByteBasedEncoderCredentials) ReadSalt added in v0.3.0 

func (b *ByteBasedEncoderCredentials) ReadSalt() (salt []byte, err error)

ReadSalt from the given bytes

func (*ByteBasedEncoderCredentials) SetPassword added in v0.4.0 

func (b *ByteBasedEncoderCredentials) SetPassword(password []byte) error

SetPassword updates internal password data

func (*ByteBasedEncoderCredentials) SetSalt added in v0.4.0 

func (b *ByteBasedEncoderCredentials) SetSalt(salt []byte) error

SetSalt updates internal salt data

type ByteBasedVerifierCredentials added in v0.3.0 

type ByteBasedVerifierCredentials struct {
	Password   []byte
	EncodedKey []byte
}

ByteBasedVerifierCredentials implements VerifierCredentials

func (*ByteBasedVerifierCredentials) ReadEncodedKey added in v0.3.0 

func (b *ByteBasedVerifierCredentials) ReadEncodedKey() (encodedKey []byte, err error)

ReadEncodedKey from the given bytes

func (*ByteBasedVerifierCredentials) ReadPassword added in v0.3.0 

func (b *ByteBasedVerifierCredentials) ReadPassword() (password []byte, err error)

ReadPassword from the given bytes

func (*ByteBasedVerifierCredentials) SetEncodedKey added in v0.4.0 

func (b *ByteBasedVerifierCredentials) SetEncodedKey(encodedKey []byte) error

SetEncodedKey updates internal encoded key data

func (*ByteBasedVerifierCredentials) SetPassword added in v0.4.0 

func (b *ByteBasedVerifierCredentials) SetPassword(password []byte) error

SetPassword updates internal password data

type EncoderCredentialsRW added in v0.4.0 

type EncoderCredentialsRW interface {
	EncoderCredentialsReader
	EncoderCredentialsWriter
}

EncoderCredentialsRW interface combines together EncoderCredentialsReader and EncoderCredentialsWriter

type EncoderCredentialsReader added in v0.4.0 

type EncoderCredentialsReader interface {
	ReadSalt() (salt []byte, err error)
	ReadPassword() (password []byte, err error)
}

EncoderCredentialsReader interface defines ReadSalt and ReadPassword methods

type EncoderCredentialsWriter added in v0.4.0 

type EncoderCredentialsWriter interface {
	SetSalt(salt []byte) error
	SetPassword(password []byte) error
}

EncoderCredentialsWriter interface defines SetSalt and SetPassword methods

type PasswordEncoder 

type PasswordEncoder interface {
	Encode(encoderCredentials EncoderCredentialsReader) (secretKey, encodedKey []byte, err error)
}

PasswordEncoder basic interface

type PasswordHasher 

type PasswordHasher interface {
	AlgorithmName
	AlgorithmVersion
	AlgorithmParameters
	PasswordEncoder
	PasswordVerifier
}

PasswordHasher basic interface

type PasswordVerifier 

type PasswordVerifier interface {
	Verify(verifierCredentials VerifierCredentialsReader) (secretKey []byte, ok bool, err error)
}

PasswordVerifier basic interface

type VerifierCredentialsRW added in v0.4.0 

type VerifierCredentialsRW interface {
	VerifierCredentialsReader
	VerifierCredentialsWriter
}

VerifierCredentialsRW interface combines VerifierCredentialsReader and VerifierCredentialsWriter

type VerifierCredentialsReader added in v0.4.0 

type VerifierCredentialsReader interface {
	ReadPassword() (password []byte, err error)
	ReadEncodedKey() (encodedKey []byte, err error)
}

VerifierCredentialsReader interface defines ReadPassword and ReadEncodedKey methods

type VerifierCredentialsWriter added in v0.4.0 

type VerifierCredentialsWriter interface {
	SetPassword(password []byte) error
	SetEncodedKey(encodedKey []byte) error
}

VerifierCredentialsWriter interface defines SetPassword and SetEncodedKey methods

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.