pwhash

package
v0.0.0-...-835eb37 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 5, 2021 License: MIT Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrHashTooLong = errors.New("uciph/cutil/pwhash: Given hash is too long and can't be encoded with uciph's PWHash format")
View Source 
var ErrSaltTooLong = errors.New("uciph/cutil/pwhash: Given salt is too long and can't be encoded with uciph's PWHash format")

Functions

func Argon2ID 

func Argon2ID(commonOptions Options, a2options Argon2Options) (h Hasher, v Verifier)

Argon2ID creates Argon2 hasher and verifier for givne options

Types

type Argon2Options 

type Argon2Options struct {
	Memory  uint32
	Threads uint8
	Time    uint32
	KeyLen  uint32
}

Argon2Options represents Argon2 specific options.

type HashVersion 

type HashVersion = uint64

HashVersion is hasher identifier used for hash versioning.

type HashVersionMismatchError 

type HashVersionMismatchError struct {
	CurrentVersion HashVersion
	GivenVersion   HashVersion
}

HashVersionMismatchError is returned when PWHash version does not match one in hash.

func (*HashVersionMismatchError) Error 

func (e *HashVersionMismatchError) Error() string

type Hasher 

type Hasher = func(password []byte) (hash PWHash, err error)

Hasher is function-based hasher, which is able to hash passwords.

type NoVerifierMatchedError 

type NoVerifierMatchedError struct {
	Version HashVersion
}

NoVerifierMatchedError is returned, when no verifier could be matched in given VerifierChain.

func (*NoVerifierMatchedError) Error 

func (e *NoVerifierMatchedError) Error() string

type Options 

type Options struct {
	HashVersion HashVersion

	SaltSize int
	SaltRNG  rand.RNG

	// Like salt, but stored outside DB and same for all users.
	// It's prepended to each password.
	// It should be long enough not to be brute-forceable.
	Pepper []byte
}

type PWHash 

type PWHash struct {
	Version uint64 `json:"version,omitempty"`
	Hash    []byte `json:"hash"`
	Salt    []byte `json:"salt"`
}

PWHash represents password hash with additonal options, useful for password hashing.

func (*PWHash) DecodeBytes 

func (h *PWHash) DecodeBytes(bb []byte) (err error)

DecodeBytes decodes given bytes to PWHash it's called on. These bytes should be created with PWHash.EncodeToBytes.

func (*PWHash) DecodeString 

func (h *PWHash) DecodeString(bb string) (err error)

DecodeString decodes PWHash encoded with PWHash.EncodeToString.

func (*PWHash) EncodeToBytes 

func (h *PWHash) EncodeToBytes() (dst []byte, err error)

EncodeToBytes encodes this password hash to bytes. Password hash encoded this way may be decoded later.

func (*PWHash) EncodeToString 

func (h *PWHash) EncodeToString() (res string, err error)

EncodeToString encodes this PWHash to string.

type PWHashDecodeError 

type PWHashDecodeError struct {
	Err error
}

func (*PWHashDecodeError) Error 

func (err *PWHashDecodeError) Error() string

func (*PWHashDecodeError) Unwrap 

func (err *PWHashDecodeError) Unwrap() error

type Verifier 

type Verifier = func(password []byte, hash PWHash) (equal bool, err error)

Verifier verifies hashes produced by PasswordHasher.

func VerifierChain 

func VerifierChain(
	verifiers ...Verifier,
) Verifier

VerifierChain creates verifier, which ingores HashVersionMismatchError and goes to next vefifier if such error occurrs.

Used for password versioning.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.