README
¶
Byte Packed Password
This library provides various functions to work with passwords packed into bytes.
Among them are functions:
- to pack symbols into bytes;
- to unpack symbols from bytes;
- to hash a password with salt into a key;
- to hash a password with salt and compare it with another key;
- to generate a random salt for a password.
Hashing algorithm is Argon2 in general and Argon2id in particular.
Settings of hashing are hard-coded into the library.
Argon2 algorithm was selected as the winner of the 2015 Password Hashing
Competition.
Allowed ASCII symbols
Allowed password symbols include all 64 symbols of the range from 0x20 (32, White Space) to 0x5F (95, Low Line).
Passwords may contain following ASCII symbols:
- 10 number symbols from
0to9; - 26 capital latin letters from
AtoZ; - 28 special symbols.
28 allowed special (i.e. non-alphanumeric) symbols are listed below:
| Symbol | Description |
|---|---|
| White Space | |
| ! | Exclamation mark |
| " | Quotation mark |
| # | Number sign |
| $ | Dollar sign |
| % | Percent sign |
| & | Ampersand |
| ' | Apostrophe |
| ( | Left parenthesis |
| ) | Right parenthesis |
| * | Asterisk |
| + | Plus sign |
| , | Comma |
| - | Hyphen-minus |
| . | Full stop or period |
| / | Solidus or Slash |
| : | Colon |
| ; | Semicolon |
| < | Less-than sign |
| = | Equal sign |
| > | Greater-than sign |
| ? | Question mark |
| @ | At sign or Commercial at |
| [ | Left Square Bracket |
| \ | Backslash |
| ] | Right Square Bracket |
| ^ | Circumflex accent |
| _ | Low line |
Password length must be a multiple of four due to technical limitations.
Minimal password length is 16 symbols.
More information about ASCII can be found in the Internet:
https://en.wikipedia.org/wiki/ASCII
Basic latin segment of the Unicode is described here:
https://en.wikipedia.org/wiki/Basic_Latin_(Unicode_block)
Configuration
This library uses constant settings while the Argon 2 algorithm is highly
dependent on all the settings.
The used settings are following.
| Setting | Value |
|---|---|
| Memory usage | 8 MiB, i.e. 8192 Kibibytes |
| Threads | 1 |
| Iterations (passes) | 8 |
| Salt length | 1024 |
| Key length | 1024 |
Documentation
¶
Index ¶
- Constants
- func CheckHashKey(pwd string, salt []byte, key []byte) (ok bool, err error)
- func GenerateRandomSalt() (salt []byte, err error)
- func IsPasswordAllowed(pwd string) (ok bool, err error)
- func MakeHashKey(pwd string, salt []byte) (key []byte, err error)
- func PackSymbols(symbols []rune) (ba []byte, err error)
- func UnpackBytes(ba []byte) (symbols []rune, err error)
Constants ¶
const ( ErrSymbolsCountIsNotMultipleOfFour = "number of symbols must be a multiple of four" ErrSymbolsCountTooShort = "too short" ErrSymbolIsForbidden = "symbol is forbidden: %s" ErrBytesCount = "number of bytes must be a multiple of three" ErrSaltLengthError = "salt length error" ErrRandomizer = "randomizer is broken" )
const ( FirstSymbol = ' ' // White Space. LastSymbol = '_' // Low Line. MinAllowedSymbol = FirstSymbol MaxAllowedSymbol = LastSymbol MinPasswordLength = 16 SaltLengthRequired = 1024 )
const ( Argon2Iterations = 8 Argon2Memory = 8 * 1024 // 8 MiB. Argon2Threads = 1 Argon2KeyLength = 1024 )
Variables ¶
This section is empty.
Functions ¶
func CheckHashKey ¶
CheckHashKey hashes the password and salt and compares it with another key.
func GenerateRandomSalt ¶
GenerateRandomSalt creates a random salt which may be used for hashing.
func IsPasswordAllowed ¶
IsPasswordAllowed checks if the specified password is allowed.
func MakeHashKey ¶
MakeHashKey hashes the password and its salt.
func PackSymbols ¶
PackSymbols packs each quad of symbols into three bytes.
func UnpackBytes ¶
UnpackBytes unpacks each triplet of bytes into four symbols.
Types ¶
This section is empty.
Source Files