mirror
/
oragono
zrcadlo https://github.com/oragono/oragono
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Vydání 69 Wiki Aktivita
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
729 Revize
21 Větve
Strom: 317a804644
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „317a804644“
${ noResults }
oragono/irc/password_salted.go

password_salted.go 2.0KB
Historie Surový

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 
  1. // Copyright (c) 2016 Daniel Oaks <daniel@danieloaks.net>

  2. // released under the MIT license

  3. 

  4. package irc

  5. 

  6. import (

  7. 	"crypto/rand"

  8. 

  9. 	"golang.org/x/crypto/bcrypt"

  10. )

  11. 

  12. const newSaltLen = 30

  13. const defaultPasswordCost = 14

  14. 

  15. // NewSalt returns a salt for crypto uses.

  16. func NewSalt() ([]byte, error) {

  17. 	salt := make([]byte, newSaltLen)

  18. 	_, err := rand.Read(salt)

  19. 

  20. 	if err != nil {

  21. 		var emptySalt []byte

  22. 		return emptySalt, err

  23. 	}

  24. 

  25. 	return salt, nil

  26. }

  27. 

  28. // PasswordManager supports the hashing and comparing of passwords with the given salt.

  29. type PasswordManager struct {

  30. 	salt []byte

  31. }

  32. 

  33. // NewPasswordManager returns a new PasswordManager with the given salt.

  34. func NewPasswordManager(salt []byte) PasswordManager {

  35. 	var pwm PasswordManager

  36. 	pwm.salt = salt

  37. 	return pwm

  38. }

  39. 

  40. // assemblePassword returns an assembled slice of bytes for the given password details.

  41. func (pwm *PasswordManager) assemblePassword(specialSalt []byte, password string) []byte {

  42. 	var assembledPasswordBytes []byte

  43. 	assembledPasswordBytes = append(assembledPasswordBytes, pwm.salt...)

  44. 	assembledPasswordBytes = append(assembledPasswordBytes, '-')

  45. 	assembledPasswordBytes = append(assembledPasswordBytes, specialSalt...)

  46. 	assembledPasswordBytes = append(assembledPasswordBytes, '-')

  47. 	assembledPasswordBytes = append(assembledPasswordBytes, []byte(password)...)

  48. 	return assembledPasswordBytes

  49. }

  50. 

  51. // GenerateFromPassword encrypts the given password.

  52. func (pwm *PasswordManager) GenerateFromPassword(specialSalt []byte, password string) ([]byte, error) {

  53. 	assembledPasswordBytes := pwm.assemblePassword(specialSalt, password)

  54. 	return bcrypt.GenerateFromPassword(assembledPasswordBytes, defaultPasswordCost)

  55. }

  56. 

  57. // CompareHashAndPassword compares a hashed password with its possible plaintext equivalent.

  58. // Returns nil on success, or an error on failure.

  59. func (pwm *PasswordManager) CompareHashAndPassword(hashedPassword []byte, specialSalt []byte, password string) error {

  60. 	assembledPasswordBytes := pwm.assemblePassword(specialSalt, password)

  61. 	return bcrypt.CompareHashAndPassword(hashedPassword, assembledPasswordBytes)

  62. }