| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 |
- // Copyright (c) 2012-2014 Jeremy Latt
- // released under the MIT license
-
- package passwd
-
- import (
- "encoding/base64"
- "errors"
-
- "golang.org/x/crypto/bcrypt"
- )
-
- var (
- // ErrEmptyPassword means that an empty password was given.
- ErrEmptyPassword = errors.New("empty password")
- )
-
- // GenerateEncodedPasswordBytes returns an encrypted password, returning the bytes directly.
- func GenerateEncodedPasswordBytes(passwd string) (encoded []byte, err error) {
- if passwd == "" {
- err = ErrEmptyPassword
- return
- }
- encoded, err = bcrypt.GenerateFromPassword([]byte(passwd), bcrypt.MinCost)
- return
- }
-
- // GenerateEncodedPassword returns an encrypted password, encoded into a string with base64.
- func GenerateEncodedPassword(passwd string) (encoded string, err error) {
- bcrypted, err := GenerateEncodedPasswordBytes(passwd)
- encoded = base64.StdEncoding.EncodeToString(bcrypted)
- return
- }
-
- // DecodePasswordHash takes a base64-encoded password hash and returns the appropriate bytes.
- func DecodePasswordHash(encoded string) (decoded []byte, err error) {
- if encoded == "" {
- err = ErrEmptyPassword
- return
- }
- decoded, err = base64.StdEncoding.DecodeString(encoded)
- return
- }
-
- // ComparePassword compares a given password with the given hash.
- func ComparePassword(hash, password []byte) error {
- return bcrypt.CompareHashAndPassword(hash, password)
- }
-
- // ComparePasswordString compares a given password string with the given hash.
- func ComparePasswordString(hash []byte, password string) error {
- return ComparePassword(hash, []byte(password))
- }
|
