abstract

package
Version: v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 12, 2020 License: BSD-3-Clause Imports: 2 Imported by: 0

Documentation

Overview

Package abstract contains the abstract description of the Scheme interface, plus supporting error definitions.

Index

Constants

This section is empty.

Variables

View Source
var ErrInvalidPassword = fmt.Errorf("invalid password")

Indicates that password verification failed because the provided password does not match the provided hash.

View Source
var ErrUnsupportedScheme = fmt.Errorf("unsupported scheme")

Indicates that password verification is not possible because the hashing scheme used by the hash provided is not supported.

Functions

func SecureCompare

func SecureCompare(a, b string) bool

Compares two strings (typicaly password hashes) in a secure, constant-time fashion. Returns true iff they are equal.

Types

type Scheme

type Scheme interface {
	// Hashes a plaintext UTF-8 password using a modular crypt stub. Returns the
	// hashed password in modular crypt format.
	//
	// A modular crypt stub is a prefix of a hash in modular crypt format which
	// expresses all necessary configuration information, such as salt and
	// iteration count. For example, for sha256-crypt, a valid stub would be:
	//
	//     $5$rounds=6000$salt
	//
	// A full modular crypt hash may also be passed as the stub, in which case
	// the hash is ignored.
	Hash(password string) (string, error)

	// Verifies a plaintext UTF-8 password using a modular crypt hash.  Returns
	// an error if the inputs are malformed or the password does not match.
	Verify(password, hash string) (err error)

	// Returns true iff this crypter supports the given stub.
	SupportsStub(stub string) bool

	// Returns true iff this stub needs an update.
	NeedsUpdate(stub string) bool
}

The Scheme interface provides an abstract interface to an implementation of a particular password hashing scheme. The Scheme generates password hashes from passwords, verifies passwords using password hashes, randomly generates new stubs and can determines whether it recognises a given stub or hash. It may also decide to issue upgrades.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL