passwordhash

package

v0.0.0-...-7803903 Latest Latest Go to latest Published: May 11, 2013 License: MIT Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/dchest/passwordhash

Links

Open Source Insights

Documentation ¶

Overview ¶

Package passwordhash implements safe password hashing and comparison.

THIS PACKAGE IS DEPRECATED. SEE README.

Hashes are derived using PBKDF2-HMAC-SHA256 function with 100000 iterations (by default), 32-byte salt and 32-byte output.

This packaged is a fixed version of "passwordhash" which uses only 32 bytes of hash for comparison.

Note: you must not allow users to change parameters of PasswordHash, such as the number of iterations, directly. If a malicious user can change the number of iterations, he can set it too high, and it will lead to DoS.

Example usage:

ph := passwordhash.New("hello, world")
// Store ph somewhere...
// Later, when user provides a password:
if ph.EqualToPassword("hello, world") {
	// Password's okay, user authorized...
}

Index ¶

Constants
type PasswordHash
- func (ph *PasswordHash) EqualToPassword(password string) bool
- func (ph *PasswordHash) String() string

Constants ¶

View Source

const (
	// Default number of iterations for PBKDF2
	DefaultIterations = 100000
	// Default salt length
	SaltLen = 32
	// Default hash length. This length is also used for hash comparison
	// irregardless of the actual hash length.
	HashLen = 32
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type PasswordHash ¶

type PasswordHash struct {
	Iter int
	Salt []byte
	Hash []byte
}

PasswordHash stores hash, salt, and number of iterations.

func New ¶

func New(password string) *PasswordHash

New returns a new password hash derived from the provided password, a random salt, and the default number of iterations. The function causes runtime panic if it fails to get random salt.

func NewIter ¶

func NewIter(password string, iter int) *PasswordHash

NewIter returns a new password hash derived from the provided password, the number of iterations, and a random salt. The function causes runtime panic if it fails to get random salt.

func NewSaltIter ¶

func NewSaltIter(password string, salt []byte, iter int) *PasswordHash

NewSaltIter creates a new password hash from the provided password, salt, and the number of iterations.

func (*PasswordHash) EqualToPassword ¶

func (ph *PasswordHash) EqualToPassword(password string) bool

EqualToPassword returns true if the password hash was derived from the provided password. This function uses constant time comparison.

IMPORTANT: To work around the 2x speedup attack, this function compares only the first 32 bytes of the given password hash.

func (*PasswordHash) String ¶

func (ph *PasswordHash) String() string

String returns a string representation of the password hash.

Source Files ¶

View all Source files

passwordhash.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL