Documentation
¶
Index ¶
Constants ¶
View Source
const ( IterationsMin = 20000 IterationsMax = 40000 )
Variables ¶
This section is empty.
Functions ¶
func VerifyPasswordHash ¶
func VerifyPasswordHash(plaintext string, ph *PasswordHash) (bool, error)
VerifyPasswordHash verifies a salted SHA-512 PBKDF2 key derived from plaintext against ph. A return value of true indicates they match, false otherwise.
Types ¶
type PasswordHash ¶
type PasswordHash struct {
// A dictionary that contains the `entropy`, `iterations`, and `salt` elements to create the password hash using the CommonCrypto libraries, or equivalent. Convert this dictionary to binary data before setting it as the value for the password hash.
SALTEDSHA512PBKDF2 SALTEDSHA512PBKDF2 `plist:"SALTED-SHA512-PBKDF2"`
}
A dictionary that contains the password hash for the account.
func HashPassword ¶
func HashPassword(randReader io.Reader, plaintext string) (*PasswordHash, error)
HashPassword derives a salted SHA-512 PBKDF2 key from plaintext. The struct returned is ready to be marshalled into an Apple Property List. Ostensibly for the `AccountConfiguration` and/or `SetAutoAdminPassword` MDM commands.
type SALTEDSHA512PBKDF2 ¶
type SALTEDSHA512PBKDF2 struct {
// The derived key from the password hash; for example, from `CCKeyDerivationPBKDF()`.
Entropy []byte `plist:"entropy"`
// The number of iterations; for example, from `CCCalibratePBKDF()` using a minimum hash time of 100 milliseconds, or if unknown, a number in the range of 20,000 to 40,000 iterations.
Iterations int64 `plist:"iterations"`
// The 32-byte randomized data; for example, from `CCRandomCopyBytes()`.
Salt []byte `plist:"salt"`
}
A dictionary that contains the `entropy`, `iterations`, and `salt` elements to create the password hash using the CommonCrypto libraries, or equivalent. Convert this dictionary to binary data before setting it as the value for the password hash.
Source Files
Click to show internal directories.
Click to hide internal directories.