Documentation ¶
Overview ¶
Package pbkdf2 implements a password encoding mechanism for the mcf framework
Index ¶
Constants ¶
const ( DefaultIterations = 2000 DefaultSaltLen = 16 DefaultPrf = SHA1 )
Default values. These are exported for documentation purposes. See GetConfig() and SetConfig() on how to change them.
Variables ¶
var DefaultKeyLen = DefaultPrf.Size()
This value is exported for documentation purposes. See GetConfig() and SetConfig() on how to change it. Defined as a var to allow for non constant initialization.
var SaltMine mcf.SaltMiner = nil
SaltMine is a custom source of salt, which is normally unset. Change this to override the use of rand.Reader if you need to use a custom salt producer.
Functions ¶
func SetConfig ¶
SetConfig establishes a new default configuration for this algorithm. It is only necessary to set the configuration if this algorithm is the default algorithm. To change a configuration, Get a copy of the configuration
config := pbkdf2.GetConfig()
Change as necessary
config.Iterations *= 1.5 // increase iterations by 50% config.Hash = pbkdf2.SHA256 // change hmac config.KeyLen= pbkdf2.SHA256.Size()
then set
err := pbkdf2.SetConfig(config) // error handling elided
Types ¶
type Config ¶
type Config struct { // The Pseudo Random Function (prf) used by the PBKDF2 algorithm. // When this value is changed, KeyLen will most likely need to change as well // since hash functions generally produce output of differing lengths. Hash Hash // Number of iteration rounds in the PBKDF2 algorithm. // The RFC recommends at least 1000 Iterations int // Length of key produced by algorithm in bytes. // Defaults to the output length of the HMAC Hash. KeyLen int // Size of salt in bytes. // The RFC recommends at least 8 bytes. SaltLen int }
Config contains the parameters for the PBKDF2 algorithm along with associated values.
func GetConfig ¶
func GetConfig() Config
Returns the default configuration. To change default values, pass the modified output of GetConfig() to SetConfig(). See SetConfig() for an example.
func (*Config) AtLeast ¶
func (c *Config) AtLeast(current_imp bridge.Implementer) bool
AtLeast compares the parameters for an encoded password to the current configuration and returns true if the encoded password configuration has the same or longer configuration parameter values.
func (*Config) Key ¶
Key generates a PBKDF2 digest from the password, salt and iteration count, using the Hash as a pseudorandom function.
type ErrInvalidHash ¶
type ErrInvalidHash struct {
Hash Hash
}
ErrInvalidHash is returned when an invalid Hash is encountered. The name of the hash is printed in the Error() string and is also exported.
func (*ErrInvalidHash) Error ¶
func (e *ErrInvalidHash) Error() string
ErrInvalidHash implements the Error interface.