mirror of
https://gogs.blitter.com/RLabs/xs
synced 2024-08-14 10:26:42 +00:00
FreeBSD 12 support (NOTE: xc not yet functional)
Signed-off-by: Russ Magee <rmagee@gmail.com>
This commit is contained in:
Russ Magee
parent
09c2408c06
commit
cba36b66f1
891 changed files with 351 additions and 304834 deletions
94
vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/pbkdf2.go
generated
vendored
94
vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/pbkdf2.go
generated
vendored
|
|
@ -1,94 +0,0 @@
|
|||
// Package pbkdf2 implements a modular crypt format for PBKDF2-SHA1,
|
||||
// PBKDF2-SHA256 and PBKDF-SHA512.
|
||||
//
|
||||
// The format is the same as that used by Python's passlib and is compatible.
|
||||
package pbkdf2
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"crypto/sha1"
|
||||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"fmt"
|
||||
"gopkg.in/hlandau/passlib.v1/abstract"
|
||||
"gopkg.in/hlandau/passlib.v1/hash/pbkdf2/raw"
|
||||
"hash"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// An implementation of Scheme implementing a number of PBKDF2 modular crypt
|
||||
// formats used by Python's passlib ($pbkdf2$, $pbkdf2-sha256$,
|
||||
// $pbkdf2-sha512$).
|
||||
//
|
||||
// Uses RecommendedRounds.
|
||||
//
|
||||
// WARNING: SHA1 should not be used for new applications under any
|
||||
// circumstances. It should be used for legacy compatibility only.
|
||||
var SHA1Crypter abstract.Scheme
|
||||
var SHA256Crypter abstract.Scheme
|
||||
var SHA512Crypter abstract.Scheme
|
||||
|
||||
const (
|
||||
RecommendedRoundsSHA1 = 131000
|
||||
RecommendedRoundsSHA256 = 29000
|
||||
RecommendedRoundsSHA512 = 25000
|
||||
)
|
||||
|
||||
const SaltLength = 16
|
||||
|
||||
func init() {
|
||||
SHA1Crypter = New("$pbkdf2$", sha1.New, RecommendedRoundsSHA1)
|
||||
SHA256Crypter = New("$pbkdf2-sha256$", sha256.New, RecommendedRoundsSHA256)
|
||||
SHA512Crypter = New("$pbkdf2-sha512$", sha512.New, RecommendedRoundsSHA512)
|
||||
}
|
||||
|
||||
type scheme struct {
|
||||
Ident string
|
||||
HashFunc func() hash.Hash
|
||||
Rounds int
|
||||
}
|
||||
|
||||
func New(ident string, hf func() hash.Hash, rounds int) abstract.Scheme {
|
||||
return &scheme{
|
||||
Ident: ident,
|
||||
HashFunc: hf,
|
||||
Rounds: rounds,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *scheme) Hash(password string) (string, error) {
|
||||
salt := make([]byte, SaltLength)
|
||||
_, err := rand.Read(salt)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
hash := raw.Hash([]byte(password), salt, s.Rounds, s.HashFunc)
|
||||
|
||||
newHash := fmt.Sprintf("%s%d$%s$%s", s.Ident, s.Rounds, raw.Base64Encode(salt), hash)
|
||||
return newHash, nil
|
||||
}
|
||||
|
||||
func (s *scheme) Verify(password, stub string) (err error) {
|
||||
_, rounds, salt, oldHash, err := raw.Parse(stub)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
newHash := raw.Hash([]byte(password), salt, rounds, s.HashFunc)
|
||||
|
||||
if len(newHash) == 0 || !abstract.SecureCompare(oldHash, newHash) {
|
||||
err = abstract.ErrInvalidPassword
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func (s *scheme) SupportsStub(stub string) bool {
|
||||
return strings.HasPrefix(stub, s.Ident)
|
||||
}
|
||||
|
||||
func (s *scheme) NeedsUpdate(stub string) bool {
|
||||
_, rounds, salt, _, err := raw.Parse(stub)
|
||||
return err == raw.ErrInvalidRounds || rounds < s.Rounds || len(salt) < SaltLength
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue