xs/vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/pbkdf2.go
Russ Magee caac02a77b 1/2 Updated Makefile to allow VENDOR flag (adds -vendor to version string)
2/2 Added vendor/ dir to lock down dependent pkg versions.
The author of git.schwanenlied.me/yawning/{chacha20,newhope,kyber}.git has copied
their repos to gitlab.com/yawning/ but some imports of chacha20 from newhope still
inconsistently refer to git.schwanenlied.me/, breaking build.
Licenses for chacha20 also changed from CC0 to AGPL, which may or may not be an
issue. Until the two aforementioned issues are resolved, locking to last-good
versions is probably the best way forward for now.

To build with vendored deps, use make VENDOR=1 clean all
2020-01-29 13:55:38 -08:00

94 lines
2.3 KiB
Go

// Package pbkdf2 implements a modular crypt format for PBKDF2-SHA1,
// PBKDF2-SHA256 and PBKDF-SHA512.
//
// The format is the same as that used by Python's passlib and is compatible.
package pbkdf2
import (
"crypto/rand"
"crypto/sha1"
"crypto/sha256"
"crypto/sha512"
"fmt"
"gopkg.in/hlandau/passlib.v1/abstract"
"gopkg.in/hlandau/passlib.v1/hash/pbkdf2/raw"
"hash"
"strings"
)
// An implementation of Scheme implementing a number of PBKDF2 modular crypt
// formats used by Python's passlib ($pbkdf2$, $pbkdf2-sha256$,
// $pbkdf2-sha512$).
//
// Uses RecommendedRounds.
//
// WARNING: SHA1 should not be used for new applications under any
// circumstances. It should be used for legacy compatibility only.
var SHA1Crypter abstract.Scheme
var SHA256Crypter abstract.Scheme
var SHA512Crypter abstract.Scheme
const (
RecommendedRoundsSHA1 = 131000
RecommendedRoundsSHA256 = 29000
RecommendedRoundsSHA512 = 25000
)
const SaltLength = 16
func init() {
SHA1Crypter = New("$pbkdf2$", sha1.New, RecommendedRoundsSHA1)
SHA256Crypter = New("$pbkdf2-sha256$", sha256.New, RecommendedRoundsSHA256)
SHA512Crypter = New("$pbkdf2-sha512$", sha512.New, RecommendedRoundsSHA512)
}
type scheme struct {
Ident string
HashFunc func() hash.Hash
Rounds int
}
func New(ident string, hf func() hash.Hash, rounds int) abstract.Scheme {
return &scheme{
Ident: ident,
HashFunc: hf,
Rounds: rounds,
}
}
func (s *scheme) Hash(password string) (string, error) {
salt := make([]byte, SaltLength)
_, err := rand.Read(salt)
if err != nil {
return "", err
}
hash := raw.Hash([]byte(password), salt, s.Rounds, s.HashFunc)
newHash := fmt.Sprintf("%s%d$%s$%s", s.Ident, s.Rounds, raw.Base64Encode(salt), hash)
return newHash, nil
}
func (s *scheme) Verify(password, stub string) (err error) {
_, rounds, salt, oldHash, err := raw.Parse(stub)
if err != nil {
return
}
newHash := raw.Hash([]byte(password), salt, rounds, s.HashFunc)
if len(newHash) == 0 || !abstract.SecureCompare(oldHash, newHash) {
err = abstract.ErrInvalidPassword
}
return
}
func (s *scheme) SupportsStub(stub string) bool {
return strings.HasPrefix(stub, s.Ident)
}
func (s *scheme) NeedsUpdate(stub string) bool {
_, rounds, salt, _, err := raw.Parse(stub)
return err == raw.ErrInvalidRounds || rounds < s.Rounds || len(salt) < SaltLength
}