saltissimo

package module
v0.0.0-...-bb2d27d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 17, 2016 License: MIT Imports: 6 Imported by: 0

README

saltissimo

GoDoc Go Report Card
Easy generate, easy compare hash using pbkdf2.

Why developed?

Because, It was troublesome to write code for managing customers password for each service.
I adopted the safe pbkdf2 method as possible.

You have used HMAC, haven't you?

Yes. I changed it because there was a security problem.
See reddit.

Synopsis

func main() {
    gotFromForm := "password"
    // 1. Code to generate hash
    hash, key, err := saltissimo.HexHash(sha256.New, gotFromForm)
    if err != nil {
        panic(err)
    }
    // *Code to save some values

    // 2. Code to compare hash
    // *Code to retrieve the value from a database etc.
    // *Assume that it has already been substituted.
    isSame, err := saltissimo.CompareHexHash(sha256.New, gotFromForm, hash, key)
    if err != nil {
        panic(err)
    }
    if isSame {
        fmt.Println("Hello user!!")
    } else {
        fmt.Println("Who are you...?")
    }
}

Usage

You can wrap Compare*Hash() like this

func Compare(gotValue, hash, key string) bool {
    isSame, err := saltissimo.CompareHexHash(sha256.New, gotValue, hash, key)
    if err != nil {
       return false
    }
    return isSame
}

If you want to devise a little more, you will be happy by using these function.

func PBDKF2Hex(hash func() hash.Hash, str string, key []byte) string
func PBDKF2B64(hash func() hash.Hash, str string, key []byte) string
func RandomBytes(l int) ([]byte, error)

Please read GoDoc or test for details.

Get this

go get -u github.com/Code-Hex/saltissimo

Contribute

Please give me some PRs!!

Author

codehex

Documentation

Overview

Package saltissimo was developed to easily compare hash of salt password. Suppose you have saved like this data. 

+--------------------------+
| PBDKF2_hex  | secret_key |
+--------------------------+
| 5f54e622... | 951ff34... |
+--------------------------+

Then, you are passed any string. Assume that you are given a "password" here. You can use compare function looks like this: 

saltissimo.CompareHexHash(sha256.New, "password", PBDKF2_hexstr, secret_key)

Index

Constants

This section is empty.

Variables

View Source 
var (
	SaltLength = 36
	KeyLength  = 32
	Iter       = 4096
)

SaltLength specifies the length of a random byte sequence. KeyLength, Iter for pbkdf2.Key arguments.

Functions

func B64Hash 

func B64Hash(hash func() hash.Hash, str string) (string, string, error)

B64Hash to generate PBDKF2 as base64 string. returns PBDKF2, secret key, error

func CompareB64Hash 

func CompareB64Hash(hash func() hash.Hash, str, b64Str, key string) (bool, error)

CompareB64Hash to compare passed string and PBDKF2 as base64 string.

func CompareHexHash 

func CompareHexHash(hash func() hash.Hash, str, hexStr, key string) (bool, error)

CompareHexHash to compare passed string and PBDKF2 as hex string.

func HexHash 

func HexHash(hash func() hash.Hash, str string) (string, string, error)

HexHash to generate PBDKF2 as Hex string. returns PBDKF2, secret key, error

func PBDKF2B64 

func PBDKF2B64(hash func() hash.Hash, str string, key []byte) string

PBDKF2B64 creates a base64 string from PBDKF2 as its name

func PBDKF2Hex 

func PBDKF2Hex(hash func() hash.Hash, str string, key []byte) string

PBDKF2Hex creates a hex string from PBDKF2 as its name

func RandomBytes 

func RandomBytes(l int) ([]byte, error)

RandomBytes generate a random byte slice.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.