passwd

package
v0.7.10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 14, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package passwd provides fancy crypto shit for passwords

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrCannotCreateDK is returned when the provided password is empty or the derived key creation failed
	ErrCannotCreateDK = errors.New("cannot create derived key for empty password")

	// ErrCouldNotGenerate is returned when a derived key of specified length failed to be generated
	ErrCouldNotGenerate = fmt.Errorf("could not generate %d length", dkSLen)

	// ErrUnableToVerify is returned when attempting to verify an empty derived key or empty password
	ErrUnableToVerify = errors.New("cannot verify empty derived key or password")

	// ErrCannotParseDK is returned when the encoded derived key fails to be parsed due to part(s) mismatch
	ErrCannotParseDK = errors.New("cannot parse encoded derived key, does not match regular expression")

	// ErrCannotParseEncodedEK is returned when the derived key parts do not match the desired part length
	ErrCannotParseEncodedEK = errors.New("cannot parse encoded derived key, matched expression does not contain enough subgroups")
)

Error constants

Functions

func CreateDerivedKey

func CreateDerivedKey(password string) (string, error)

CreateDerivedKey creates an encoded derived key with a random hash for the password.

func IsDerivedKey

func IsDerivedKey(s string) bool

func ParseDerivedKey

func ParseDerivedKey(encoded string) (dk, salt []byte, time, memory uint32, threads uint8, err error)

ParseDerivedKey returns the parts of the encoded derived key string.

func VerifyDerivedKey

func VerifyDerivedKey(dk, password string) (bool, error)

VerifyDerivedKey checks that the submitted password matches the derived key.

Types

type ParseError

type ParseError struct {
	Object        string
	Value         string
	ExpectedValue string
}

ParseError is defining a custom error type called `ParseError`. It is a struct that holds intermediary values for comparison in errors

func (*ParseError) Error

func (e *ParseError) Error() string

Error returns the ParseError in string format

type PasswordStrength

type PasswordStrength uint8
const (
	Weak PasswordStrength = iota
	Poor
	Fair
	Moderate
	Strong
	Excellent
)

func Strength

func Strength(password string) PasswordStrength

Strength is currently a very simple password strength algorithm that simply checks the length and contents of a password to ensure that reasonable passwords are added to Datum. In the future this algorithm can be strengthened with zxcvbn algorithms. TODO: implement dictionary word, spatial closeness, and l33t strength algorithms. See: https://nulab.com/learn/software-development/password-strength/

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL