Documentation ¶
Overview ¶
Package passwd provides fancy crypto shit for passwords
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrCannotCreateDK is returned when the provided password is empty or the derived key creation failed ErrCannotCreateDK = errors.New("cannot create derived key for empty password") // ErrCouldNotGenerate is returned when a derived key of specified length failed to be generated ErrCouldNotGenerate = fmt.Errorf("could not generate %d length", dkSLen) // ErrUnableToVerify is returned when attempting to verify an empty derived key or empty password ErrUnableToVerify = errors.New("cannot verify empty derived key or password") // ErrCannotParseDK is returned when the encoded derived key fails to be parsed due to part(s) mismatch ErrCannotParseDK = errors.New("cannot parse encoded derived key, does not match regular expression") // ErrCannotParseEncodedEK is returned when the derived key parts do not match the desired part length ErrCannotParseEncodedEK = errors.New("cannot parse encoded derived key, matched expression does not contain enough subgroups") )
Error constants
Functions ¶
func CreateDerivedKey ¶
CreateDerivedKey creates an encoded derived key with a random hash for the password.
func IsDerivedKey ¶
func ParseDerivedKey ¶
func ParseDerivedKey(encoded string) (dk, salt []byte, time, memory uint32, threads uint8, err error)
ParseDerivedKey returns the parts of the encoded derived key string.
func VerifyDerivedKey ¶
VerifyDerivedKey checks that the submitted password matches the derived key.
Types ¶
type ParseError ¶
ParseError is defining a custom error type called `ParseError`. It is a struct that holds intermediary values for comparison in errors
func (*ParseError) Error ¶
func (e *ParseError) Error() string
Error returns the ParseError in string format
type PasswordStrength ¶
type PasswordStrength uint8
const ( Weak PasswordStrength = iota Poor Fair Moderate Strong Excellent )
func Strength ¶
func Strength(password string) PasswordStrength
Strength is currently a very simple password strength algorithm that simply checks the length and contents of a password to ensure that reasonable passwords are added to Khulnasoft. In the future this algorithm can be strengthened with zxcvbn algorithms. TODO: implement dictionary word, spatial closeness, and l33t strength algorithms. See: https://nulab.com/learn/software-development/password-strength/