Skip to content
Snippets Groups Projects
Commit b151964c authored by ale's avatar ale
Browse files

Register the standards-compliant argon2i password hash

parent 3e5c304b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
pwhash/argon2.go
+ 13
0
View file @ b151964c
...@@ -6,6 +6,7 @@ import ( ...@@ -6,6 +6,7 @@ import (
"encoding/hex" "encoding/hex"
"errors" "errors"
"fmt" "fmt"
"log"
"strconv" "strconv"
"strings" "strings"
...@@ -54,6 +55,16 @@ func NewArgon2WithParams(time, mem uint32, threads uint8) PasswordHash { ...@@ -54,6 +55,16 @@ func NewArgon2WithParams(time, mem uint32, threads uint8) PasswordHash {
return newArgon2PasswordHash(time, mem, threads, &a2Codec{}) return newArgon2PasswordHash(time, mem, threads, &a2Codec{})
} }
// NewArgon2Std returns an Argon2i-based PasswordHash that conforms
// to the reference implementation encoding, using default parameters.
func NewArgon2Std() PasswordHash {
return NewArgon2StdWithParams(
defaultArgon2Params.Time,
defaultArgon2Params.Memory,
defaultArgon2Params.Threads,
)
}
// NewArgon2StdWithParams returns an Argon2i-based PasswordHash using // NewArgon2StdWithParams returns an Argon2i-based PasswordHash using
// the specified parameters for time, memory, and number of // the specified parameters for time, memory, and number of
// threads. This will use the string encoding ("$argon2$") documented // threads. This will use the string encoding ("$argon2$") documented
...@@ -204,5 +215,7 @@ func (*argon2StdCodec) decodeArgon2Hash(s string) (params argon2Params, salt []b ...@@ -204,5 +215,7 @@ func (*argon2StdCodec) decodeArgon2Hash(s string) (params argon2Params, salt []b
return return
} }
dk, err = base64.RawStdEncoding.DecodeString(parts[3]) dk, err = base64.RawStdEncoding.DecodeString(parts[3])
log.Printf("params: %+v", params)
return return
} }
pwhash/password.go
+ 6
5
View file @ b151964c
...@@ -49,11 +49,12 @@ func getRandomBytes(n int) []byte { ...@@ -49,11 +49,12 @@ func getRandomBytes(n int) []byte {
// A registry of default handlers for decoding passwords. // A registry of default handlers for decoding passwords.
var prefixRegistry = map[string]PasswordHash{ var prefixRegistry = map[string]PasswordHash{
"$1$": NewSystemCrypt(), "$1$": NewSystemCrypt(),
"$5$": NewSystemCrypt(), "$5$": NewSystemCrypt(),
"$6$": NewSystemCrypt(), "$6$": NewSystemCrypt(),
"$s$": NewScrypt(), "$s$": NewScrypt(),
"$a2$": NewArgon2(), "$a2$": NewArgon2(),
"$argon2i$": NewArgon2Std(),
} }
// ComparePassword returns true if the given password matches the // ComparePassword returns true if the given password matches the
......
pwhash/password_test.go
+ 8
0
View file @ b151964c
...@@ -65,6 +65,14 @@ func testImpl(t *testing.T, h PasswordHash) { ...@@ -65,6 +65,14 @@ func testImpl(t *testing.T, h PasswordHash) {
} }
} }
func TestStandardArgon2Password(t *testing.T) {
enc := "$argon2i$v=19$m=32768,t=4,p=1$DG0B56zlrrx+VMVaM6wvsw$8iV+HwTKmofjrb+q9I2zZGQnGXzXtiIXv8VdHdvbbX8"
pw := "idontmindbirds"
if !ComparePassword(enc, pw) {
t.Fatal("comparison failed")
}
}
func BenchmarkArgon2(b *testing.B) { func BenchmarkArgon2(b *testing.B) {
var testParams []argon2Params var testParams []argon2Params
for iTime := 1; iTime <= 5; iTime++ { for iTime := 1; iTime <= 5; iTime++ {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment