mirror of
https://github.com/rls-moe/nyx
synced 2024-12-24 12:17:16 +00:00
Synchronizes vendors for passlib.v1
This commit is contained in:
parent
540b368f8f
commit
f4e4b1d88b
12
vendor/gopkg.in/hlandau/passlib.v1/.travis.yml
generated
vendored
12
vendor/gopkg.in/hlandau/passlib.v1/.travis.yml
generated
vendored
@ -1,12 +0,0 @@
|
|||||||
language: go
|
|
||||||
os:
|
|
||||||
- linux
|
|
||||||
go:
|
|
||||||
- 1.10
|
|
||||||
- tip
|
|
||||||
sudo: false
|
|
||||||
install:
|
|
||||||
- mkdir -p $HOME/gopath/src/gopkg.in/hlandau/
|
|
||||||
- ln -s $TRAVIS_BUILD_DIR $HOME/gopath/src/gopkg.in/hlandau/passlib.v1
|
|
||||||
- cd $HOME/gopath/src/gopkg.in/hlandau/passlib.v1
|
|
||||||
- go get
|
|
100
vendor/gopkg.in/hlandau/passlib.v1/README.md
generated
vendored
100
vendor/gopkg.in/hlandau/passlib.v1/README.md
generated
vendored
@ -1,100 +0,0 @@
|
|||||||
passlib for go
|
|
||||||
==============
|
|
||||||
|
|
||||||
[![GoDoc](https://godoc.org/gopkg.in/hlandau/passlib.v1?status.svg)](https://godoc.org/gopkg.in/hlandau/passlib.v1) [![Build Status](https://travis-ci.org/hlandau/passlib.svg?branch=master)](https://travis-ci.org/hlandau/passlib)
|
|
||||||
|
|
||||||
[Python's passlib](https://pythonhosted.org/passlib/) is quite an amazing
|
|
||||||
library. I'm not sure there's a password library in existence with more thought
|
|
||||||
put into it, or with more support for obscure password formats.
|
|
||||||
|
|
||||||
This is a skeleton of a port of passlib to Go. It dogmatically adopts the
|
|
||||||
modular crypt format, which [passlib has excellent documentation for](https://pythonhosted.org/passlib/modular_crypt_format.html#modular-crypt-format).
|
|
||||||
|
|
||||||
Currently, it supports:
|
|
||||||
|
|
||||||
- sha256-crypt
|
|
||||||
- sha512-crypt
|
|
||||||
- scrypt-sha256
|
|
||||||
- bcrypt
|
|
||||||
- passlib's bcrypt-sha256 variant
|
|
||||||
- pbkdf2-sha1 (in passlib format)
|
|
||||||
- pbkdf2-sha256 (in passlib format)
|
|
||||||
- pbkdf2-sha512 (in passlib format)
|
|
||||||
|
|
||||||
By default, it will hash using scrypt-sha256 and verify existing hashes using
|
|
||||||
any of these schemes.
|
|
||||||
|
|
||||||
Example Usage
|
|
||||||
-------------
|
|
||||||
There's a default context for ease of use. Most people need only concern
|
|
||||||
themselves with the functions `Hash` and `Verify`:
|
|
||||||
|
|
||||||
```go
|
|
||||||
// Hash a plaintext, UTF-8 password.
|
|
||||||
func Hash(password string) (hash string, err error)
|
|
||||||
|
|
||||||
// Verifies a plaintext, UTF-8 password using a previously derived hash.
|
|
||||||
// Returns non-nil err if verification fails.
|
|
||||||
//
|
|
||||||
// Also returns an upgraded password hash if the hash provided is
|
|
||||||
// deprecated.
|
|
||||||
func Verify(password, hash string) (newHash string, err error)
|
|
||||||
```
|
|
||||||
|
|
||||||
Here's a rough skeleton of typical usage.
|
|
||||||
|
|
||||||
```go
|
|
||||||
import "gopkg.in/hlandau/passlib.v1"
|
|
||||||
|
|
||||||
func RegisterUser() {
|
|
||||||
(...)
|
|
||||||
|
|
||||||
password := get a (UTF-8, plaintext) password from somewhere
|
|
||||||
|
|
||||||
hash, err := passlib.Hash(password)
|
|
||||||
if err != nil {
|
|
||||||
// couldn't hash password for some reason
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
(store hash in database, etc.)
|
|
||||||
}
|
|
||||||
|
|
||||||
func CheckPassword() bool {
|
|
||||||
password := get the password the user entered
|
|
||||||
hash := the hash you stored from the call to Hash()
|
|
||||||
|
|
||||||
newHash, err := passlib.Verify(password, hash)
|
|
||||||
if err != nil {
|
|
||||||
// incorrect password, malformed hash, etc.
|
|
||||||
// either way, reject
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
// The context has decided, as per its policy, that
|
|
||||||
// the hash which was used to validate the password
|
|
||||||
// should be changed. It has upgraded the hash using
|
|
||||||
// the verified password.
|
|
||||||
if newHash != "" {
|
|
||||||
(store newHash in database, replacing old hash)
|
|
||||||
}
|
|
||||||
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
scrypt Modular Crypt Format
|
|
||||||
---------------------------
|
|
||||||
Since scrypt does not have a pre-existing modular crypt format standard, I made one. It's as follows:
|
|
||||||
|
|
||||||
$s2$N$r$p$salt$hash
|
|
||||||
|
|
||||||
...where `N`, `r` and `p` are the respective difficulty parameters to scrypt as positive decimal integers without leading zeroes, and `salt` and `hash` are base64-encoded binary strings. Note that the RFC 4648 base64 encoding is used (not the one used by sha256-crypt and sha512-crypt).
|
|
||||||
|
|
||||||
Licence
|
|
||||||
-------
|
|
||||||
passlib is partially derived from Python's passlib and so maintains its BSD license.
|
|
||||||
|
|
||||||
© 2008-2012 Assurance Technologies LLC. (Python passlib) BSD License
|
|
||||||
© 2014 Hugo Landau <hlandau@devever.net> BSD License
|
|
||||||
|
|
2
vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/raw/pbkdf2.go
generated
vendored
2
vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/raw/pbkdf2.go
generated
vendored
@ -7,7 +7,7 @@ import (
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
MinRounds = 1
|
MinRounds = 1
|
||||||
MaxRounds = 0xffffffff // setting at 32-bit limit for now
|
MaxRounds = 0x7fffffff // setting at 32-bit signed integer limit for now
|
||||||
)
|
)
|
||||||
|
|
||||||
func Hash(password, salt []byte, rounds int, hf func() hash.Hash) (hash string) {
|
func Hash(password, salt []byte, rounds int, hf func() hash.Hash) (hash string) {
|
||||||
|
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@ -62,7 +62,7 @@ gopkg.in/hlandau/easymetric.v1/cexp
|
|||||||
# gopkg.in/hlandau/measurable.v1 v1.0.1
|
# gopkg.in/hlandau/measurable.v1 v1.0.1
|
||||||
## explicit
|
## explicit
|
||||||
gopkg.in/hlandau/measurable.v1
|
gopkg.in/hlandau/measurable.v1
|
||||||
# gopkg.in/hlandau/passlib.v1 v1.0.10
|
# gopkg.in/hlandau/passlib.v1 v1.0.11
|
||||||
## explicit
|
## explicit
|
||||||
gopkg.in/hlandau/passlib.v1
|
gopkg.in/hlandau/passlib.v1
|
||||||
gopkg.in/hlandau/passlib.v1/abstract
|
gopkg.in/hlandau/passlib.v1/abstract
|
||||||
|
Loading…
Reference in New Issue
Block a user