253 lines
6.5 KiB
Go
253 lines
6.5 KiB
Go
package password
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"crypto/subtle"
|
|
"encoding/base64"
|
|
"fmt"
|
|
"strings"
|
|
|
|
"golang.org/x/crypto/argon2"
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
// Algorithm represents the hashing algorithm to use
|
|
type Algorithm int
|
|
|
|
const (
|
|
Argon2 Algorithm = iota
|
|
Bcrypt
|
|
)
|
|
|
|
// Argon2Config holds configuration for Argon2 hashing
|
|
type Argon2Config struct {
|
|
Time uint32 // Number of iterations
|
|
Memory uint32 // Memory usage in KB
|
|
Threads uint8 // Number of threads
|
|
KeyLen uint32 // Length of generated hash
|
|
}
|
|
|
|
// BcryptConfig holds configuration for Bcrypt hashing
|
|
type BcryptConfig struct {
|
|
Cost int // Bcrypt cost factor (4-31)
|
|
}
|
|
|
|
// Config holds the password hashing configuration
|
|
type Config struct {
|
|
Algorithm Algorithm
|
|
Argon2 Argon2Config
|
|
Bcrypt BcryptConfig
|
|
}
|
|
|
|
// DefaultArgon2Config returns recommended Argon2 settings
|
|
func DefaultArgon2Config() Argon2Config {
|
|
return Argon2Config{
|
|
Time: 1,
|
|
Memory: 64 * 1024, // 64 MB
|
|
Threads: 4,
|
|
KeyLen: 32,
|
|
}
|
|
}
|
|
|
|
// SecureArgon2Config returns more secure Argon2 settings (slower but more resistant)
|
|
func SecureArgon2Config() Argon2Config {
|
|
return Argon2Config{
|
|
Time: 3,
|
|
Memory: 128 * 1024, // 128 MB
|
|
Threads: 4,
|
|
KeyLen: 32,
|
|
}
|
|
}
|
|
|
|
// FastArgon2Config returns faster Argon2 settings (for testing/development)
|
|
func FastArgon2Config() Argon2Config {
|
|
return Argon2Config{
|
|
Time: 1,
|
|
Memory: 32 * 1024, // 32 MB
|
|
Threads: 2,
|
|
KeyLen: 32,
|
|
}
|
|
}
|
|
|
|
// DefaultBcryptConfig returns recommended Bcrypt settings
|
|
func DefaultBcryptConfig() BcryptConfig {
|
|
return BcryptConfig{
|
|
Cost: bcrypt.DefaultCost, // 10
|
|
}
|
|
}
|
|
|
|
// SecureBcryptConfig returns more secure Bcrypt settings (slower but more resistant)
|
|
func SecureBcryptConfig() BcryptConfig {
|
|
return BcryptConfig{
|
|
Cost: 12,
|
|
}
|
|
}
|
|
|
|
// DefaultConfig returns the default configuration (Argon2 with default settings)
|
|
func DefaultConfig() Config {
|
|
return Config{
|
|
Algorithm: Argon2,
|
|
Argon2: DefaultArgon2Config(),
|
|
Bcrypt: DefaultBcryptConfig(),
|
|
}
|
|
}
|
|
|
|
var globalConfig = DefaultConfig()
|
|
|
|
// SetConfig sets the global password configuration
|
|
func SetConfig(config Config) {
|
|
globalConfig = config
|
|
}
|
|
|
|
// GetConfig returns the current global password configuration
|
|
func GetConfig() Config {
|
|
return globalConfig
|
|
}
|
|
|
|
// HashPassword creates a hash of the password using the global configuration
|
|
func HashPassword(password string) string {
|
|
return HashPasswordWithConfig(password, globalConfig)
|
|
}
|
|
|
|
// HashPasswordWithConfig creates a hash of the password using the specified configuration
|
|
func HashPasswordWithConfig(password string, config Config) string {
|
|
switch config.Algorithm {
|
|
case Bcrypt:
|
|
return hashBcrypt(password, config.Bcrypt)
|
|
case Argon2:
|
|
fallthrough
|
|
default:
|
|
return hashArgon2(password, config.Argon2)
|
|
}
|
|
}
|
|
|
|
// hashArgon2 creates an argon2id hash of the password
|
|
func hashArgon2(password string, config Argon2Config) string {
|
|
salt := make([]byte, 16)
|
|
rand.Read(salt)
|
|
|
|
hash := argon2.IDKey([]byte(password), salt, config.Time, config.Memory, config.Threads, config.KeyLen)
|
|
|
|
b64Salt := base64.RawStdEncoding.EncodeToString(salt)
|
|
b64Hash := base64.RawStdEncoding.EncodeToString(hash)
|
|
|
|
encoded := fmt.Sprintf("$argon2id$v=%d$m=%d,t=%d,p=%d$%s$%s",
|
|
argon2.Version, config.Memory, config.Time, config.Threads, b64Salt, b64Hash)
|
|
|
|
return encoded
|
|
}
|
|
|
|
// hashBcrypt creates a bcrypt hash of the password
|
|
func hashBcrypt(password string, config BcryptConfig) string {
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), config.Cost)
|
|
if err != nil {
|
|
// Fallback to default cost if provided cost is invalid
|
|
hash, _ = bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
|
}
|
|
return string(hash)
|
|
}
|
|
|
|
// VerifyPassword checks if a password matches the hash
|
|
func VerifyPassword(password, encodedHash string) (bool, error) {
|
|
// Detect hash type by prefix
|
|
if strings.HasPrefix(encodedHash, "$2a$") || strings.HasPrefix(encodedHash, "$2b$") || strings.HasPrefix(encodedHash, "$2y$") {
|
|
return verifyBcrypt(password, encodedHash)
|
|
} else if strings.HasPrefix(encodedHash, "$argon2id$") {
|
|
return verifyArgon2(password, encodedHash)
|
|
}
|
|
return false, fmt.Errorf("unsupported hash format")
|
|
}
|
|
|
|
// verifyArgon2 checks if a password matches an argon2 hash
|
|
func verifyArgon2(password, encodedHash string) (bool, error) {
|
|
parts := strings.Split(encodedHash, "$")
|
|
if len(parts) != 6 {
|
|
return false, fmt.Errorf("invalid hash format")
|
|
}
|
|
|
|
if parts[1] != "argon2id" {
|
|
return false, fmt.Errorf("invalid hash variant")
|
|
}
|
|
|
|
var version int
|
|
_, err := fmt.Sscanf(parts[2], "v=%d", &version)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
if version != argon2.Version {
|
|
return false, fmt.Errorf("incompatible argon2 version")
|
|
}
|
|
|
|
var m, t, p uint32
|
|
_, err = fmt.Sscanf(parts[3], "m=%d,t=%d,p=%d", &m, &t, &p)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
salt, err := base64.RawStdEncoding.DecodeString(parts[4])
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
expectedHash, err := base64.RawStdEncoding.DecodeString(parts[5])
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
hash := argon2.IDKey([]byte(password), salt, t, m, uint8(p), uint32(len(expectedHash)))
|
|
|
|
if subtle.ConstantTimeCompare(hash, expectedHash) == 1 {
|
|
return true, nil
|
|
}
|
|
|
|
return false, nil
|
|
}
|
|
|
|
// verifyBcrypt checks if a password matches a bcrypt hash
|
|
func verifyBcrypt(password, encodedHash string) (bool, error) {
|
|
err := bcrypt.CompareHashAndPassword([]byte(encodedHash), []byte(password))
|
|
if err == bcrypt.ErrMismatchedHashAndPassword {
|
|
return false, nil
|
|
}
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
return true, nil
|
|
}
|
|
|
|
// NeedsRehash checks if a hash needs to be updated to current configuration
|
|
func NeedsRehash(encodedHash string) bool {
|
|
// Check if using bcrypt when we want argon2
|
|
if globalConfig.Algorithm == Argon2 && (strings.HasPrefix(encodedHash, "$2a$") || strings.HasPrefix(encodedHash, "$2b$") || strings.HasPrefix(encodedHash, "$2y$")) {
|
|
return true
|
|
}
|
|
|
|
// Check if using argon2 when we want bcrypt
|
|
if globalConfig.Algorithm == Bcrypt && strings.HasPrefix(encodedHash, "$argon2id$") {
|
|
return true
|
|
}
|
|
|
|
// For bcrypt, check if cost has changed
|
|
if strings.HasPrefix(encodedHash, "$2") {
|
|
cost, err := bcrypt.Cost([]byte(encodedHash))
|
|
if err == nil && cost != globalConfig.Bcrypt.Cost {
|
|
return true
|
|
}
|
|
}
|
|
|
|
// For argon2, check if parameters have changed
|
|
if strings.HasPrefix(encodedHash, "$argon2id$") {
|
|
parts := strings.Split(encodedHash, "$")
|
|
if len(parts) == 6 {
|
|
var m, t, p uint32
|
|
_, err := fmt.Sscanf(parts[3], "m=%d,t=%d,p=%d", &m, &t, &p)
|
|
if err == nil {
|
|
if m != globalConfig.Argon2.Memory || t != globalConfig.Argon2.Time || p != uint32(globalConfig.Argon2.Threads) {
|
|
return true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return false
|
|
} |