@@ -18,7 +18,7 @@ import (
18
18
var (
19
19
// The base64 encoder used when producing the string representation of
20
20
// hashes.
21
- base64Encoder = base64 .RawStdEncoding
21
+ base64Encoding = base64 .RawStdEncoding
22
22
23
23
// The number of iterations to use when generating the hash. This was chosen
24
24
// to make it about as fast as bcrypt hashes. Increasing this causes hashes
34
34
35
35
// A salt size of 16 is the default in passlib. A minimum of 8 can be safely
36
36
// used.
37
- saltSize = 16
37
+ defaultSaltSize = 16
38
38
39
39
// The simulated hash is used when trying to simulate password checks for
40
40
// users that don't exist.
@@ -84,7 +84,7 @@ func Compare(hashed string, password string) (bool, error) {
84
84
if err != nil {
85
85
return false , xerrors .Errorf ("parse iter from hash: %w" , err )
86
86
}
87
- salt , err := base64Encoder .DecodeString (parts [3 ])
87
+ salt , err := base64Encoding .DecodeString (parts [3 ])
88
88
if err != nil {
89
89
return false , xerrors .Errorf ("decode salt: %w" , err )
90
90
}
@@ -99,7 +99,7 @@ func Compare(hashed string, password string) (bool, error) {
99
99
// Hash generates a hash using pbkdf2.
100
100
// See the Compare() comment for rationale.
101
101
func Hash (password string ) (string , error ) {
102
- salt := make ([]byte , saltSize )
102
+ salt := make ([]byte , defaultSaltSize )
103
103
_ , err := rand .Read (salt )
104
104
if err != nil {
105
105
return "" , xerrors .Errorf ("read random bytes for salt: %w" , err )
@@ -112,12 +112,12 @@ func Hash(password string) (string, error) {
112
112
func hashWithSaltAndIter (password string , salt []byte , iter int ) string {
113
113
var (
114
114
hash = pbkdf2 .Key ([]byte (password ), salt , iter , hashLength , sha256 .New )
115
- encHash = make ([]byte , base64Encoder .EncodedLen (len (hash )))
116
- encSalt = make ([]byte , base64Encoder .EncodedLen (len (salt )))
115
+ encHash = make ([]byte , base64Encoding .EncodedLen (len (hash )))
116
+ encSalt = make ([]byte , base64Encoding .EncodedLen (len (salt )))
117
117
)
118
118
119
- base64Encoder .Encode (encHash , hash )
120
- base64Encoder .Encode (encSalt , salt )
119
+ base64Encoding .Encode (encHash , hash )
120
+ base64Encoding .Encode (encSalt , salt )
121
121
122
122
return fmt .Sprintf ("$%s$%d$%s$%s" , hashScheme , iter , encSalt , encHash )
123
123
}
0 commit comments