mirror of
https://github.com/gopasspw/gopass.git
synced 2026-06-12 15:37:38 +02:00
Dominik Schulz
7281ca8ab4
* [chore] Migrate to golangci-lint v2 Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Fix more lint issues Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Fix more lint issue Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Fix more lint issues Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Add more package comments. Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Fix golangci-lint config and the remaining checks Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Use Go 1.24 Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Fix container builds Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Fix more failing tests Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Fix test failure Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Fix another len assertion Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Move location tests Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Fix most remaining lint issues Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Only run XDG specific tests on linux Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Attempt to address on source of flaky failures Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> --------- Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
40 lines
989 B
Go
40 lines
989 B
Go
// Package bcrypt provides a bcrypt password hashing scheme.
|
|
// It is compatible with Dovecot and other systems that use bcrypt.
|
|
package bcrypt
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
const (
|
|
cost = 12
|
|
)
|
|
|
|
// Prefix is set to be compatible with Dovecot. Can be set to an empty string.
|
|
var Prefix = "{BLF-CRYPT}"
|
|
|
|
// Generate generates a new Bcrypt hash with recommended values for it's
|
|
// cost parameter.
|
|
func Generate(password string) (string, error) {
|
|
h, err := bcrypt.GenerateFromPassword([]byte(password), cost)
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to generate password hash: %w", err)
|
|
}
|
|
|
|
return Prefix + string(h), nil
|
|
}
|
|
|
|
// Validate validates the password against the given hash.
|
|
func Validate(password, hash string) error {
|
|
hash = strings.TrimPrefix(hash, Prefix)
|
|
|
|
if err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)); err != nil {
|
|
return fmt.Errorf("failed to validate password hash %s: %w", hash, err)
|
|
}
|
|
|
|
return nil
|
|
}
|