package bcrypt

import "golang.org/x/crypto/bcrypt"

Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm. See http://www.usenix.org/event/usenix99/provos/provos.pdf

Index ¶

• Constants
• Variables
• func CompareHashAndPassword(hashedPassword, password []byte) error
• func Cost(hashedPassword []byte) (int, error)
• func GenerateFromPassword(password []byte, cost int) ([]byte, error)
• type HashVersionTooNewError
• func (hv HashVersionTooNewError) Error() string
• type InvalidCostError
• func (ic InvalidCostError) Error() string
• type InvalidHashPrefixError
• func (ih InvalidHashPrefixError) Error() string

Constants ¶

const (
	MinCost     int = 4  // the minimum allowable cost as passed in to GenerateFromPassword
	MaxCost     int = 31 // the maximum allowable cost as passed in to GenerateFromPassword
	DefaultCost int = 10 // the cost that will actually be set if a cost below MinCost is passed into GenerateFromPassword
)

Variables ¶

var ErrHashTooShort = errors.New("crypto/bcrypt: hashedSecret too short to be a bcrypted password")

The error returned from CompareHashAndPassword when a hash is too short to be a bcrypt hash.

var ErrMismatchedHashAndPassword = errors.New("crypto/bcrypt: hashedPassword is not the hash of the given password")

The error returned from CompareHashAndPassword when a password and hash do not match.

var ErrPasswordTooLong = errors.New("bcrypt: password length exceeds 72 bytes")

ErrPasswordTooLong is returned when the password passed to GenerateFromPassword is too long (i.e. > 72 bytes).

Functions ¶

func CompareHashAndPassword ¶

func CompareHashAndPassword(hashedPassword, password []byte) error

CompareHashAndPassword compares a bcrypt hashed password with its possible plaintext equivalent. Returns nil on success, or an error on failure.

func Cost ¶

func Cost(hashedPassword []byte) (int, error)

Cost returns the hashing cost used to create the given hashed password. When, in the future, the hashing cost of a password system needs to be increased in order to adjust for greater computational power, this function allows one to establish which passwords need to be updated.

func GenerateFromPassword ¶

func GenerateFromPassword(password []byte, cost int) ([]byte, error)

GenerateFromPassword returns the bcrypt hash of the password at the given cost. If the cost given is less than MinCost, the cost will be set to DefaultCost, instead. Use CompareHashAndPassword, as defined in this package, to compare the returned hashed password with its cleartext version. GenerateFromPassword does not accept passwords longer than 72 bytes, which is the longest password bcrypt will operate on.

Types ¶

type HashVersionTooNewError ¶

type HashVersionTooNewError byte

The error returned from CompareHashAndPassword when a hash was created with a bcrypt algorithm newer than this implementation.

func (HashVersionTooNewError) Error ¶

func (hv HashVersionTooNewError) Error() string

type InvalidCostError ¶

type InvalidCostError int

func (InvalidCostError) Error ¶

func (ic InvalidCostError) Error() string

type InvalidHashPrefixError ¶

type InvalidHashPrefixError byte

The error returned from CompareHashAndPassword when a hash starts with something other than '$'

func (InvalidHashPrefixError) Error ¶

func (ih InvalidHashPrefixError) Error() string

Source Files ¶

base64.go bcrypt.go