40 lines
701 B
Go
40 lines
701 B
Go
package encryption
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"golang.org/x/crypto/scrypt"
|
|
"io"
|
|
)
|
|
|
|
const (
|
|
PW_SALT_BYTES = 32
|
|
PW_HASH_BYTES = 32
|
|
)
|
|
|
|
func Encrypt(pw string) (string, string, error) {
|
|
|
|
salt := make([]byte, PW_SALT_BYTES)
|
|
_, err := io.ReadFull(rand.Reader, salt)
|
|
if err != nil {
|
|
return "", "", err
|
|
}
|
|
|
|
hash, err := scrypt.Key([]byte(pw), salt, 16384, 8, 1, PW_HASH_BYTES)
|
|
if err != nil {
|
|
return "", "", err
|
|
}
|
|
return string(salt), string(hash), nil
|
|
}
|
|
|
|
func Check(pw, savedSalt, savedDigest string) bool {
|
|
|
|
hash, err := scrypt.Key([]byte(pw), []byte(savedSalt), 16384, 8, 1, PW_HASH_BYTES)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
if string(hash) == savedDigest {
|
|
return true
|
|
}
|
|
return false
|
|
} |