diff options
| author | EuAndreh <eu@euandre.org> | 2024-10-19 09:07:14 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2024-10-19 09:07:14 -0300 |
| commit | e37c1fc7fe6b211c05f9124653c9b338e587ca8a (patch) | |
| tree | 4b73a455eafe03646403e4ae84dab50ce53bb834 | |
| parent | Remove Go code in favor of upstream libscrypt-kdf (diff) | |
| download | scrypt-e37c1fc7fe6b211c05f9124653c9b338e587ca8a.tar.gz scrypt-e37c1fc7fe6b211c05f9124653c9b338e587ca8a.tar.xz | |
src/scrypt.go: Create HashInput and CheckInput for named arguments
| -rw-r--r-- | src/scrypt.go | 49 | ||||
| -rw-r--r-- | tests/benchmarks/hash/scrypt.go | 6 | ||||
| -rw-r--r-- | tests/functional/hash-and-check/scrypt.go | 32 | ||||
| -rw-r--r-- | tests/fuzz/api/scrypt.go | 6 | ||||
| -rw-r--r-- | tests/scrypt.go | 22 |
5 files changed, 87 insertions, 28 deletions
diff --git a/src/scrypt.go b/src/scrypt.go index a4f03d2..70140ab 100644 --- a/src/scrypt.go +++ b/src/scrypt.go @@ -38,6 +38,19 @@ var ( +type HashInput struct{ + Password []byte + Salt []byte +} + +type CheckInput struct{ + Password []byte + Salt []byte + Hash []byte +} + + + // Package scrypt implements the scrypt key derivation function as defined in // Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard // Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf). @@ -94,24 +107,20 @@ func scrypt( return out, nil } -func Hash(password []byte, salt []byte) ([]byte, error) { - if len(salt) < _SALT_MIN_LENGTH { +func Hash(input HashInput) ([]byte, error) { + if len(input.Salt) < _SALT_MIN_LENGTH { return nil, ErrSaltTooSmall } hash, err := scrypt( - password, - salt, + input.Password, + input.Salt, _N, r, p, _DESIRED_LENGTH, ) - if err != nil { - return nil, err - } - - return hash, nil + return hash, err } func SaltFrom(r io.Reader) ([]byte, error) { @@ -127,13 +136,18 @@ func Salt() ([]byte, error) { return SaltFrom(rand.Reader) } -func Check(password []byte, salt []byte, hash []byte) (bool, error) { - candidate, err := Hash(password, salt) +func Check(input CheckInput) (bool, error) { + hashInput := HashInput{ + Password: input.Password, + Salt: input.Salt, + } + + candidate, err := Hash(hashInput) if err != nil { return false, err } - return slices.Equal(candidate, hash), nil + return slices.Equal(candidate, input.Hash), nil } @@ -143,10 +157,15 @@ func Main() { fmt.Fprintf(os.Stderr, "Usage: scrypt PASSWORD SALT\n") os.Exit(2) } - password := os.Args[1] - salt := os.Args[2] - payload, err := Hash([]byte(password), []byte(salt)) + password := []byte(os.Args[1]) + salt := []byte(os.Args[2]) + input := HashInput{ + Password: password, + Salt: salt, + } + + payload, err := Hash(input) if err != nil { if err == ErrSaltTooSmall { fmt.Fprintln(os.Stderr, err) diff --git a/tests/benchmarks/hash/scrypt.go b/tests/benchmarks/hash/scrypt.go index 82f9ed5..54657d0 100644 --- a/tests/benchmarks/hash/scrypt.go +++ b/tests/benchmarks/hash/scrypt.go @@ -18,9 +18,13 @@ func MainTest() { password := []byte("password") salt := []byte("salt0123456789abcdef0123456789abcdef") + input := HashInput{ + Password: password, + Salt: salt, + } for i := 0; i < n; i++ { - _, err := Hash(password, salt) + _, err := Hash(input) if err != nil { panic(err) } diff --git a/tests/functional/hash-and-check/scrypt.go b/tests/functional/hash-and-check/scrypt.go index 17f2982..065b9b5 100644 --- a/tests/functional/hash-and-check/scrypt.go +++ b/tests/functional/hash-and-check/scrypt.go @@ -9,15 +9,24 @@ import ( func MainTest() { g.Testing("from a known input we check the hash", func() { - const ( - password = "a fixed password" - salt = "a fixed salt____________________" + var ( + password = []byte("a fixed password") + salt = []byte("a fixed salt____________________") ) - hash, err := Hash([]byte(password), []byte(salt)) + hashInput := HashInput{ + Password: password, + Salt: salt, + } + hash, err := Hash(hashInput) g.TErrorIf(err) - ok, err := Check([]byte(password), []byte(salt), hash) + checkInput := CheckInput{ + Password: password, + Salt: salt, + Hash: hash, + } + ok, err := Check(checkInput) g.TErrorIf(err) g.TAssertEqual(ok, true) }) @@ -29,10 +38,19 @@ func MainTest() { salt, err := Salt() g.TErrorIf(err) - hash, err := Hash(password, salt) + hashInput := HashInput{ + Password: password, + Salt: salt, + } + hash, err := Hash(hashInput) g.TErrorIf(err) - ok, err := Check(password, salt, hash) + checkInput := CheckInput{ + Password: password, + Salt: salt, + Hash: hash, + } + ok, err := Check(checkInput) g.TErrorIf(err) g.TAssertEqual(ok, true) diff --git a/tests/fuzz/api/scrypt.go b/tests/fuzz/api/scrypt.go index 8e785a5..c037add 100644 --- a/tests/fuzz/api/scrypt.go +++ b/tests/fuzz/api/scrypt.go @@ -14,7 +14,11 @@ func api(f *testing.F) { return } - _, err := Hash(password, salt) + input := HashInput{ + Password: password, + Salt: salt, + } + _, err := Hash(input) if err != nil { t.Errorf("Failed on: %#v\n", err) } diff --git a/tests/scrypt.go b/tests/scrypt.go index f499f84..710ea82 100644 --- a/tests/scrypt.go +++ b/tests/scrypt.go @@ -217,10 +217,15 @@ func test_Hash() { salt, err := Salt() g.TErrorIf(err) - hash1, err := Hash(password, salt) + input := HashInput{ + Password: password, + Salt: salt, + } + + hash1, err := Hash(input) g.TErrorIf(err) - hash2, err := Hash(password, salt) + hash2, err := Hash(input) g.TErrorIf(err) g.TAssertEqual(hash1, hash2) @@ -231,13 +236,22 @@ func test_Check() { g.TestStart("Check()") h := func(password []byte, salt []byte) []byte { - hash, err := Hash(password, salt) + input := HashInput{ + Password: password, + Salt: salt, + } + hash, err := Hash(input) g.TErrorIf(err) return hash } chk := func(password []byte, salt []byte, hash []byte) bool { - ok, err := Check(password, salt, hash) + input := CheckInput{ + Password: password, + Salt: salt, + Hash: hash, + } + ok, err := Check(input) g.TErrorIf(err) return ok } |