forked from TrueCloudLab/restic
80 lines
10 KiB
JSON
80 lines
10 KiB
JSON
|
{
|
||
|
"name": "elithrar/simple-scrypt",
|
||
|
"version": "0.1.4",
|
||
|
"libraries": {
|
||
|
"xv": "^1.1.25"
|
||
|
},
|
||
|
"title": "simple-scrypt",
|
||
|
"branch": "",
|
||
|
"style": {
|
||
|
"name": "Williamsburg",
|
||
|
"componentSet": {
|
||
|
"nav": "nav/BasicNav",
|
||
|
"header": "header/LightBannerHeader",
|
||
|
"article": "article/ReaderArticle",
|
||
|
"footer": "footer/BasicFooter"
|
||
|
},
|
||
|
"fontFamily": "Montserrat, sans-serif",
|
||
|
"heading": {
|
||
|
"fontWeight": 600,
|
||
|
"letterSpacing": "0.1em"
|
||
|
},
|
||
|
"colors": {
|
||
|
"text": "#666666",
|
||
|
"background": "#fff",
|
||
|
"primary": "#0099e0",
|
||
|
"secondary": "#ab61ff",
|
||
|
"highlight": "#f7b",
|
||
|
"muted": "#2b2d70",
|
||
|
"border": "#ccd"
|
||
|
}
|
||
|
},
|
||
|
"content": [
|
||
|
{
|
||
|
"component": "nav",
|
||
|
"links": [
|
||
|
{
|
||
|
"href": "https://github.com/elithrar/simple-scrypt",
|
||
|
"text": "GitHub"
|
||
|
}
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"component": "header",
|
||
|
"heading": "simple-scrypt",
|
||
|
"subhead": "A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go.",
|
||
|
"children": [
|
||
|
{
|
||
|
"component": "ui/TweetButton",
|
||
|
"text": "simple-scrypt: A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go.",
|
||
|
"url": null
|
||
|
},
|
||
|
{
|
||
|
"component": "ui/GithubButton",
|
||
|
"user": "elithrar",
|
||
|
"repo": "simple-scrypt"
|
||
|
}
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"component": "article",
|
||
|
"metadata": {
|
||
|
"source": "github.readme"
|
||
|
},
|
||
|
"html": "\n<p><a href=\"https://godoc.org/github.com/elithrar/simple-scrypt\"><img src=\"https://godoc.org/github.com/elithrar/simple-scrypt?status.svg\"></a> <a href=\"https://travis-ci.org/elithrar/simple-scrypt\"><img src=\"https://travis-ci.org/elithrar/simple-scrypt.svg?branch=master\"></a></p>\n<p>simple-scrypt provides a convenience wrapper around Go's existing\n<a href=\"http://golang.org/x/crypto/scrypt\">scrypt</a> package that makes it easier to\nsecurely derive strong keys ("hash user passwords"). This library allows you to:</p>\n<ul>\n<li>Generate a scrypt derived key with a crytographically secure salt and sane\ndefault parameters for N, r and p.</li>\n<li>Upgrade the parameters used to generate keys as hardware improves by storing\nthem with the derived key (the scrypt spec. doesn't allow for this by\ndefault).</li>\n<li>Provide your own parameters (if you wish to).</li>\n</ul>\n<p>The API closely mirrors Go's <a href=\"https://golang.org/x/crypto/bcrypt\">bcrypt</a>\nlibrary in an effort to make it easy to migrate—and because it's an easy to grok\nAPI.</p>\n<h2>Installation</h2>\n<p>With a <a href=\"https://golang.org/doc/code.html\">working Go toolchain</a>:</p>\n<pre>go get -u github.com/elithrar/simple-scrypt</pre><h2>Example</h2>\n<p>simple-scrypt doesn't try to re-invent the wheel or do anything "special". It\nwraps the <code>scrypt.Key</code> function as thinly as possible, generates a\ncrytographically secure salt for you using Go's <code>crypto/rand</code> package, and\nreturns the derived key with the parameters prepended:</p>\n<pre><span class=\"hljs-keyword\">package</span> main\n\n<span class=\"hljs-keyword\">import</span>(\n <span class=\"hljs-string\">"fmt"</span>\n <span class=\"hljs-string\">"log"</span>\n\n <span class=\"hljs-string\">"github.com/elithrar/simple-scrypt"</span>\n)\n\n<span class=\"hljs-function\"><span class=\"hljs-keyword\">func</span> <span class=\"hljs-title\">main</span><span class=\"hljs-params\">()</span></span> {\n <span class=\"hljs-comment\">// e.g. r.PostFormValue("password")</span>\n passwordFromForm := <span class=\"hljs-string\">"prew8fid9hick6c"</span>\n\n <span class=\"hljs-comment\">// Generates a derived key of the form "N$r$p$salt$dk" where N, r and p are defined as per</span>\n <span class=\"hljs-comment\">// Colin Percival's scrypt paper: http://www.tarsnap.com/scrypt/scrypt.pdf</span>\n <span class=\"hljs-comment\">// scrypt.Defaults (N=16384, r=8, p=1) makes it easy to provide these parameters, and</span>\n <span class=\"hljs-comment\">// (should you wish) provide your own values via the scrypt.Params type.</span>\n hash, err := scrypt.GenerateFromPassword([]<span class=\"hljs-keyword\">byte</span>(passwordFromForm), scrypt.DefaultParams)\n <span class=\"hljs-keyword\">if</span> err != <span class=\"hljs-literal\">nil</span> {\n log.Fatal(err)\n }\n\n <span class=\"hljs-comment\">// Print the derived key with its parameters prepended.</span>\n fmt.Printf(<span class=\"hljs-string\">"%s\\n"</span>, hash)\n\n <span class=\"hljs-comment\">// Uses the parameters from the existing derived key. Return an error if they don't match.</span>\n err := scrypt.CompareHashAndPassword(hash, []<span class=\"hljs-keyword\">byte</span>(passwordFromForm))\n <span class=\"hljs-keyword\">if</span> err != <span class=\"hljs-literal\">nil</span> {\n log.Fatal(err)\n }\n}</pre><h2>Upgrading Parameters</h2>\n<p>Upgrading derived keys from a set of parameters to a "stronger" set of parameters\nas hardware improves, or as you scale (and move your auth process to separate\nhardware), can be pretty useful. Here's how to do it with simple-scrypt:</p>\n<pre><span class=\"hljs-function\"><span class=\"hljs-keyword\">func</span> <span class=\"hljs-title\">main</span><span class=\"hljs-params\">()</span></span> {\n <span class=\"hljs-comment\">// SCENE: We&ap
|
||
|
},
|
||
|
{
|
||
|
"component": "footer",
|
||
|
"links": [
|
||
|
{
|
||
|
"href": "https://github.com/elithrar/simple-scrypt",
|
||
|
"text": "GitHub"
|
||
|
},
|
||
|
{
|
||
|
"href": "https://github.com/elithrar",
|
||
|
"text": "elithrar"
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
]
|
||
|
}
|