Easy generate, easy compare hash using pbkdf2.
Because, It was troublesome to write code for managing customers password for each service.
I adopted the safe pbkdf2 method as possible.
Yes. I changed it because there was a security problem.
See reddit.
func main() {
gotFromForm := "password"
// 1. Code to generate hash
hash, key, err := saltissimo.HexHash(sha256.New, gotFromForm)
if err != nil {
panic(err)
}
// *Code to save some values
// 2. Code to compare hash
// *Code to retrieve the value from a database etc.
// *Assume that it has already been substituted.
isSame, err := saltissimo.CompareHexHash(sha256.New, gotFromForm, hash, key)
if err != nil {
panic(err)
}
if isSame {
fmt.Println("Hello user!!")
} else {
fmt.Println("Who are you...?")
}
}
You can wrap Compare*Hash() like this
func Compare(gotValue, hash, key string) bool {
isSame, err := saltissimo.CompareHexHash(sha256.New, gotValue, hash, key)
if err != nil {
return false
}
return isSame
}
If you want to devise a little more, you will be happy by using these function.
func PBDKF2Hex(hash func() hash.Hash, str string, key []byte) string
func PBDKF2B64(hash func() hash.Hash, str string, key []byte) string
func RandomBytes(l int) ([]byte, error)
Please read GoDoc or test for details.
go get -u github.com/Code-Hex/saltissimo
Please give me some PRs!!