2
2
mirror of https://github.com/octoleo/restic.git synced 2025-01-27 00:58:36 +00:00

80 lines
10 KiB
JSON
Raw Normal View History

{
"name": "elithrar/simple-scrypt",
"version": "0.1.4",
"libraries": {
"xv": "^1.1.25"
},
"title": "simple-scrypt",
"branch": "",
"style": {
"name": "Williamsburg",
"componentSet": {
"nav": "nav/BasicNav",
"header": "header/LightBannerHeader",
"article": "article/ReaderArticle",
"footer": "footer/BasicFooter"
},
"fontFamily": "Montserrat, sans-serif",
"heading": {
"fontWeight": 600,
"letterSpacing": "0.1em"
},
"colors": {
"text": "#666666",
"background": "#fff",
"primary": "#0099e0",
"secondary": "#ab61ff",
"highlight": "#f7b",
"muted": "#2b2d70",
"border": "#ccd"
}
},
"content": [
{
"component": "nav",
"links": [
{
"href": "https://github.com/elithrar/simple-scrypt",
"text": "GitHub"
}
]
},
{
"component": "header",
"heading": "simple-scrypt",
"subhead": "A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go.",
"children": [
{
"component": "ui/TweetButton",
"text": "simple-scrypt: A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go.",
"url": null
},
{
"component": "ui/GithubButton",
"user": "elithrar",
"repo": "simple-scrypt"
}
]
},
{
"component": "article",
"metadata": {
"source": "github.readme"
},
"html": "\n<p><a href=\"https://godoc.org/github.com/elithrar/simple-scrypt\"><img src=\"https://godoc.org/github.com/elithrar/simple-scrypt?status.svg\"></a> <a href=\"https://travis-ci.org/elithrar/simple-scrypt\"><img src=\"https://travis-ci.org/elithrar/simple-scrypt.svg?branch=master\"></a></p>\n<p>simple-scrypt provides a convenience wrapper around Go&apos;s existing\n<a href=\"http://golang.org/x/crypto/scrypt\">scrypt</a> package that makes it easier to\nsecurely derive strong keys (&quot;hash user passwords&quot;). This library allows you to:</p>\n<ul>\n<li>Generate a scrypt derived key with a crytographically secure salt and sane\ndefault parameters for N, r and p.</li>\n<li>Upgrade the parameters used to generate keys as hardware improves by storing\nthem with the derived key (the scrypt spec. doesn&apos;t allow for this by\ndefault).</li>\n<li>Provide your own parameters (if you wish to).</li>\n</ul>\n<p>The API closely mirrors Go&apos;s <a href=\"https://golang.org/x/crypto/bcrypt\">bcrypt</a>\nlibrary in an effort to make it easy to migrate&#x2014;and because it&apos;s an easy to grok\nAPI.</p>\n<h2>Installation</h2>\n<p>With a <a href=\"https://golang.org/doc/code.html\">working Go toolchain</a>:</p>\n<pre>go get -u github.com/elithrar/simple-scrypt</pre><h2>Example</h2>\n<p>simple-scrypt doesn&apos;t try to re-invent the wheel or do anything &quot;special&quot;. It\nwraps the <code>scrypt.Key</code> function as thinly as possible, generates a\ncrytographically secure salt for you using Go&apos;s <code>crypto/rand</code> package, and\nreturns the derived key with the parameters prepended:</p>\n<pre><span class=\"hljs-keyword\">package</span> main\n\n<span class=\"hljs-keyword\">import</span>(\n <span class=\"hljs-string\">&quot;fmt&quot;</span>\n <span class=\"hljs-string\">&quot;log&quot;</span>\n\n <span class=\"hljs-string\">&quot;github.com/elithrar/simple-scrypt&quot;</span>\n)\n\n<span class=\"hljs-function\"><span class=\"hljs-keyword\">func</span> <span class=\"hljs-title\">main</span><span class=\"hljs-params\">()</span></span> {\n <span class=\"hljs-comment\">// e.g. r.PostFormValue(&quot;password&quot;)</span>\n passwordFromForm := <span class=\"hljs-string\">&quot;prew8fid9hick6c&quot;</span>\n\n <span class=\"hljs-comment\">// Generates a derived key of the form &quot;N$r$p$salt$dk&quot; where N, r and p are defined as per</span>\n <span class=\"hljs-comment\">// Colin Percival&apos;s scrypt paper: http://www.tarsnap.com/scrypt/scrypt.pdf</span>\n <span class=\"hljs-comment\">// scrypt.Defaults (N=16384, r=8, p=1) makes it easy to provide these parameters, and</span>\n <span class=\"hljs-comment\">// (should you wish) provide your own values via the scrypt.Params type.</span>\n hash, err := scrypt.GenerateFromPassword([]<span class=\"hljs-keyword\">byte</span>(passwordFromForm), scrypt.DefaultParams)\n <span class=\"hljs-keyword\">if</span> err != <span class=\"hljs-literal\">nil</span> {\n log.Fatal(err)\n }\n\n <span class=\"hljs-comment\">// Print the derived key with its parameters prepended.</span>\n fmt.Printf(<span class=\"hljs-string\">&quot;%s\\n&quot;</span>, hash)\n\n <span class=\"hljs-comment\">// Uses the parameters from the existing derived key. Return an error if they don&apos;t match.</span>\n err := scrypt.CompareHashAndPassword(hash, []<span class=\"hljs-keyword\">byte</span>(passwordFromForm))\n <span class=\"hljs-keyword\">if</span> err != <span class=\"hljs-literal\">nil</span> {\n log.Fatal(err)\n }\n}</pre><h2>Upgrading Parameters</h2>\n<p>Upgrading derived keys from a set of parameters to a &quot;stronger&quot; set of parameters\nas hardware improves, or as you scale (and move your auth process to separate\nhardware), can be pretty useful. Here&apos;s how to do it with simple-scrypt:</p>\n<pre><span class=\"hljs-function\"><span class=\"hljs-keyword\">func</span> <span class=\"hljs-title\">main</span><span class=\"hljs-params\">()</span></span> {\n <span class=\"hljs-comment\">// SCENE: We&ap
},
{
"component": "footer",
"links": [
{
"href": "https://github.com/elithrar/simple-scrypt",
"text": "GitHub"
},
{
"href": "https://github.com/elithrar",
"text": "elithrar"
}
]
}
]
}