package argon2id import ( "crypto/rand" "crypto/subtle" "encoding/base64" "fmt" "strings" "forge.cadoles.com/arcad/edge/pkg/module/auth/http/passwd" "github.com/pkg/errors" "golang.org/x/crypto/argon2" ) const ( Algo passwd.Algo = "argon2id" ) func init() { passwd.Register(Algo, &Hasher{}) } var ( ErrInvalidHash = errors.New("invalid hash") ErrIncompatibleVersion = errors.New("incompatible version") ) type params struct { memory uint32 iterations uint32 parallelism uint8 saltLength uint32 keyLength uint32 } var defaultParams = params{ memory: 64 * 1024, iterations: 3, parallelism: 2, saltLength: 16, keyLength: 32, } type Hasher struct{} // Hash implements passwd.Hasher func (*Hasher) Hash(plaintext string) (string, error) { salt, err := generateRandomBytes(defaultParams.saltLength) if err != nil { return "", errors.WithStack(err) } hash := argon2.IDKey([]byte(plaintext), salt, defaultParams.iterations, defaultParams.memory, defaultParams.parallelism, defaultParams.keyLength) // Base64 encode the salt and hashed password. b64Salt := base64.RawStdEncoding.EncodeToString(salt) b64Hash := base64.RawStdEncoding.EncodeToString(hash) // Return a string using the standard encoded hash representation. encodedHash := fmt.Sprintf("$argon2id$v=%d$m=%d,t=%d,p=%d$%s$%s", argon2.Version, defaultParams.memory, defaultParams.iterations, defaultParams.parallelism, b64Salt, b64Hash) return encodedHash, nil } // Match implements passwd.Hasher. func (*Hasher) Match(plaintext string, hash string) (bool, error) { matches, err := comparePasswordAndHash(plaintext, hash) if err != nil { return false, errors.WithStack(err) } return matches, nil } var _ passwd.Hasher = &Hasher{} func generateRandomBytes(n uint32) ([]byte, error) { buf := make([]byte, n) if _, err := rand.Read(buf); err != nil { return nil, errors.WithStack(err) } return buf, nil } func comparePasswordAndHash(password, encodedHash string) (match bool, err error) { p, salt, hash, err := decodeHash(encodedHash) if err != nil { return false, errors.WithStack(err) } otherHash := argon2.IDKey([]byte(password), salt, p.iterations, p.memory, p.parallelism, p.keyLength) if subtle.ConstantTimeCompare(hash, otherHash) == 1 { return true, nil } return false, nil } func decodeHash(encodedHash string) (p *params, salt, hash []byte, err error) { vals := strings.Split(encodedHash, "$") if len(vals) != 6 { return nil, nil, nil, ErrInvalidHash } var version int _, err = fmt.Sscanf(vals[2], "v=%d", &version) if err != nil { return nil, nil, nil, err } if version != argon2.Version { return nil, nil, nil, ErrIncompatibleVersion } p = ¶ms{} _, err = fmt.Sscanf(vals[3], "m=%d,t=%d,p=%d", &p.memory, &p.iterations, &p.parallelism) if err != nil { return nil, nil, nil, err } salt, err = base64.RawStdEncoding.Strict().DecodeString(vals[4]) if err != nil { return nil, nil, nil, err } p.saltLength = uint32(len(salt)) hash, err = base64.RawStdEncoding.Strict().DecodeString(vals[5]) if err != nil { return nil, nil, nil, err } p.keyLength = uint32(len(hash)) return p, salt, hash, nil }