diff options
author | Daniel Baumann <daniel@debian.org> | 2024-10-18 20:33:49 +0200 |
---|---|---|
committer | Daniel Baumann <daniel@debian.org> | 2024-12-12 23:57:56 +0100 |
commit | e68b9d00a6e05b3a941f63ffb696f91e554ac5ec (patch) | |
tree | 97775d6c13b0f416af55314eb6a89ef792474615 /modules/auth/password/hash/bcrypt.go | |
parent | Initial commit. (diff) | |
download | forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.tar.xz forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.zip |
Adding upstream version 9.0.3.
Signed-off-by: Daniel Baumann <daniel@debian.org>
Diffstat (limited to 'modules/auth/password/hash/bcrypt.go')
-rw-r--r-- | modules/auth/password/hash/bcrypt.go | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/modules/auth/password/hash/bcrypt.go b/modules/auth/password/hash/bcrypt.go new file mode 100644 index 0000000..4607c16 --- /dev/null +++ b/modules/auth/password/hash/bcrypt.go @@ -0,0 +1,54 @@ +// Copyright 2023 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package hash + +import ( + "golang.org/x/crypto/bcrypt" +) + +func init() { + MustRegister("bcrypt", NewBcryptHasher) +} + +// BcryptHasher implements PasswordHasher +// and uses the bcrypt password hash function. +type BcryptHasher struct { + cost int +} + +// HashWithSaltBytes a provided password and salt +func (hasher *BcryptHasher) HashWithSaltBytes(password string, salt []byte) string { + if hasher == nil { + return "" + } + hashedPassword, _ := bcrypt.GenerateFromPassword([]byte(password), hasher.cost) + return string(hashedPassword) +} + +func (hasher *BcryptHasher) VerifyPassword(password, hashedPassword, salt string) bool { + return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password)) == nil +} + +// NewBcryptHasher is a factory method to create an BcryptHasher +// The provided config should be either empty or the string representation of the "<cost>" +// as an integer +func NewBcryptHasher(config string) *BcryptHasher { + // This matches the original configuration for `bcrypt` prior to storing hash parameters + // in the database. + // THESE VALUES MUST NOT BE CHANGED OR BACKWARDS COMPATIBILITY WILL BREAK + hasher := &BcryptHasher{ + cost: 10, // cost=10. i.e. 2^10 rounds of key expansion. + } + + if config == "" { + return hasher + } + var err error + hasher.cost, err = parseIntParam(config, "cost", "bcrypt", config, nil) + if err != nil { + return nil + } + + return hasher +} |