From e68b9d00a6e05b3a941f63ffb696f91e554ac5ec Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 18 Oct 2024 20:33:49 +0200 Subject: Adding upstream version 9.0.3. Signed-off-by: Daniel Baumann --- modules/auth/password/hash/argon2.go | 80 ++++++++++++ modules/auth/password/hash/bcrypt.go | 54 ++++++++ modules/auth/password/hash/common.go | 28 +++++ modules/auth/password/hash/dummy.go | 33 +++++ modules/auth/password/hash/dummy_test.go | 26 ++++ modules/auth/password/hash/hash.go | 189 ++++++++++++++++++++++++++++ modules/auth/password/hash/hash_test.go | 191 +++++++++++++++++++++++++++++ modules/auth/password/hash/pbkdf2.go | 67 ++++++++++ modules/auth/password/hash/scrypt.go | 67 ++++++++++ modules/auth/password/hash/setting.go | 76 ++++++++++++ modules/auth/password/hash/setting_test.go | 38 ++++++ modules/auth/password/password.go | 136 ++++++++++++++++++++ modules/auth/password/password_test.go | 77 ++++++++++++ modules/auth/password/pwn.go | 52 ++++++++ modules/auth/password/pwn/pwn.go | 118 ++++++++++++++++++ modules/auth/password/pwn/pwn_test.go | 51 ++++++++ 16 files changed, 1283 insertions(+) create mode 100644 modules/auth/password/hash/argon2.go create mode 100644 modules/auth/password/hash/bcrypt.go create mode 100644 modules/auth/password/hash/common.go create mode 100644 modules/auth/password/hash/dummy.go create mode 100644 modules/auth/password/hash/dummy_test.go create mode 100644 modules/auth/password/hash/hash.go create mode 100644 modules/auth/password/hash/hash_test.go create mode 100644 modules/auth/password/hash/pbkdf2.go create mode 100644 modules/auth/password/hash/scrypt.go create mode 100644 modules/auth/password/hash/setting.go create mode 100644 modules/auth/password/hash/setting_test.go create mode 100644 modules/auth/password/password.go create mode 100644 modules/auth/password/password_test.go create mode 100644 modules/auth/password/pwn.go create mode 100644 modules/auth/password/pwn/pwn.go create mode 100644 modules/auth/password/pwn/pwn_test.go (limited to 'modules/auth/password') diff --git a/modules/auth/password/hash/argon2.go b/modules/auth/password/hash/argon2.go new file mode 100644 index 0000000..0cd6472 --- /dev/null +++ b/modules/auth/password/hash/argon2.go @@ -0,0 +1,80 @@ +// Copyright 2023 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package hash + +import ( + "encoding/hex" + "strings" + + "code.gitea.io/gitea/modules/log" + + "golang.org/x/crypto/argon2" +) + +func init() { + MustRegister("argon2", NewArgon2Hasher) +} + +// Argon2Hasher implements PasswordHasher +// and uses the Argon2 key derivation function, hybrant variant +type Argon2Hasher struct { + time uint32 + memory uint32 + threads uint8 + keyLen uint32 +} + +// HashWithSaltBytes a provided password and salt +func (hasher *Argon2Hasher) HashWithSaltBytes(password string, salt []byte) string { + if hasher == nil { + return "" + } + return hex.EncodeToString(argon2.IDKey([]byte(password), salt, hasher.time, hasher.memory, hasher.threads, hasher.keyLen)) +} + +// NewArgon2Hasher is a factory method to create an Argon2Hasher +// The provided config should be either empty or of the form: +// "