本文整理汇总了Golang中golang.org/x/crypto/scrypt.Key函数的典型用法代码示例。如果您正苦于以下问题:Golang Key函数的具体用法?Golang Key怎么用?Golang Key使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了Key函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: verifyAdminPwd
func (d *Daemon) verifyAdminPwd(password string) bool {
value, err := dbPasswordGet(d.db)
if err != nil {
shared.Debugf("verifyAdminPwd: %s", err)
return false
}
buff, err := hex.DecodeString(value)
if err != nil {
shared.Debugf("hex decode failed")
return false
}
salt := buff[0:PW_SALT_BYTES]
hash, err := scrypt.Key([]byte(password), salt, 1<<14, 8, 1, PW_HASH_BYTES)
if err != nil {
shared.Debugf("failed to create hash to check")
return false
}
if !bytes.Equal(hash, buff[PW_SALT_BYTES:]) {
shared.Debugf("Bad password received")
return false
}
shared.Debugf("Verified the admin password")
return true
}
开发者ID:joker042,项目名称:lxd,代码行数:27,代码来源:certificates.go
示例2: Run
// Run starts the engine.
func (e *PaperKeyGen) Run(ctx *Context) error {
// make the passphrase stream
key, err := scrypt.Key(e.arg.Passphrase.Bytes(), nil,
libkb.PaperKeyScryptCost, libkb.PaperKeyScryptR, libkb.PaperKeyScryptP, libkb.PaperKeyScryptKeylen)
if err != nil {
return err
}
ppStream := libkb.NewPassphraseStream(key)
// make keys for the paper device
if err := e.makeSigKey(ppStream.EdDSASeed()); err != nil {
return err
}
if err := e.makeEncKey(ppStream.DHSeed()); err != nil {
return err
}
// push everything to the server
if err := e.push(ctx); err != nil {
return err
}
// no need to notify if key wasn't pushed to server
// (e.g. in the case of using this engine to verify a key)
if e.arg.SkipPush {
return nil
}
e.G().NotifyRouter.HandleKeyfamilyChanged(e.arg.Me.GetUID())
// Remove this after kbfs notification change complete
e.G().NotifyRouter.HandleUserChanged(e.arg.Me.GetUID())
return nil
}
开发者ID:qbit,项目名称:client,代码行数:35,代码来源:paperkey_gen.go
示例3: PasswordSet
// PasswordSet sets the password to the new value.
func (d *Daemon) PasswordSet(password string) error {
shared.Log.Info("Setting new https password")
var value = password
if password != "" {
buf := make([]byte, pwSaltBytes)
_, err := io.ReadFull(rand.Reader, buf)
if err != nil {
return err
}
hash, err := scrypt.Key([]byte(password), buf, 1<<14, 8, 1, pwHashBytes)
if err != nil {
return err
}
buf = append(buf, hash...)
value = hex.EncodeToString(buf)
}
err := d.ConfigValueSet("core.trust_password", value)
if err != nil {
return err
}
return nil
}
开发者ID:mickydelfavero,项目名称:lxd,代码行数:27,代码来源:daemon.go
示例4: Decrypt
// Decrypt decrypts an encrypted message and returns it (plaintext).
// If you have enabled compression, it wil detect it and decompress
// the msg after decrypting it.
func (c SaltSecret) Decrypt(msg []byte) ([]byte, error) {
if len(msg) < nonceSize+secretbox.Overhead {
return nil, errors.New("encrypted message length too short")
}
nonce := new([nonceSize]byte)
copy(nonce[:], msg[:nonceSize])
key, err := scrypt.Key(c.key, nonce[:], 2<<c.NPow, 8, 1, keySize)
if err != nil {
return nil, err
}
naclKey := new([keySize]byte)
copy(naclKey[:], key)
out, ok := secretbox.Open(nil, msg[nonceSize:], nonce, naclKey)
if !ok {
return nil, errors.New("could not decrypt message")
}
if nonce[23]&compressBit == compressBit {
r, err := zlib.NewReader(bytes.NewReader(out))
if err != nil {
return nil, err
}
r.Close()
out, err = ioutil.ReadAll(r)
if err != nil {
return nil, err
}
}
return out, nil
}
开发者ID:andmarios,项目名称:crypto,代码行数:36,代码来源:saltsecret.go
示例5: setTrustPassword
func setTrustPassword(d *Daemon, password string) error {
shared.Debugf("setting new password")
var value = password
if password != "" {
buf := make([]byte, PW_SALT_BYTES)
_, err := io.ReadFull(rand.Reader, buf)
if err != nil {
return err
}
hash, err := scrypt.Key([]byte(password), buf, 1<<14, 8, 1, PW_HASH_BYTES)
if err != nil {
return err
}
buf = append(buf, hash...)
value = hex.EncodeToString(buf)
}
err := setServerConfig(d, "core.trust_password", value)
if err != nil {
return err
}
return nil
}
开发者ID:kostyll,项目名称:lxd,代码行数:26,代码来源:serverconfig.go
示例6: DecryptKey
func DecryptKey(ks keyStorePassphrase, keyAddr []byte, auth string) (keyBytes []byte, keyId []byte, err error) {
fileContent, err := GetKeyFile(ks.keysDirPath, keyAddr)
if err != nil {
return nil, nil, err
}
keyProtected := new(encryptedKeyJSON)
err = json.Unmarshal(fileContent, keyProtected)
keyId = keyProtected.Id
salt := keyProtected.Crypto.Salt
iv := keyProtected.Crypto.IV
cipherText := keyProtected.Crypto.CipherText
authArray := []byte(auth)
derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen)
if err != nil {
return nil, nil, err
}
plainText, err := aesCBCDecrypt(derivedKey, cipherText, iv)
if err != nil {
return nil, nil, err
}
keyBytes = plainText[:len(plainText)-32]
keyBytesHash := plainText[len(plainText)-32:]
if !bytes.Equal(Sha3(keyBytes), keyBytesHash) {
err = errors.New("Decryption failed: checksum mismatch")
return nil, nil, err
}
return keyBytes, keyId, err
}
开发者ID:CedarLogic,项目名称:go-ethereum,代码行数:31,代码来源:key_store_passphrase.go
示例7: EncodePassword
func EncodePassword(rawPwd string, salt string) string {
pwd, err := scrypt.Key([]byte(rawPwd), []byte(salt), 16384, 8, 1, 64)
if err != nil {
log.Println("EncodePassword error: %s", err)
}
return hex.EncodeToString(pwd)
}
开发者ID:codeshredder,项目名称:infoboard,代码行数:7,代码来源:security.go
示例8: CalculatePassword
// Calculate the password based on a key derived from the master password and the account name
// The key derivation is implemented by the popular "scrypt" algorithm.
func CalculatePassword(accountName string, masterPassword string, salt string) string {
derivedKey, err := scrypt.Key([]byte(masterPassword), []byte(salt+accountName), 16384, 8, 1, 128)
if err != nil {
panic(err)
}
return ComputeHmac256(accountName, string(derivedKey))[:32]
}
开发者ID:jaredmichaelsmith,项目名称:onepass,代码行数:9,代码来源:onepass.go
示例9: GenerateFromPassword
/**
* Creates an encoded sequence of bytes containing all of the parameters passed to
* scrypt and the hash itself. Presented with a very similar interface to that of
* golang.org/x/crypto/bcrypt.
*/
func GenerateFromPassword(password []byte, parameters HashConfiguration) ([]byte, error) {
// Do an extra check on the input to make sure it meets our standards.
paramErr := verifyParameterValidity(parameters)
if paramErr != nil {
return nil, paramErr
}
// Pull some random bytes to use as a salt and make sure we got as much as expected.
salt := make([]byte, parameters.SaltLen)
bytesRead, randSrcErr := rand.Read(salt)
if HashParameter(bytesRead) != parameters.SaltLen {
return nil, ErrInsufficientRandomData
}
if randSrcErr != nil {
return nil, randSrcErr
}
// Invoke the scrypt library and augment the hashed value with the hash parameters.
hashedValue, hashErr := scrypt.Key(
password,
salt,
int(parameters.N),
int(parameters.R),
int(parameters.P),
int(parameters.KeyLen))
if hashErr != nil {
return nil, hashErr
}
return encodeParameters(hashedValue, salt, parameters), nil
}
开发者ID:StratumSecurity,项目名称:scryptauth,代码行数:33,代码来源:auth.go
示例10: encryptToken
func encryptToken(key []byte, j *JobToken) ([]byte, error) {
jsonData := j.JSON()
ciphertext := make([]byte, aes.BlockSize+len(jsonData))
iv := ciphertext[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
sKey, serr := scrypt.Key(key, iv, scrypt_n, scrypt_r, scrypt_p, scrypt_keyLen)
if serr != nil {
return nil, serr
}
block, berr := aes.NewCipher(sKey)
if berr != nil {
return nil, berr
}
cfb := cipher.NewCFBEncrypter(block, iv)
cfb.XORKeyStream(ciphertext[aes.BlockSize:], jsonData)
return ciphertext, nil
}
开发者ID:milescrabill,项目名称:reaper,代码行数:26,代码来源:token.go
示例11: decryptToken
func decryptToken(key, ciphertext []byte) ([]byte, error) {
// The IV needs to be unique, but not secure. Therefore it's common to
// include it at the beginning of the ciphertext.
if len(ciphertext) < aes.BlockSize {
return nil, errors.New("ciphertext too short")
}
iv := ciphertext[:aes.BlockSize]
ciphertext = ciphertext[aes.BlockSize:]
sKey, serr := scrypt.Key(key, iv, scrypt_n, scrypt_r, scrypt_p, scrypt_keyLen)
if serr != nil {
return nil, serr
}
block, err := aes.NewCipher(sKey)
if err != nil {
return nil, err
}
stream := cipher.NewCFBDecrypter(block, iv)
// XORKeyStream can work in-place if the two arguments are the same.
stream.XORKeyStream(ciphertext, ciphertext)
return ciphertext, nil
}
开发者ID:milescrabill,项目名称:reaper,代码行数:28,代码来源:token.go
示例12: handleLoginPass
func handleLoginPass(world World, c net.Conn, playerName string) {
playerName = strings.ToLower(playerName)
c.Write([]byte("Please enter your password.\r\n"))
pass, err := getBytesSecure(c)
defer func() {
for i := range pass {
pass[i] = 0
}
}()
if err != nil {
return
}
player, exists := world.players.GetByName(playerName)
if !exists {
return // we just validated the player exists, so this shouldn't happen
}
hashedPass, err := scrypt.Key([]byte(pass), player.passthesalt, 16384, 8, 1, 32)
if err != nil {
fmt.Printf("Error creating hashed pass: %v\n", err)
c.Close()
return
}
if !bytes.Equal(hashedPass, player.pass) {
c.Write([]byte("Invalid password.\r\n"))
c.Close()
return
}
world.players.ChangeById(player.Id(), func(p *Player) {
p.connection = c
})
go handlePlayer(world, player.Id())
}
开发者ID:robert-butts,项目名称:gomud,代码行数:34,代码来源:listener.go
示例13: CreateUser
// CreateUser creates a new user record
func CreateUser(ctx context.Context, email, password string) error {
if email == "" {
return fmt.Errorf("invalid email")
}
if password == "" {
return fmt.Errorf("invalid password")
}
key := datastore.NewKey(ctx, "User", email, 0, nil)
var user User
err := datastore.Get(ctx, key, &user)
if err == nil {
return fmt.Errorf("user already exists")
}
salt := make([]byte, 16)
rand.Read(salt)
hash, err := scrypt.Key([]byte(password), salt, scryptN, scryptR, scryptP, scryptKeyLen)
if err != nil {
return err
}
user = User{
Email: email,
PasswordSalt: salt,
PasswordHash: hash,
}
_, err = datastore.Put(ctx, key, &user)
return err
}
开发者ID:SiroDiaz,项目名称:csuf,代码行数:31,代码来源:users.go
示例14: DeriveKey
// DeriveKey returns a new key from a supplied password.
func (s *ScryptKDF) DeriveKey(pw string) []byte {
k, err := scrypt.Key([]byte(pw), s.Salt, s.N, s.R, s.P, s.KeyLen)
if err != nil {
log.Panicf("DeriveKey failed: %v", err)
}
return k
}
开发者ID:rfjakob,项目名称:gocryptfs,代码行数:8,代码来源:kdf.go
示例15: Compare
// Compare compares a plaintext password to a hashed password.
// password is a plaintext password.
// hpass is hashed password string in $s0$ format.
// returns true if passwords match, false otherwise.
func Compare(password, hpass string) bool {
seg := strings.Split(hpass, "$")
if len(seg) != 5 || seg[1] != "s0" {
return false
}
values, _ := strconv.ParseInt(seg[2], 10, 64)
salt, _ := base64.RawStdEncoding.DecodeString(seg[3])
hashed1, _ := base64.RawStdEncoding.DecodeString(seg[4])
N := int(math.Pow(2, float64(values>>16&0xffff)))
r := int(values) >> 8 & 0xff
p := int(values) & 0xff
hashed2, _ := scrypt.Key([]byte(password), salt, N, r, p, KeyLen)
len1 := len(hashed1)
if len1 != len(hashed2) {
return false
}
var comp int
for i := 0; i < len1; i++ {
comp |= int(hashed1[i] ^ hashed2[i])
}
return comp == 0
}
开发者ID:codehack,项目名称:scrypto,代码行数:32,代码来源:scrypto.go
示例16: CompareHashAndPassword
/**
* Hash the provided password with the already hashed password using the same parameters
* used to hash the latter. A constant time comparison between the encoded result of the
* hash operation and existing hashed value tells us if the passwords match.
*/
func CompareHashAndPassword(hashedPassword, password []byte) error {
// Extract the parameters and salt encoded in the hashed value.
parameters, salt, decodeErr := decodeParameters(hashedPassword)
if decodeErr != nil {
return decodeErr
}
// Hash the input password with the same parameters used for the already hashed value.
hashedValue, hashErr := scrypt.Key(
password,
salt,
int(parameters.N),
int(parameters.R),
int(parameters.P),
int(parameters.KeyLen))
if hashErr != nil {
return hashErr
}
// Encode the newly hashed password the same way as the previously encoded one.
encoded := encodeParameters(hashedValue, salt, parameters)
// Use a constant time comparison from crypto/subtle to ensure the values match.
areEqual := subtle.ConstantTimeCompare(hashedPassword, encoded) == 1
if !areEqual {
return ErrMismatchedHashAndPassword
}
return nil
}
开发者ID:StratumSecurity,项目名称:scryptauth,代码行数:31,代码来源:auth.go
示例17: DeriveKeyWithSalt
func (s *Scrypt) DeriveKeyWithSalt(password, salt []byte, keyLen int) ([]byte, error) {
key, err := scrypt.Key(password, salt, s.N, s.R, s.P, keyLen)
if err != nil {
return nil, err
}
return key, nil
}
开发者ID:bndw,项目名称:pick,代码行数:7,代码来源:scrypt.go
示例18: Encrypt
//According to benchmarking, scrypt.Key takes 60ms for i7 processor.
//Use encrypt only when necessary
func Encrypt(password string, salt []byte) ([]byte, error) {
key, err := scrypt.Key([]byte(password), salt, 16384, 8, 1, passwordSize)
if err != nil {
return nil, err
}
return key, nil
}
开发者ID:heartsg,项目名称:dasea,代码行数:9,代码来源:password.go
示例19: DeriveKey
func (c *Cipher) DeriveKey(extra int) ([]byte, []byte, error) {
dkLen := DkLen + extra
if c.derivedKey == nil || len(c.derivedKey) < dkLen {
// XXX XXX XX XXX XX XX XX XXX
//
// NOW SEE THIS
//
// We're giving a very insecure and degraded value of N here
// at N=2; we typically run with N=2^15, but we want to make this
// fork of Triplesec intentionally weak so our tests run faster.
// So the second paramenter of scrypt.Key() is set to N=2
//
// XXX XXX XXX XXXX XXXX XXXXX
insecureNValue := 2
dk, err := scrypt.Key(c.passphrase, c.salt, insecureNValue, 8, 1, dkLen)
if err != nil {
return nil, nil, err
}
c.derivedKey = dk
}
return c.derivedKey[0:DkLen], c.derivedKey[DkLen:], nil
}
开发者ID:qbit,项目名称:client,代码行数:25,代码来源:triplesec.go
示例20: DeriveKey
func (s *scryptKdf) DeriveKey(pw string) []byte {
k, err := scrypt.Key([]byte(pw), s.Salt, s.N, s.R, s.P, s.KeyLen)
if err != nil {
panic(fmt.Sprintf("DeriveKey failed: %s", err.Error()))
}
return k
}
开发者ID:gh0std4ncer,项目名称:gocryptfs,代码行数:7,代码来源:kdf.go
注:本文中的golang.org/x/crypto/scrypt.Key函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论