aboutsummaryrefslogtreecommitdiff
path: root/ssha.go
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-02-09 17:45:22 +0100
committerAlex Auvolat <alex@adnab.me>2020-02-09 17:45:22 +0100
commit27a411fe69cd3d8f669acb76b56d2390efc86deb (patch)
tree2a4e608f91036271412cd6f154e043f4587f497e /ssha.go
parent6297981c3bf01f94566ad76dc25b3b76c9c32029 (diff)
downloadguichet-27a411fe69cd3d8f669acb76b56d2390efc86deb.tar.gz
guichet-27a411fe69cd3d8f669acb76b56d2390efc86deb.zip
Password change
Diffstat (limited to 'ssha.go')
-rw-r--r--ssha.go37
1 files changed, 37 insertions, 0 deletions
diff --git a/ssha.go b/ssha.go
new file mode 100644
index 0000000..fb7f3d8
--- /dev/null
+++ b/ssha.go
@@ -0,0 +1,37 @@
+package main
+
+import (
+ "crypto/rand"
+ "crypto/sha1"
+ "encoding/base64"
+ "fmt"
+
+ log "github.com/sirupsen/logrus"
+)
+
+// Encode encodes the []byte of raw password
+func SSHAEncode(rawPassPhrase []byte) string {
+ hash := makeSSHAHash(rawPassPhrase, makeSalt())
+ b64 := base64.StdEncoding.EncodeToString(hash)
+ return fmt.Sprintf("{ssha}%s", b64)
+}
+
+// makeSalt make a 32 byte array containing random bytes.
+func makeSalt() []byte {
+ sbytes := make([]byte, 32)
+ _, err := rand.Read(sbytes)
+ if err != nil {
+ log.Panicf("Could not read random bytes: %s", err)
+ }
+ return sbytes
+}
+
+// makeSSHAHash make hasing using SHA-1 with salt. This is not the final output though. You need to append {SSHA} string with base64 of this hash.
+func makeSSHAHash(passphrase, salt []byte) []byte {
+ sha := sha1.New()
+ sha.Write(passphrase)
+ sha.Write(salt)
+
+ h := sha.Sum(nil)
+ return append(h, salt...)
+}