diff options
author | Alex Auvolat <alex@adnab.me> | 2020-02-09 17:45:22 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2020-02-09 17:45:22 +0100 |
commit | 27a411fe69cd3d8f669acb76b56d2390efc86deb (patch) | |
tree | 2a4e608f91036271412cd6f154e043f4587f497e /ssha.go | |
parent | 6297981c3bf01f94566ad76dc25b3b76c9c32029 (diff) | |
download | guichet-27a411fe69cd3d8f669acb76b56d2390efc86deb.tar.gz guichet-27a411fe69cd3d8f669acb76b56d2390efc86deb.zip |
Password change
Diffstat (limited to 'ssha.go')
-rw-r--r-- | ssha.go | 37 |
1 files changed, 37 insertions, 0 deletions
@@ -0,0 +1,37 @@ +package main + +import ( + "crypto/rand" + "crypto/sha1" + "encoding/base64" + "fmt" + + log "github.com/sirupsen/logrus" +) + +// Encode encodes the []byte of raw password +func SSHAEncode(rawPassPhrase []byte) string { + hash := makeSSHAHash(rawPassPhrase, makeSalt()) + b64 := base64.StdEncoding.EncodeToString(hash) + return fmt.Sprintf("{ssha}%s", b64) +} + +// makeSalt make a 32 byte array containing random bytes. +func makeSalt() []byte { + sbytes := make([]byte, 32) + _, err := rand.Read(sbytes) + if err != nil { + log.Panicf("Could not read random bytes: %s", err) + } + return sbytes +} + +// makeSSHAHash make hasing using SHA-1 with salt. This is not the final output though. You need to append {SSHA} string with base64 of this hash. +func makeSSHAHash(passphrase, salt []byte) []byte { + sha := sha1.New() + sha.Write(passphrase) + sha.Write(salt) + + h := sha.Sum(nil) + return append(h, salt...) +} |