| LEFT | RIGHT |
|---|
| (no file at all) | |
| 1 package trivial |
| 2 |
| 3 import ( |
| 4 "crypto/rand" |
| 5 "crypto/sha512" |
| 6 "encoding/base64" |
| 7 "fmt" |
| 8 "io" |
| 9 "launchpad.net/juju-core/thirdparty/pbkdf2" |
| 10 ) |
| 11 |
| 12 var salt = []byte{0x75, 0x82, 0x81, 0xca} |
| 13 |
| 14 // RandomBytes returns n random bytes. |
| 15 func RandomBytes(n int) ([]byte, error) { |
| 16 buf := make([]byte, n) |
| 17 _, err := io.ReadFull(rand.Reader, buf) |
| 18 if err != nil { |
| 19 return nil, fmt.Errorf("cannot read random bytes: %v", err) |
| 20 } |
| 21 return buf, nil |
| 22 } |
| 23 |
| 24 // PasswordHash returns base64-encoded one-way hash of the provided salt |
| 25 // and password that is computationally hard to crack by iterating |
| 26 // through possible passwords. |
| 27 func PasswordHash(password string) string { |
| 28 // Generate 18 byte passwords because we know that MongoDB |
| 29 // uses the MD5 sum of the password anyway, so there's |
| 30 // no point in using more bytes. (18 so we don't get base 64 |
| 31 // padding characters). |
| 32 h := pbkdf2.Key([]byte(password), salt, 8192, 18, sha512.New) |
| 33 return base64.StdEncoding.EncodeToString(h) |
| 34 } |
| LEFT | RIGHT |
|---|
