passwords

author: raven <citrons@mondecitronne.com> 2025-10-22 16:28:22 -0500
committer: raven <citrons@mondecitronne.com> 2026-02-09 13:13:55 -0600
commit: ff0f6ba724748dbe340187fdd831a4d4f7f0ae5e (patch)
tree: ab27a0c9f40d803c2bf130ef7c82cdf6540e9018 /server/passwords
parent: 4b54a1d11fd0fa355b244637612a3fd0af18c60c (diff)
1 files changed, 38 insertions, 0 deletions
diff --git a/server/passwords/passwords.go b/server/passwords/passwords.go
new file mode 100644
index 0000000..0524f24
--- /dev/null
+++ b/server/passwords/passwords.go
@@ -0,0 +1,38 @@
+package passwords
+
+import (
+	"golang.org/x/crypto/argon2"
+	"crypto/subtle"
+	"crypto/rand"
+	"bytes"
+	"log"
+)
+
+const version = 0
+
+func doHash(ver int, password string, salt []byte) []byte {
+	return argon2.IDKey([]byte(password), salt, 1, 64*1024, 4, 32)
+}
+
+func Hash(password string) []byte {
+	var buf bytes.Buffer
+	buf.WriteByte(version)
+
+	salt := make([]byte, 32)
+	_, err := rand.Read(salt)
+	if err != nil {
+		log.Fatal("error generating password hash:", err)
+	}
+	buf.Write(doHash(version, password, salt))
+	buf.Write(salt)
+
+	return buf.Bytes()
+}
+
+func Check(password string, hash []byte) bool {
+	ver := int(hash[0])
+	hashData := hash[1:33]
+	salt := hash[33:]
+	check := doHash(ver, password, salt)
+	return subtle.ConstantTimeCompare(hashData, check) == 1
+}
author	raven <citrons@mondecitronne.com>	2025-10-22 16:28:22 -0500
committer	raven <citrons@mondecitronne.com>	2026-02-09 13:13:55 -0600
commit	ff0f6ba724748dbe340187fdd831a4d4f7f0ae5e (patch)
tree	ab27a0c9f40d803c2bf130ef7c82cdf6540e9018 /server/passwords
parent	4b54a1d11fd0fa355b244637612a3fd0af18c60c (diff)