2 GoCheese -- Python private package repository and caching proxy
3 Copyright (C) 2019-2020 Elena Balakhonova <balakhonova_e@riseup.net>
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, version 3 of the License.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
27 "golang.org/x/crypto/argon2"
30 type Argon2iAuthData struct {
39 func (ad Argon2iAuthData) Auth(password string) bool {
40 hashedPassword := argon2.Key(
46 uint32(len(ad.password)),
48 return bytes.Equal(hashedPassword, ad.password)
51 func parseArgon2i(params string) (Auther, error) {
52 var time, memory uint32
55 var saltAndPasswordUnitedB64 string
58 "v=%d$m=%d,t=%d,p=%d$%s",
63 &saltAndPasswordUnitedB64,
65 if n != 5 || err != nil {
66 return nil, fmt.Errorf("argon2i parameters %q have wrong format", params)
68 if version != argon2.Version {
69 return nil, errors.New("unsupported argon2i version")
71 saltAndPasswordSplittedB64 := strings.Split(saltAndPasswordUnitedB64, "$")
72 salt, err := base64.RawStdEncoding.DecodeString(saltAndPasswordSplittedB64[0])
74 return nil, errors.New("invalid salt format")
76 password, err := base64.RawStdEncoding.DecodeString(saltAndPasswordSplittedB64[1])
78 return nil, errors.New("invalid password format")
80 return Argon2iAuthData{