basic common app packages

2025-06-16 22:19:00 +05:30
parent 8654f21b62
commit 0240ec154e
49 changed files with 5481 additions and 232 deletions
--- a/crypto/argon2.go
+++ b/crypto/argon2.go
@@ -0,0 +1,59 @@
+// Copyright 2024 Patial Tech (Ankit Patial).
+// All rights reserved.
+
+package crypto
+
+import (
+	"bytes"
+	"encoding/base64"
+
+	"golang.org/x/crypto/argon2"
+)
+
+const (
+	a2KeyMem = 19456 // 1024*19
+	a2KeyLen = 32
+)
+
+func argon2Hash(pwd, salt []byte) []byte {
+	// https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html
+	// m=19456 (19 MiB), t=2, p=1
+	return argon2.IDKey(pwd, salt, 2, a2KeyMem, 1, a2KeyLen)
+}
+
+// PasswordHash using Argon2id
+//
+// https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id
+func PasswordHash(pwd string) (hash, salt string, err error) {
+	var sl []byte
+	sl, err = RandomBytes(a2KeyLen)
+	if err != nil {
+		return
+	}
+
+	// Generate hash
+	h := argon2Hash([]byte(pwd), sl)
+	hash = base64.StdEncoding.EncodeToString(h)
+	salt = base64.StdEncoding.EncodeToString(sl)
+	return
+}
+
+func ComparePasswordHash(pwd, hash, salt string) (bool, error) {
+	var h, s []byte
+	var err error
+
+	if h, err = base64.StdEncoding.DecodeString(hash); err != nil {
+		return false, err
+	}
+
+	if s, err = base64.StdEncoding.DecodeString(salt); err != nil {
+		return false, err
+	}
+
+	// Generate hash for comparison.
+	ph := argon2Hash([]byte(pwd), s)
+
+	// Compare the generated hash with the stored hash.
+	// If they don't match return error.
+	return bytes.Equal(h, ph), nil
+}