osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
ウォッチ 15
スター 7
Wiki 捐赠
本站源代码
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
ブランチ: gamification
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'gamification' から
${ noResults }
com/vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go

121 行
4.0KB
Raw パーマリンク Blame 履歴 

  1. // Copyright (C) 2018 G.J.R. Timmer <gjr.timmer@gmail.com>.

  2. //

  3. // Use of this source code is governed by an MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package sqlite3

  7. 

  8. import (

  9. 	"crypto/sha1"

  10. 	"crypto/sha256"

  11. 	"crypto/sha512"

  12. )

  13. 

  14. // This file provides several different implementations for the

  15. // default embedded sqlite_crypt function.

  16. // This function is uses a caesar-cypher by default

  17. // and is used within the UserAuthentication module to encode

  18. // the password.

  19. //

  20. // The provided functions can be used as an overload to the sqlite_crypt

  21. // function through the use of the RegisterFunc on the connection.

  22. //

  23. // Because the functions can serv a purpose to an end-user

  24. // without using the UserAuthentication module

  25. // the functions are default compiled in.

  26. //

  27. // From SQLITE3 - user-auth.txt

  28. // The sqlite_user.pw field is encoded by a built-in SQL function

  29. // "sqlite_crypt(X,Y)".  The two arguments are both BLOBs.  The first argument

  30. // is the plaintext password supplied to the sqlite3_user_authenticate()

  31. // interface.  The second argument is the sqlite_user.pw value and is supplied

  32. // so that the function can extract the "salt" used by the password encoder.

  33. // The result of sqlite_crypt(X,Y) is another blob which is the value that

  34. // ends up being stored in sqlite_user.pw.  To verify credentials X supplied

  35. // by the sqlite3_user_authenticate() routine, SQLite runs:

  36. //

  37. //     sqlite_user.pw == sqlite_crypt(X, sqlite_user.pw)

  38. //

  39. // To compute an appropriate sqlite_user.pw value from a new or modified

  40. // password X, sqlite_crypt(X,NULL) is run.  A new random salt is selected

  41. // when the second argument is NULL.

  42. //

  43. // The built-in version of of sqlite_crypt() uses a simple Caesar-cypher

  44. // which prevents passwords from being revealed by searching the raw database

  45. // for ASCII text, but is otherwise trivally broken.  For better password

  46. // security, the database should be encrypted using the SQLite Encryption

  47. // Extension or similar technology.  Or, the application can use the

  48. // sqlite3_create_function() interface to provide an alternative

  49. // implementation of sqlite_crypt() that computes a stronger password hash,

  50. // perhaps using a cryptographic hash function like SHA1.

  51. 

  52. // CryptEncoderSHA1 encodes a password with SHA1

  53. func CryptEncoderSHA1(pass []byte, hash interface{}) []byte {

  54. 	h := sha1.Sum(pass)

  55. 	return h[:]

  56. }

  57. 

  58. // CryptEncoderSSHA1 encodes a password with SHA1 with the

  59. // configured salt.

  60. func CryptEncoderSSHA1(salt string) func(pass []byte, hash interface{}) []byte {

  61. 	return func(pass []byte, hash interface{}) []byte {

  62. 		s := []byte(salt)

  63. 		p := append(pass, s...)

  64. 		h := sha1.Sum(p)

  65. 		return h[:]

  66. 	}

  67. }

  68. 

  69. // CryptEncoderSHA256 encodes a password with SHA256

  70. func CryptEncoderSHA256(pass []byte, hash interface{}) []byte {

  71. 	h := sha256.Sum256(pass)

  72. 	return h[:]

  73. }

  74. 

  75. // CryptEncoderSSHA256 encodes a password with SHA256

  76. // with the configured salt

  77. func CryptEncoderSSHA256(salt string) func(pass []byte, hash interface{}) []byte {

  78. 	return func(pass []byte, hash interface{}) []byte {

  79. 		s := []byte(salt)

  80. 		p := append(pass, s...)

  81. 		h := sha256.Sum256(p)

  82. 		return h[:]

  83. 	}

  84. }

  85. 

  86. // CryptEncoderSHA384 encodes a password with SHA384

  87. func CryptEncoderSHA384(pass []byte, hash interface{}) []byte {

  88. 	h := sha512.Sum384(pass)

  89. 	return h[:]

  90. }

  91. 

  92. // CryptEncoderSSHA384 encodes a password with SHA384

  93. // with the configured salt

  94. func CryptEncoderSSHA384(salt string) func(pass []byte, hash interface{}) []byte {

  95. 	return func(pass []byte, hash interface{}) []byte {

  96. 		s := []byte(salt)

  97. 		p := append(pass, s...)

  98. 		h := sha512.Sum384(p)

  99. 		return h[:]

  100. 	}

  101. }

  102. 

  103. // CryptEncoderSHA512 encodes a password with SHA512

  104. func CryptEncoderSHA512(pass []byte, hash interface{}) []byte {

  105. 	h := sha512.Sum512(pass)

  106. 	return h[:]

  107. }

  108. 

  109. // CryptEncoderSSHA512 encodes a password with SHA512

  110. // with the configured salt

  111. func CryptEncoderSSHA512(salt string) func(pass []byte, hash interface{}) []byte {

  112. 	return func(pass []byte, hash interface{}) []byte {

  113. 		s := []byte(salt)

  114. 		p := append(pass, s...)

  115. 		h := sha512.Sum512(p)

  116. 		return h[:]

  117. 	}

  118. }

  119. 

  120. // EOF
上海开阖软件有限公司 沪ICP备12045867号-1