scrypt inputs to consts, and fmt
This commit is contained in:
Daniel Krol
parent
f5650e8d96
commit
165bcf1964
2 changed files with 25 additions and 17 deletions
18
auth/auth.go
18
auth/auth.go
|
|
@ -81,13 +81,21 @@ func (at *AuthToken) ScopeValid(required AuthScope) bool {
|
|||
const ServerSaltLength = 16
|
||||
const ClientSaltSeedLength = 32
|
||||
|
||||
const passwordScryptN = 1 << 15
|
||||
const passwordScryptR = 8
|
||||
const passwordScryptP = 1
|
||||
const passwordScryptKeyLen = 32
|
||||
|
||||
// https://words.filippo.io/the-scrypt-parameters/
|
||||
func passwordScrypt(p Password, saltBytes []byte) ([]byte, error) {
|
||||
scryptN := 32768
|
||||
scryptR := 8
|
||||
scryptP := 1
|
||||
keyLen := 32
|
||||
return scrypt.Key([]byte(p), saltBytes, scryptN, scryptR, scryptP, keyLen)
|
||||
return scrypt.Key(
|
||||
[]byte(p),
|
||||
saltBytes,
|
||||
passwordScryptN,
|
||||
passwordScryptR,
|
||||
passwordScryptP,
|
||||
passwordScryptKeyLen,
|
||||
)
|
||||
}
|
||||
|
||||
// Given a password (in the same format submitted via request), generate a
|
||||
|
|
|
|||
24
env/env_test.go
vendored
24
env/env_test.go
vendored
|
|
@ -118,18 +118,18 @@ func TestMailgunConfigs(t *testing.T) {
|
|||
tt := []struct {
|
||||
name string
|
||||
|
||||
domain string
|
||||
domain string
|
||||
privateAPIKey string
|
||||
mode AccountVerificationMode
|
||||
mode AccountVerificationMode
|
||||
|
||||
expectErr bool
|
||||
}{
|
||||
{
|
||||
name: "success",
|
||||
mode: AccountVerificationModeEmailVerify,
|
||||
domain: "www.example.com",
|
||||
name: "success",
|
||||
mode: AccountVerificationModeEmailVerify,
|
||||
domain: "www.example.com",
|
||||
privateAPIKey: "my-private-api-key",
|
||||
expectErr: false,
|
||||
expectErr: false,
|
||||
},
|
||||
{
|
||||
name: "wrong mode with domain",
|
||||
|
|
@ -138,16 +138,16 @@ func TestMailgunConfigs(t *testing.T) {
|
|||
expectErr: true,
|
||||
},
|
||||
{
|
||||
name: "wrong mode with private api key",
|
||||
mode: AccountVerificationModeWhitelist,
|
||||
name: "wrong mode with private api key",
|
||||
mode: AccountVerificationModeWhitelist,
|
||||
privateAPIKey: "my-private-api-key",
|
||||
expectErr: true,
|
||||
expectErr: true,
|
||||
},
|
||||
{
|
||||
name: "missing domain",
|
||||
mode: AccountVerificationModeEmailVerify,
|
||||
name: "missing domain",
|
||||
mode: AccountVerificationModeEmailVerify,
|
||||
privateAPIKey: "my-private-api-key",
|
||||
expectErr: true,
|
||||
expectErr: true,
|
||||
},
|
||||
{
|
||||
name: "missing private api key",
|
||||
|
|
|
|||
Loading…
Reference in a new issue