feat: salt length option

aldy505 · Jul 1, 2021 · 762d45d · 762d45d
1 parent e9e1127
commit 762d45d
Show file tree

Hide file tree

Showing 7 changed files with 33 additions and 11 deletions.
diff --git a/argon2/README.md b/argon2/README.md
@@ -23,8 +23,9 @@ All three modes allow specification by three parameters that control:
 | Time | `int` | 32768 | Number of iterations to perform |
 | Memory | `int` | 8 | Amount of memory (in kilobytes) to use |
 | Parallelism | `int` | 4 | Parallelism factor (threads to run in parallel). |
+| Variant | `Variant` | `argon2.ID` | Argon2 variant to be used (`argon2.ID` or `argon2.I`)|
 | KeyLen | `int` | 64 | How many bytes to generate as output. | 
-| Variant | `string` | id | Argon2 variant to be used (`id` or `i`)|
+| SaltLen | `int` | 16 | Salt length in bytes |
 
 ## Usage with PHC Crypto
 

diff --git a/argon2/argon2.go b/argon2/argon2.go
@@ -19,6 +19,7 @@ type Config struct {
 	Memory      int
 	Parallelism int
 	KeyLen      int
+	SaltLen     int
 	Variant     Variant
 }
 
@@ -33,8 +34,8 @@ const (
 )
 
 const (
-	// KEYLEN is the desired number of returned bytes
-	KEYLEN = 64
+	// KEY_LENGTH is the desired number of returned bytes
+	KEY_LENGTH = 64
 	// TIME is the number of iterations to perform
 	TIME = 16
 	// MEMORY is the a mount of memory (in kilobytes) to use
@@ -43,12 +44,14 @@ const (
 	PARALLELISM = 4
 	// DEFAULT_VARIANT combines the Argon2d and Argon2i
 	DEFAULT_VARIANT = ID
+	// SALT_LENGTH is the default salth length in bytes.
+	SALT_LENGTH = 32
 )
 
 // Hash creates a PHC-formatted hash with config provided
 func Hash(plain string, config Config) (string, error) {
 	if config.KeyLen == 0 {
-		config.KeyLen = KEYLEN
+		config.KeyLen = KEY_LENGTH
 	}
 	if config.Time == 0 {
 		config.Time = TIME
@@ -62,9 +65,12 @@ func Hash(plain string, config Config) (string, error) {
 	if config.Variant == -1 {
 		config.Variant = DEFAULT_VARIANT
 	}
+	if config.SaltLen == 0 {
+		config.SaltLen = SALT_LENGTH
+	}
 
 	// random-generated salt (16 bytes recommended for password hashing)
-	salt := make([]byte, 32)
+	salt := make([]byte, config.SaltLen)
 	io.ReadFull(rand.Reader, salt)
 
 	var hash []byte

diff --git a/pbkdf2/README.md b/pbkdf2/README.md
@@ -10,9 +10,10 @@ In cryptography, PBKDF1 and PBKDF2 (Password-Based Key Derivation Function 1 and
 
 | Key | Type | Default | Notes
 |---|---|---|---|
-| KeyLen | `int` | 32 | How many bytes to generate as output. |
 | Rounds | `int` | 4096 | Iteration counts. |
 | HashFunc | `string` | `sha256` | For calculating HMAC |
+| KeyLen | `int` | 32 | How many bytes to generate as output. |
+| SaltLen | `int` | 16 | Salt length in bytes |
 
 
 ## Usage with PHC Crypto

diff --git a/pbkdf2/pbkdf2.go b/pbkdf2/pbkdf2.go
@@ -22,15 +22,18 @@ type Config struct {
 	Rounds   int
 	KeyLen   int
 	HashFunc string
+	SaltLen  int
 }
 
 const (
 	// ROUNDS is the iteration counts.
 	ROUNDS = 4096
 	// KEYLEN is how many bytes to generate as output.
-	KEYLEN = 32
+	KEY_LENGTH = 32
 	// DEFAULT_HASHFUNCTION is for calculating HMAC. Defaulting to sha256.
 	DEFAULT_HASHFUNCTION = "sha256"
+	// SALT_LENGTH is the default salth length in bytes.
+	SALT_LENGTH = 16
 )
 
 // Hash creates a PHC-formatted hash with config provided
@@ -39,14 +42,17 @@ func Hash(plain string, config Config) (string, error) {
 		config.Rounds = ROUNDS
 	}
 	if config.KeyLen == 0 {
-		config.KeyLen = KEYLEN
+		config.KeyLen = KEY_LENGTH
 	}
 	if config.HashFunc == "" {
 		config.HashFunc = DEFAULT_HASHFUNCTION
 	}
+	if config.SaltLen == 0 {
+		config.SaltLen = SALT_LENGTH
+	}
 
 	// minimum 64 bits, 128 bits is recommended
-	salt := make([]byte, 16)
+	salt := make([]byte, config.SaltLen)
 	io.ReadFull(rand.Reader, salt)
 
 	var hash []byte

diff --git a/phc-crypto.go b/phc-crypto.go
@@ -30,6 +30,7 @@ type Config struct {
 	Rounds      int
 	Parallelism int
 	KeyLen      int
+	SaltLen     int
 	Variant     argon2.Variant
 	HashFunc    string
 }

diff --git a/scrypt/README.md b/scrypt/README.md
@@ -13,7 +13,8 @@ scrypt (pronounced "ess crypt") is a password-based key derivation function crea
 | Cost | `int` | 32768 | Iterations count (affects memory and CPU usage) |
 | Rounds | `int` | 8 | Block size (affects memory and CPU usage) |
 | Parallelism | `int` | 1 | Parallelism factor (threads to run in parallel - affects the memory, CPU usage). |
-| KeyLen | `int` | 32 | How many bytes to generate as output. | 
+| KeyLen | `int` | 32 | How many bytes to generate as output. |
+| SaltLen | `int` | 16 | Salt length in bytes |
 
 ## Usage with PHC Crypto
 

diff --git a/scrypt/scrypt.go b/scrypt/scrypt.go
@@ -19,6 +19,7 @@ type Config struct {
 	Rounds      int
 	Parallelism int
 	KeyLen      int
+	SaltLen     int
 }
 
 const (
@@ -32,6 +33,8 @@ const (
 	ROUNDS = 8
 	// PARALLELISM is the parallelism factor (threads to run in parallel - affects the memory, CPU usage).
 	PARALLELISM = 1
+	// SALT_LENGTH is the default salth length in bytes.
+	SALT_LENGTH = 16
 )
 
 // Hash creates a PHC-formatted hash with config provided
@@ -48,8 +51,11 @@ func Hash(plain string, config Config) (string, error) {
 	if config.Parallelism == 0 {
 		config.Parallelism = PARALLELISM
 	}
+	if config.SaltLen == 0 {
+		config.SaltLen = SALT_LENGTH
+	}
 
-	salt := make([]byte, 16)
+	salt := make([]byte, config.SaltLen)
 	io.ReadFull(rand.Reader, salt)
 
 	hash, err := scrypt.Key([]byte(plain), salt, config.Cost, config.Rounds, config.Parallelism, config.KeyLen)