securehash

package module
v0.0.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 11, 2025 License: MIT Imports: 12 Imported by: 0

Documentation

Overview

Package securehash provides a secure and easy way to hash and compare secrets. It supports bcrypt and argon2 as hashing algorithms and can be used to upgrade hashes over time as security best practices change.

A SecureHasher is created with a specific algorithm and its parameters. It can then be used to hash new secrets or compare existing hashes with a plaintext secret. When comparing, it will also indicate if the hash needs to be upgraded to the current configuration.

The Hash type represents a hashed secret and can be marshaled to and unmarshaled from text for easy storage.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Argon2Options 

type Argon2Options struct {
	// contains filtered or unexported fields
}

Argon2Options hold hashing options for a Argon2ID key

func Argon2 

func Argon2() *Argon2Options

Argon2 initializes argon2 with Owasp recommended settings.

type BcryptOptions 

type BcryptOptions struct {
	// contains filtered or unexported fields
}

BcryptOptions hold options for generating a bcrypt hash

func Bcrypt 

func Bcrypt() *BcryptOptions

Bcrypt initializes bcrypt with recommended settings.

type Hash 

type Hash struct {
	// contains filtered or unexported fields
}

Hash represents a hashed secret.

func (*Hash) DecodeSpanner 

func (h *Hash) DecodeSpanner(val any) error

DecodeSpanner implements the spanner.Decoder interface

func (Hash) EncodeSpanner 

func (h Hash) EncodeSpanner() (any, error)

EncodeSpanner implements the spanner.Encoder interface

func (*Hash) KeyType added in v0.0.4 

func (h *Hash) KeyType() string

KeyType returns the underlying key type

func (*Hash) MarshalText 

func (h *Hash) MarshalText() ([]byte, error)

MarshalText implements encoding.TextMarshaler for storing a hashed secret.

func (*Hash) Scan added in v0.0.5 

func (h *Hash) Scan(src any) error

Scan implements the sql.Scanner interface.

func (*Hash) UnmarshalText 

func (h *Hash) UnmarshalText(hash []byte) error

UnmarshalText implements encoding.TextUnmarshaler for loading a secret from storage

func (Hash) Value added in v0.0.5 

func (h Hash) Value() (driver.Value, error)

Value implements the driver.Valuer interface.

type HashAlgorithm 

type HashAlgorithm interface {
	// contains filtered or unexported methods
}

HashAlgorithm is used to specify a configuration for a new SecureHasher.

type SecureHasher 

type SecureHasher struct {
	// contains filtered or unexported fields
}

SecureHasher is used for deriving and comparing

func New 

func New(algo HashAlgorithm) *SecureHasher

New configures a SecureHasher using the provided initialization function.

func (*SecureHasher) Compare 

func (s *SecureHasher) Compare(hash *Hash, plaintext string) (bool, error)

Compare compares a key of any supported type and a plaintext secret. It returns an error if they do not match, and a boolean indicating if the key needs to be upgraded(rehashed) with the current configuration.

func (*SecureHasher) Hash 

func (s *SecureHasher) Hash(plaintext string) (*Hash, error)

Hash builds and returns a hashed and safe to store key based off the provided plaintext input.

func (*SecureHasher) KeyType added in v0.0.4 

func (s *SecureHasher) KeyType() string

KeyType returns the underlying key type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.