parent
bec64827d1
commit
a9d8aa2591
@ -0,0 +1,68 @@ |
|||||||
|
package chat |
||||||
|
|
||||||
|
import ( |
||||||
|
"encoding/hex" |
||||||
|
"fmt" |
||||||
|
"sync" |
||||||
|
|
||||||
|
"golang.org/x/crypto/argon2" |
||||||
|
) |
||||||
|
|
||||||
|
// UserID uniquely identifies an individual user who has posted a message in a
|
||||||
|
// Room.
|
||||||
|
type UserID struct { |
||||||
|
|
||||||
|
// Name will be the user's chosen display name.
|
||||||
|
Name string `json:"name"` |
||||||
|
|
||||||
|
// Hash will be a hex string generated from a secret only the user knows.
|
||||||
|
Hash string `json:"id"` |
||||||
|
} |
||||||
|
|
||||||
|
// UserIDCalculator is used to calculate UserIDs.
|
||||||
|
type UserIDCalculator struct { |
||||||
|
|
||||||
|
// Secret is used when calculating UserID Hash salts.
|
||||||
|
Secret []byte |
||||||
|
|
||||||
|
// TimeCost, MemoryCost, and Threads are used as inputs to the Argon2id
|
||||||
|
// algorithm which is used to generate the Hash.
|
||||||
|
TimeCost, MemoryCost uint32 |
||||||
|
Threads uint8 |
||||||
|
|
||||||
|
// HashLen specifies the number of bytes the Hash should be.
|
||||||
|
HashLen uint32 |
||||||
|
|
||||||
|
// Lock, if set, forces concurrent Calculate calls to occur sequentially.
|
||||||
|
Lock *sync.Mutex |
||||||
|
} |
||||||
|
|
||||||
|
// NewUserIDCalculator returns a UserIDCalculator with sane defaults.
|
||||||
|
func NewUserIDCalculator(secret []byte) UserIDCalculator { |
||||||
|
return UserIDCalculator{ |
||||||
|
Secret: secret, |
||||||
|
TimeCost: 15, |
||||||
|
MemoryCost: 128 * 1024, |
||||||
|
Threads: 2, |
||||||
|
HashLen: 16, |
||||||
|
Lock: new(sync.Mutex), |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
// Calculate accepts a name and password and returns the calculated UserID.
|
||||||
|
func (c UserIDCalculator) Calculate(name, password string) UserID { |
||||||
|
|
||||||
|
input := fmt.Sprintf("%q:%q", name, password) |
||||||
|
|
||||||
|
hashB := argon2.IDKey( |
||||||
|
[]byte(input), |
||||||
|
c.Secret, // salt
|
||||||
|
c.TimeCost, c.MemoryCost, c.Threads, |
||||||
|
c.HashLen, |
||||||
|
) |
||||||
|
|
||||||
|
return UserID{ |
||||||
|
Name: name, |
||||||
|
Hash: hex.EncodeToString(hashB), |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,26 @@ |
|||||||
|
package chat |
||||||
|
|
||||||
|
import ( |
||||||
|
"testing" |
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert" |
||||||
|
) |
||||||
|
|
||||||
|
func TestUserIDCalculator(t *testing.T) { |
||||||
|
|
||||||
|
const name, password = "name", "password" |
||||||
|
|
||||||
|
c := NewUserIDCalculator([]byte("foo")) |
||||||
|
|
||||||
|
// calculating with same params twice should result in same UserID
|
||||||
|
userID := c.Calculate(name, password) |
||||||
|
assert.Equal(t, userID, c.Calculate(name, password)) |
||||||
|
|
||||||
|
// changing either name or password should result in a different Hash
|
||||||
|
assert.NotEqual(t, userID.Hash, c.Calculate(name+"!", password).Hash) |
||||||
|
assert.NotEqual(t, userID.Hash, c.Calculate(name, password+"!").Hash) |
||||||
|
|
||||||
|
// changing the secret should change the UserID
|
||||||
|
c.Secret = []byte("bar") |
||||||
|
assert.NotEqual(t, userID, c.Calculate(name, password)) |
||||||
|
} |
@ -0,0 +1,27 @@ |
|||||||
|
package main |
||||||
|
|
||||||
|
import ( |
||||||
|
"encoding/json" |
||||||
|
"flag" |
||||||
|
"fmt" |
||||||
|
|
||||||
|
"github.com/mediocregopher/blog.mediocregopher.com/srv/chat" |
||||||
|
) |
||||||
|
|
||||||
|
func main() { |
||||||
|
|
||||||
|
secret := flag.String("secret", "", "Secret to use when calculating UserIDs") |
||||||
|
name := flag.String("name", "", "") |
||||||
|
password := flag.String("password", "", "") |
||||||
|
flag.Parse() |
||||||
|
|
||||||
|
calc := chat.NewUserIDCalculator([]byte(*secret)) |
||||||
|
userID := calc.Calculate(*name, *password) |
||||||
|
|
||||||
|
b, err := json.Marshal(userID) |
||||||
|
if err != nil { |
||||||
|
panic(err) |
||||||
|
} |
||||||
|
|
||||||
|
fmt.Println(string(b)) |
||||||
|
} |
Binary file not shown.
Loading…
Reference in new issue