diff options
Diffstat (limited to 'vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go')
| -rw-r--r-- | vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go | 120 |
1 files changed, 0 insertions, 120 deletions
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go deleted file mode 100644 index 3774a97..0000000 --- a/vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright (C) 2018 G.J.R. Timmer <gjr.timmer@gmail.com>. -// -// Use of this source code is governed by an MIT-style -// license that can be found in the LICENSE file. - -package sqlite3 - -import ( - "crypto/sha1" - "crypto/sha256" - "crypto/sha512" -) - -// This file provides several different implementations for the -// default embedded sqlite_crypt function. -// This function is uses a ceasar-cypher by default -// and is used within the UserAuthentication module to encode -// the password. -// -// The provided functions can be used as an overload to the sqlite_crypt -// function through the use of the RegisterFunc on the connection. -// -// Because the functions can serv a purpose to an end-user -// without using the UserAuthentication module -// the functions are default compiled in. -// -// From SQLITE3 - user-auth.txt -// The sqlite_user.pw field is encoded by a built-in SQL function -// "sqlite_crypt(X,Y)". The two arguments are both BLOBs. The first argument -// is the plaintext password supplied to the sqlite3_user_authenticate() -// interface. The second argument is the sqlite_user.pw value and is supplied -// so that the function can extract the "salt" used by the password encoder. -// The result of sqlite_crypt(X,Y) is another blob which is the value that -// ends up being stored in sqlite_user.pw. To verify credentials X supplied -// by the sqlite3_user_authenticate() routine, SQLite runs: -// -// sqlite_user.pw == sqlite_crypt(X, sqlite_user.pw) -// -// To compute an appropriate sqlite_user.pw value from a new or modified -// password X, sqlite_crypt(X,NULL) is run. A new random salt is selected -// when the second argument is NULL. -// -// The built-in version of of sqlite_crypt() uses a simple Ceasar-cypher -// which prevents passwords from being revealed by searching the raw database -// for ASCII text, but is otherwise trivally broken. For better password -// security, the database should be encrypted using the SQLite Encryption -// Extension or similar technology. Or, the application can use the -// sqlite3_create_function() interface to provide an alternative -// implementation of sqlite_crypt() that computes a stronger password hash, -// perhaps using a cryptographic hash function like SHA1. - -// CryptEncoderSHA1 encodes a password with SHA1 -func CryptEncoderSHA1(pass []byte, hash interface{}) []byte { - h := sha1.Sum(pass) - return h[:] -} - -// CryptEncoderSSHA1 encodes a password with SHA1 with the -// configured salt. -func CryptEncoderSSHA1(salt string) func(pass []byte, hash interface{}) []byte { - return func(pass []byte, hash interface{}) []byte { - s := []byte(salt) - p := append(pass, s...) - h := sha1.Sum(p) - return h[:] - } -} - -// CryptEncoderSHA256 encodes a password with SHA256 -func CryptEncoderSHA256(pass []byte, hash interface{}) []byte { - h := sha256.Sum256(pass) - return h[:] -} - -// CryptEncoderSSHA256 encodes a password with SHA256 -// with the configured salt -func CryptEncoderSSHA256(salt string) func(pass []byte, hash interface{}) []byte { - return func(pass []byte, hash interface{}) []byte { - s := []byte(salt) - p := append(pass, s...) - h := sha256.Sum256(p) - return h[:] - } -} - -// CryptEncoderSHA384 encodes a password with SHA256 -func CryptEncoderSHA384(pass []byte, hash interface{}) []byte { - h := sha512.Sum384(pass) - return h[:] -} - -// CryptEncoderSSHA384 encodes a password with SHA256 -// with the configured salt -func CryptEncoderSSHA384(salt string) func(pass []byte, hash interface{}) []byte { - return func(pass []byte, hash interface{}) []byte { - s := []byte(salt) - p := append(pass, s...) - h := sha512.Sum384(p) - return h[:] - } -} - -// CryptEncoderSHA512 encodes a password with SHA256 -func CryptEncoderSHA512(pass []byte, hash interface{}) []byte { - h := sha512.Sum512(pass) - return h[:] -} - -// CryptEncoderSSHA512 encodes a password with SHA256 -// with the configured salt -func CryptEncoderSSHA512(salt string) func(pass []byte, hash interface{}) []byte { - return func(pass []byte, hash interface{}) []byte { - s := []byte(salt) - p := append(pass, s...) - h := sha512.Sum512(p) - return h[:] - } -} - -// EOF |