From ed1efea6db5c310df9f012a16e51741b2bf93dfc Mon Sep 17 00:00:00 2001 From: Seth Smith Date: Wed, 4 Sep 2024 20:54:20 -0600 Subject: [PATCH] [authutil] standardize argon2 dependency --- go.mod | 2 -- go.sum | 4 ---- lib/authutil/authutil.go | 14 +++----------- 3 files changed, 3 insertions(+), 17 deletions(-) diff --git a/go.mod b/go.mod index 7da5db52..46e2d1c0 100644 --- a/go.mod +++ b/go.mod @@ -18,7 +18,6 @@ require ( github.com/aws/aws-sdk-go-v2/service/sts v1.30.3 github.com/bearsh/hid v1.5.0 github.com/cloudflare/cfssl v1.6.5 - github.com/cviecco/argon2 v0.0.0-20171122181119-1dc43e2eaa99 github.com/duo-labs/webauthn v0.0.0-20221205164246-ebaf9b74c6ec github.com/flynn/u2f v0.0.0-20180613185708-15554eb68e5d github.com/foomo/htpasswd v0.0.0-20200116085101-e3a90e78da9c @@ -79,7 +78,6 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/boombuler/barcode v1.0.2 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect - github.com/dchest/blake2b v1.0.0 // indirect github.com/flynn/hid v0.0.0-20190502022136-f1b9b6cc019a // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/golang-jwt/jwt/v4 v4.5.0 // indirect diff --git a/go.sum b/go.sum index c15320c0..0d3e4d0b 100644 --- a/go.sum +++ b/go.sum @@ -83,15 +83,11 @@ github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3Ee github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cviecco/argon2 v0.0.0-20171122181119-1dc43e2eaa99 h1:8co/GRKovq1R4wCidV2GrIf9FQ+2s0bV4IXulkzbkeI= -github.com/cviecco/argon2 v0.0.0-20171122181119-1dc43e2eaa99/go.mod h1:bhY/hbDzWD0J/Sr4zDxR9WaRilSZ06n+qMzGWUjU6yQ= github.com/cyphar/filepath-securejoin v0.3.1 h1:1V7cHiaW+C+39wEfpH6XlLBQo3j/PciWFrgfCLS8XrE= github.com/cyphar/filepath-securejoin v0.3.1/go.mod h1:F7i41x/9cBF7lzCrVsYs9fuzwRZm4NQsGTBdpp6mETc= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dchest/blake2b v1.0.0 h1:KK9LimVmE0MjRl9095XJmKqZ+iLxWATvlcpVFRtaw6s= -github.com/dchest/blake2b v1.0.0/go.mod h1:U034kXgbJpCle2wSk5ybGIVhOSHCVLMDqOzcPEA0F7s= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= github.com/duo-labs/webauthn v0.0.0-20221205164246-ebaf9b74c6ec h1:darQ1FPPrwlzwmuN3fRMVCrsaCpuDqkKHADYzcMa73M= diff --git a/lib/authutil/authutil.go b/lib/authutil/authutil.go index db53989d..30fdf865 100644 --- a/lib/authutil/authutil.go +++ b/lib/authutil/authutil.go @@ -14,8 +14,8 @@ import ( "strings" "time" - "github.com/cviecco/argon2" "github.com/foomo/htpasswd" + "golang.org/x/crypto/argon2" "golang.org/x/crypto/bcrypt" "gopkg.in/ldap.v2" ) @@ -56,12 +56,8 @@ func Argon2MakeNewHash(password []byte) (string, error) { if err != nil { return "", err } - key, err := argon2.Key(password, []byte(salt), argon2t, argon2p, argon2m, argon2l) - if err != nil { - return "", err - } + key := argon2.Key(password, []byte(salt), argon2t, argon2p, argon2m, argon2l) return fmt.Sprintf("%s%s:%x", argon2dPrefix, salt, key), nil - } // We only support argon2d as is the only pure golang implementation @@ -73,11 +69,7 @@ func Argon2CompareHashAndPassword(hash string, password []byte) error { splitHashString := strings.SplitN(hash, ":", 2) hexKey := splitHashString[1] salt := splitHashString[0][len(argon2dPrefix):] - //log.Printf("salt='%s' heykey=%s", salt, hexKey) - key, err := argon2.Key(password, []byte(salt), argon2t, argon2p, argon2m, argon2l) - if err != nil { - return err - } + key := argon2.Key(password, []byte(salt), argon2t, argon2p, argon2m, argon2l) if hexKey == fmt.Sprintf("%x", key) { return nil }