authelia/internal/commands/hash.go
James Elliott b3ce7fc379
[BUGFIX] Password hashing schema map mismatch with docs (#852)
* add a nolint for gosec 'possibly hardcoded password' that was incorrect
* make all parameters consistent
* update the docs for the correct key name 'password' instead of 'password_options' or 'password_hashing'
* reword some of the docs
* apply suggestions from code review

Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>
2020-04-11 13:54:18 +10:00

56 lines
2.3 KiB
Go

package commands
import (
"fmt"
"github.com/spf13/cobra"
"github.com/authelia/authelia/internal/authentication"
"github.com/authelia/authelia/internal/configuration/schema"
)
func init() {
HashPasswordCmd.Flags().BoolP("sha512", "z", false, fmt.Sprintf("use sha512 as the algorithm (changes iterations to %d, change with -i)", schema.DefaultPasswordSHA512Configuration.Iterations))
HashPasswordCmd.Flags().IntP("iterations", "i", schema.DefaultPasswordConfiguration.Iterations, "set the number of hashing iterations")
HashPasswordCmd.Flags().StringP("salt", "s", "", "set the salt string")
HashPasswordCmd.Flags().IntP("memory", "m", schema.DefaultPasswordConfiguration.Memory, "[argon2id] set the amount of memory param (in MB)")
HashPasswordCmd.Flags().IntP("parallelism", "p", schema.DefaultPasswordConfiguration.Parallelism, "[argon2id] set the parallelism param")
HashPasswordCmd.Flags().IntP("key-length", "k", schema.DefaultPasswordConfiguration.KeyLength, "[argon2id] set the key length param")
HashPasswordCmd.Flags().IntP("salt-length", "l", schema.DefaultPasswordConfiguration.SaltLength, "set the auto-generated salt length")
}
var HashPasswordCmd = &cobra.Command{
Use: "hash-password [password]",
Short: "Hash a password to be used in file-based users database. Default algorithm is argon2id.",
Run: func(cobraCmd *cobra.Command, args []string) {
sha512, _ := cobraCmd.Flags().GetBool("sha512")
iterations, _ := cobraCmd.Flags().GetInt("iterations")
salt, _ := cobraCmd.Flags().GetString("salt")
keyLength, _ := cobraCmd.Flags().GetInt("key-length")
saltLength, _ := cobraCmd.Flags().GetInt("salt-length")
memory, _ := cobraCmd.Flags().GetInt("memory")
parallelism, _ := cobraCmd.Flags().GetInt("parallelism")
var err error
var hash string
var algorithm string
if sha512 {
if iterations == schema.DefaultPasswordConfiguration.Iterations {
iterations = schema.DefaultPasswordSHA512Configuration.Iterations
}
algorithm = authentication.HashingAlgorithmSHA512
} else {
algorithm = authentication.HashingAlgorithmArgon2id
}
hash, err = authentication.HashPassword(args[0], salt, algorithm, iterations, memory*1024, parallelism, keyLength, saltLength)
if err != nil {
fmt.Printf("Error occurred during hashing: %s", err)
} else {
fmt.Printf("Password hash: %s", hash)
}
},
Args: cobra.MinimumNArgs(1),
}