mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-07-11 08:20:50 +02:00
0d8478cff8
- In Go 1.21 the crypto/sha256 [got a massive improvement](https://go.dev/doc/go1.21#crypto/sha256) by utilizing the SHA instructions for AMD64 CPUs, which sha256-simd already was doing. The performance is now on par and I think it's preferable to use the standard library rather than a package when possible. ``` cpu: AMD Ryzen 5 3600X 6-Core Processor │ simd.txt │ go.txt │ │ sec/op │ sec/op vs base │ Hash/8Bytes-12 63.25n ± 1% 73.38n ± 1% +16.02% (p=0.002 n=6) Hash/64Bytes-12 98.73n ± 1% 105.30n ± 1% +6.65% (p=0.002 n=6) Hash/1K-12 567.2n ± 1% 572.8n ± 1% +0.99% (p=0.002 n=6) Hash/8K-12 4.062µ ± 1% 4.062µ ± 1% ~ (p=0.396 n=6) Hash/1M-12 512.1µ ± 0% 510.6µ ± 1% ~ (p=0.485 n=6) Hash/5M-12 2.556m ± 1% 2.564m ± 0% ~ (p=0.093 n=6) Hash/10M-12 5.112m ± 0% 5.127m ± 0% ~ (p=0.093 n=6) geomean 13.82µ 14.27µ +3.28% │ simd.txt │ go.txt │ │ B/s │ B/s vs base │ Hash/8Bytes-12 120.6Mi ± 1% 104.0Mi ± 1% -13.81% (p=0.002 n=6) Hash/64Bytes-12 618.2Mi ± 1% 579.8Mi ± 1% -6.22% (p=0.002 n=6) Hash/1K-12 1.682Gi ± 1% 1.665Gi ± 1% -0.98% (p=0.002 n=6) Hash/8K-12 1.878Gi ± 1% 1.878Gi ± 1% ~ (p=0.310 n=6) Hash/1M-12 1.907Gi ± 0% 1.913Gi ± 1% ~ (p=0.485 n=6) Hash/5M-12 1.911Gi ± 1% 1.904Gi ± 0% ~ (p=0.093 n=6) Hash/10M-12 1.910Gi ± 0% 1.905Gi ± 0% ~ (p=0.093 n=6) geomean 1.066Gi 1.032Gi -3.18% ``` (cherry picked from commitabd94ff5b5) (cherry picked from commit15e81637ab) Conflicts: go.mod https://codeberg.org/forgejo/forgejo/pulls/1581 (cherry picked from commit 5caea2d75aeac78fb306f58a3cf7809d5b70c7f2) (cherry picked from commit08da542cce) (cherry picked from commitd71a8cc9fb) (cherry picked from commit63c9fc2bee) (cherry picked from commite1db85d48a) (cherry picked from commit5e86a5d2d1)
68 lines
1.6 KiB
Go
68 lines
1.6 KiB
Go
// Copyright 2023 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package hash
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"encoding/hex"
|
|
"strings"
|
|
|
|
"code.gitea.io/gitea/modules/log"
|
|
|
|
"golang.org/x/crypto/pbkdf2"
|
|
)
|
|
|
|
func init() {
|
|
MustRegister("pbkdf2", NewPBKDF2Hasher)
|
|
}
|
|
|
|
// PBKDF2Hasher implements PasswordHasher
|
|
// and uses the PBKDF2 key derivation function.
|
|
type PBKDF2Hasher struct {
|
|
iter, keyLen int
|
|
}
|
|
|
|
// HashWithSaltBytes a provided password and salt
|
|
func (hasher *PBKDF2Hasher) HashWithSaltBytes(password string, salt []byte) string {
|
|
if hasher == nil {
|
|
return ""
|
|
}
|
|
return hex.EncodeToString(pbkdf2.Key([]byte(password), salt, hasher.iter, hasher.keyLen, sha256.New))
|
|
}
|
|
|
|
// NewPBKDF2Hasher is a factory method to create an PBKDF2Hasher
|
|
// config should be either empty or of the form:
|
|
// "<iter>$<keyLen>", where <x> is the string representation
|
|
// of an integer
|
|
func NewPBKDF2Hasher(config string) *PBKDF2Hasher {
|
|
// This default configuration uses the following parameters:
|
|
// iter=10000, keyLen=50.
|
|
// This matches the original configuration for `pbkdf2` prior to storing parameters
|
|
// in the database.
|
|
// THESE VALUES MUST NOT BE CHANGED OR BACKWARDS COMPATIBILITY WILL BREAK
|
|
hasher := &PBKDF2Hasher{
|
|
iter: 10_000,
|
|
keyLen: 50,
|
|
}
|
|
|
|
if config == "" {
|
|
return hasher
|
|
}
|
|
|
|
vals := strings.SplitN(config, "$", 2)
|
|
if len(vals) != 2 {
|
|
log.Error("invalid pbkdf2 hash spec %s", config)
|
|
return nil
|
|
}
|
|
|
|
var err error
|
|
hasher.iter, err = parseIntParam(vals[0], "iter", "pbkdf2", config, nil)
|
|
hasher.keyLen, err = parseIntParam(vals[1], "keyLen", "pbkdf2", config, err)
|
|
if err != nil {
|
|
return nil
|
|
}
|
|
|
|
return hasher
|
|
}
|