1 package validation
2
3 import (
4 "errors"
5 "strings"
6
7 "golang.org/x/crypto/bcrypt"
8
9 "edge-infra.dev/pkg/lib/crypto/randomizer"
10 )
11
12 var (
13 MinimumPassLen = 8
14 MaximumPassLen = 63
15 MinimumSaltLen = 16
16 MinimumHashIterations = 120000
17 MinimumKeyLen = 16
18 CharValidationError = "\"invalid password, password can only include alphanumerical characters and special characters ~!@#%^&*_-+=`|'>(){}[]:;<,.? \""
19 )
20
21 func validatePwdChar(char rune) bool {
22 return strings.ContainsRune(string(randomizer.ValidChars), char)
23 }
24
25 func ValidatePwdCharacters(pwd string) error {
26 for _, char := range pwd {
27 if !validatePwdChar(char) {
28 return errors.New(CharValidationError)
29 }
30 }
31 return nil
32 }
33
34 func ValidateCost(cost int) error {
35 if cost < bcrypt.DefaultCost || cost > bcrypt.MaxCost {
36 return InvalidCostError()
37 }
38 return nil
39 }
40
41
42 func ValidatePwdBounds(minLength, maxLength int) error {
43 if err := ValidatePwdLen(maxLength); err != nil {
44 return err
45 }
46
47 if err := ValidatePwdLen(minLength); err != nil {
48 return err
49 }
50
51 if minLength >= maxLength {
52 return InvalidPasswordLengthError()
53 }
54
55 return nil
56 }
57
58 func ValidatePwdLen(len int) error {
59 switch {
60 case len < MinimumPassLen:
61 return InvalidPasswordLengthError()
62 case len > MaximumPassLen:
63 return InvalidPasswordLengthError()
64 default:
65 return nil
66 }
67 }
68
69 func ValidateSaltLength(saltLength int) error {
70 if saltLength < MinimumSaltLen {
71 return InvalidSaltLengthError()
72 }
73 return nil
74 }
75
76 func ValidateIterationLen(iterations int) error {
77 if iterations < MinimumHashIterations {
78 return InvalidHashIterationsError()
79 }
80 return nil
81 }
82
83 func ValidateKeyLen(keyLength, saltLength int) error {
84 if keyLength < MinimumKeyLen || keyLength < saltLength {
85 return InvalidKeyLengthError()
86 }
87 return nil
88 }
89
View as plain text