Documentation
¶
Overview ¶
Package password classifies the value stored in pg_authid.rolpassword the same way PostgreSQL does, so that callers can decide whether a proposed password is already encoded or still in plaintext.
Index ¶
Constants ¶
View Source
const ( // SCRAMSHA256KeyLen is the byte length of the StoredKey and ServerKey // in a SCRAM-SHA-256 secret. It equals the SHA-256 digest size and // mirrors PostgreSQL's SCRAM_SHA_256_KEY_LEN; the value is fixed by // the SCRAM-SHA-256 specification and will not change. SCRAMSHA256KeyLen = 32 )
Constants mirrored from PostgreSQL's source.
See:
- src/include/common/md5.h (MD5_PASSWD_LEN, MD5_PASSWD_CHARSET)
- src/include/common/scram-common.h (SCRAM_SHA_256_KEY_LEN)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Type ¶
type Type int
Type classifies a shadow password value, matching PostgreSQL's PasswordType enum from src/include/libpq/crypt.h.
const ( // Plaintext means the value is not a recognized password hash. Plaintext Type = iota // MD5 means the value is an MD5-hashed password ("md5" + 32 hex digits). MD5 // SCRAMSHA256 means the value is a SCRAM-SHA-256 secret in PostgreSQL's // canonical "SCRAM-SHA-256$<iter>:<salt>$<StoredKey>:<ServerKey>" form. SCRAMSHA256 )
func GetType ¶
GetType reports how PostgreSQL would classify the given shadow_pass value.
This is the Go equivalent of get_password_type in PostgreSQL's src/backend/libpq/crypt.c. The structural SCRAM check mirrors parse_scram_secret in src/backend/libpq/auth-scram.c. Keep these in sync with upstream when the supported PostgreSQL versions change.
Source Files
Click to show internal directories.
Click to hide internal directories.