Initial commit: Open sourcing all of the Maple Open Technologies code.

2025-12-02 14:33:08 -05:00 · 2025-12-02 14:33:08 -05:00 · 755d54a99d
commit 755d54a99d
2010 changed files with 448675 additions and 0 deletions
--- a/cloud/maplepress-backend/pkg/security/password/password.go
+++ b/cloud/maplepress-backend/pkg/security/password/password.go
@ -0,0 +1,200 @@
+// File Path: monorepo/cloud/maplepress-backend/pkg/security/password/password.go
+package password
+
+import (
+	"crypto/rand"
+	"crypto/subtle"
+	"encoding/base64"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"strings"
+
+	"golang.org/x/crypto/argon2"
+
+	"codeberg.org/mapleopentech/monorepo/cloud/maplepress-backend/pkg/security/securestring"
+)
+
+var (
+	ErrInvalidHash         = errors.New("the encoded hash is not in the correct format")
+	ErrIncompatibleVersion = errors.New("incompatible version of argon2")
+	ErrPasswordTooShort    = errors.New("password must be at least 8 characters")
+	ErrPasswordTooLong     = errors.New("password must not exceed 128 characters")
+
+	// Granular password strength errors (CWE-521: Weak Password Requirements)
+	ErrPasswordNoUppercase   = errors.New("password must contain at least one uppercase letter (A-Z)")
+	ErrPasswordNoLowercase   = errors.New("password must contain at least one lowercase letter (a-z)")
+	ErrPasswordNoNumber      = errors.New("password must contain at least one number (0-9)")
+	ErrPasswordNoSpecialChar = errors.New("password must contain at least one special character (!@#$%^&*()_+-=[]{}; etc.)")
+	ErrPasswordTooWeak       = errors.New("password must contain uppercase, lowercase, number, and special character")
+)
+
+// PasswordProvider provides secure password hashing and verification using Argon2id.
+type PasswordProvider interface {
+	GenerateHashFromPassword(password *securestring.SecureString) (string, error)
+	ComparePasswordAndHash(password *securestring.SecureString, hash string) (bool, error)
+	AlgorithmName() string
+	GenerateSecureRandomBytes(length int) ([]byte, error)
+	GenerateSecureRandomString(length int) (string, error)
+}
+
+type passwordProvider struct {
+	memory      uint32
+	iterations  uint32
+	parallelism uint8
+	saltLength  uint32
+	keyLength   uint32
+}
+
+// NewPasswordProvider creates a new password provider with secure default parameters.
+// The default parameters are based on OWASP recommendations for Argon2id:
+// - Memory: 64 MB
+// - Iterations: 3
+// - Parallelism: 2
+// - Salt length: 16 bytes
+// - Key length: 32 bytes
+func NewPasswordProvider() PasswordProvider {
+	// DEVELOPERS NOTE:
+	// The following code was adapted from: "How to Hash and Verify Passwords With Argon2 in Go"
+	// via https://www.alexedwards.net/blog/how-to-hash-and-verify-passwords-with-argon2-in-go
+
+	// Establish the parameters to use for Argon2
+	return &passwordProvider{
+		memory:      64 * 1024, // 64 MB
+		iterations:  3,
+		parallelism: 2,
+		saltLength:  16,
+		keyLength:   32,
+	}
+}
+
+// GenerateHashFromPassword takes a secure string and returns an Argon2id hashed string.
+// The returned hash string includes all parameters needed for verification:
+// Format: $argon2id$v=19$m=65536,t=3,p=2$<base64-salt>$<base64-hash>
+func (p *passwordProvider) GenerateHashFromPassword(password *securestring.SecureString) (string, error) {
+	salt, err := generateRandomBytes(p.saltLength)
+	if err != nil {
+		return "", fmt.Errorf("failed to generate salt: %w", err)
+	}
+
+	passwordBytes := password.Bytes()
+
+	// Generate the hash using Argon2id
+	hash := argon2.IDKey(passwordBytes, salt, p.iterations, p.memory, p.parallelism, p.keyLength)
+
+	// Base64 encode the salt and hashed password
+	b64Salt := base64.RawStdEncoding.EncodeToString(salt)
+	b64Hash := base64.RawStdEncoding.EncodeToString(hash)
+
+	// Return a string using the standard encoded hash representation
+	encodedHash := fmt.Sprintf("$argon2id$v=%d$m=%d,t=%d,p=%d$%s$%s",
+		argon2.Version, p.memory, p.iterations, p.parallelism, b64Salt, b64Hash)
+
+	return encodedHash, nil
+}
+
+// ComparePasswordAndHash verifies that a password matches the provided hash.
+// It uses constant-time comparison to prevent timing attacks.
+// Returns true if the password matches, false otherwise.
+func (p *passwordProvider) ComparePasswordAndHash(password *securestring.SecureString, encodedHash string) (match bool, err error) {
+	// DEVELOPERS NOTE:
+	// The following code was adapted from: "How to Hash and Verify Passwords With Argon2 in Go"
+	// via https://www.alexedwards.net/blog/how-to-hash-and-verify-passwords-with-argon2-in-go
+
+	// Extract the parameters, salt and derived key from the encoded password hash
+	params, salt, hash, err := decodeHash(encodedHash)
+	if err != nil {
+		return false, err
+	}
+
+	// Derive the key from the password using the same parameters
+	otherHash := argon2.IDKey(password.Bytes(), salt, params.iterations, params.memory, params.parallelism, params.keyLength)
+
+	// Check that the contents of the hashed passwords are identical
+	// Using subtle.ConstantTimeCompare() to help prevent timing attacks
+	if subtle.ConstantTimeCompare(hash, otherHash) == 1 {
+		return true, nil
+	}
+	return false, nil
+}
+
+// AlgorithmName returns the name of the hashing algorithm used.
+func (p *passwordProvider) AlgorithmName() string {
+	return "argon2id"
+}
+
+// GenerateSecureRandomBytes generates a cryptographically secure random byte slice.
+func (p *passwordProvider) GenerateSecureRandomBytes(length int) ([]byte, error) {
+	bytes := make([]byte, length)
+	_, err := rand.Read(bytes)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate secure random bytes: %w", err)
+	}
+	return bytes, nil
+}
+
+// GenerateSecureRandomString generates a cryptographically secure random hex string.
+// The returned string will be twice the length parameter (2 hex chars per byte).
+func (p *passwordProvider) GenerateSecureRandomString(length int) (string, error) {
+	bytes, err := p.GenerateSecureRandomBytes(length)
+	if err != nil {
+		return "", err
+	}
+	return hex.EncodeToString(bytes), nil
+}
+
+// generateRandomBytes generates cryptographically secure random bytes.
+func generateRandomBytes(n uint32) ([]byte, error) {
+	// DEVELOPERS NOTE:
+	// The following code was adapted from: "How to Hash and Verify Passwords With Argon2 in Go"
+	// via https://www.alexedwards.net/blog/how-to-hash-and-verify-passwords-with-argon2-in-go
+
+	b := make([]byte, n)
+	_, err := rand.Read(b)
+	if err != nil {
+		return nil, err
+	}
+
+	return b, nil
+}
+
+// decodeHash extracts the parameters, salt, and hash from an encoded hash string.
+func decodeHash(encodedHash string) (p *passwordProvider, salt, hash []byte, err error) {
+	// DEVELOPERS NOTE:
+	// The following code was adapted from: "How to Hash and Verify Passwords With Argon2 in Go"
+	// via https://www.alexedwards.net/blog/how-to-hash-and-verify-passwords-with-argon2-in-go
+
+	vals := strings.Split(encodedHash, "$")
+	if len(vals) != 6 {
+		return nil, nil, nil, ErrInvalidHash
+	}
+
+	var version int
+	_, err = fmt.Sscanf(vals[2], "v=%d", &version)
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	if version != argon2.Version {
+		return nil, nil, nil, ErrIncompatibleVersion
+	}
+
+	p = &passwordProvider{}
+	_, err = fmt.Sscanf(vals[3], "m=%d,t=%d,p=%d", &p.memory, &p.iterations, &p.parallelism)
+	if err != nil {
+		return nil, nil, nil, err
+	}
+
+	salt, err = base64.RawStdEncoding.Strict().DecodeString(vals[4])
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	p.saltLength = uint32(len(salt))
+
+	hash, err = base64.RawStdEncoding.Strict().DecodeString(vals[5])
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	p.keyLength = uint32(len(hash))
+
+	return p, salt, hash, nil
+}