Is cryptography in Go hard?

I been having a slower time learning cryptography in Go compared to other languages due to all of the juggling to simply encrypt a string or the limitations of 72 characters to generate a secure hash with a salt.

Is there some sort of 3rd party library that is popular, maintained and trusted that I do not know of that makes crypto in go much easier.

For example, this is how I generate a hash with as salt with timing attack security but I am stuck with using bcrypt which is limited to 72 characters.

package main

import (
"encoding/hex"
"fmt"

"golang.org/x/crypto/bcrypt"
)

const Password = "mypassword"

func main() {
//Generate hash with salt
hashWithSaltBytes, err := bcrypt.GenerateFromPassword([]byte(Password), bcrypt.MinCost)
if err != nil {
//,,,
}

//Convert bytes into hex...

Is there some sort of 3rd party library that is popular, maintained and trusted that I do not know of that makes crypto in go much easier.

For example, this is how I generate a hash with as salt with timing attack security but I am stuck with using bcrypt which is limited to 72 characters.

package main

import (
"encoding/hex"
"fmt"

"golang.org/x/crypto/bcrypt"
)

const Password = "mypassword"

func main() {
//Generate hash with salt
hashWithSaltBytes, err := bcrypt.GenerateFromPassword([]byte(Password), bcrypt.MinCost)
if err != nil {
//,,,
}

//Convert bytes into hex string
hashWithSalt := hex.EncodeToString(hashWithSaltBytes)

fmt.Println(hashWithSalt)

//Convert hex string into bytes
hashWithSaltBytes, err = hex.DecodeString(hashWithSalt)
if err != nil {
//,,,
}

//Verify the users submitted password matches the hash with the salt stored in the backend
//The CompareHashAndPassword() method also protects against timing attacks
err = bcrypt.CompareHashAndPassword(hashWithSaltBytes, []byte(Password))
if err != nil {
fmt.Println("Is Invalid")
} else {
fmt.Println("Is Valid")
}
}

Similar Posts