go.crypto/blowfish: allow shorter passwords.
bcrypt didn't allow one, two and three letter passwords which is a
policy decision best left to the user of the code. Some users have
legacy issues which require such short passwords to be processed.
LGTM=bradfitz
R=golang-codereviews, bradfitz
CC=golang-codereviews
https://golang.org/cl/81800044
diff --git a/blowfish/cipher.go b/blowfish/cipher.go
index fbefe78..d346684 100644
--- a/blowfish/cipher.go
+++ b/blowfish/cipher.go
@@ -26,11 +26,10 @@
}
// NewCipher creates and returns a Cipher.
-// The key argument should be the Blowfish key, 4 to 56 bytes.
+// The key argument should be the Blowfish key, from 1 to 56 bytes.
func NewCipher(key []byte) (*Cipher, error) {
var result Cipher
- k := len(key)
- if k < 4 || k > 56 {
+ if k := len(key); k < 1 || k > 56 {
return nil, KeySizeError(k)
}
initCipher(key, &result)
@@ -44,8 +43,7 @@
// bytes. Only the first 16 bytes of salt are used.
func NewSaltedCipher(key, salt []byte) (*Cipher, error) {
var result Cipher
- k := len(key)
- if k < 4 {
+ if k := len(key); k < 1 {
return nil, KeySizeError(k)
}
initCipher(key, &result)
