golang bcrypt returns in Bytes

Question

I am using the Golang Bcrypt algorithm and it returns in bytes for instance

password := []byte("MyPassword")

hashedPassword, err := bcrypt.GenerateFromPassword(password, 12)

That code above returns a hashPassword of

[36 50 97 36 49 50 36 103 118 90 90 104 82 114 99 88 113 81 46 48 69 52 105 51 82 71 53 104 101 83 79 107 80 110 53 103 53 99 84 110 97 99 82 106 56 68 66 54 84 89 83 107 100 108 87 67 115 57 77 97] My question is; is that as save as the string implementation that I've used in Java and C# where the Hashpassword would be return in strings,numerals and other characters ? I have got the code and testing it from https://godoc.org/golang.org/x/crypto/bcrypt#CompareHashAndPassword .

score 4 · Accepted Answer · edited May 23 '17 at 10:28

Yes, bcrypt's functions do operate on byte slices, however, the returned hash is base64 encoded. A string representation of the hashed password can therefore be obtained by doing a string conversion:

hashedPasswordStr := string(hashedPassword)

This question provides some reasons why arrays are preferred for storing passwords over strings (different language, but same principles).

golang bcrypt returns in Bytes

1 Answers1