Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
8cf75b4e
Commit
8cf75b4e
authored
Nov 06, 2019
by
Stephan Eicher
Committed by
Sofia Papagiannaki
Nov 06, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
pkg/util: Replace custom pbkdf2 implementation by maintained version (#19941)
parent
31e7e35b
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
5 additions
and
54 deletions
+5
-54
go.mod
+1
-0
pkg/util/encoding.go
+2
-53
pkg/util/encryption.go
+2
-1
No files found.
go.mod
View file @
8cf75b4e
...
@@ -67,6 +67,7 @@ require (
...
@@ -67,6 +67,7 @@ require (
github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 // indirect
github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 // indirect
github.com/yudai/pp v2.0.1+incompatible // indirect
github.com/yudai/pp v2.0.1+incompatible // indirect
go.uber.org/atomic v1.3.2 // indirect
go.uber.org/atomic v1.3.2 // indirect
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80
golang.org/x/oauth2 v0.0.0-20190319182350-c85d3e98c914
golang.org/x/oauth2 v0.0.0-20190319182350-c85d3e98c914
golang.org/x/sync v0.0.0-20190423024810-112230192c58
golang.org/x/sync v0.0.0-20190423024810-112230192c58
...
...
pkg/util/encoding.go
View file @
8cf75b4e
package
util
package
util
import
(
import
(
"crypto/hmac"
"crypto/rand"
"crypto/rand"
"crypto/sha256"
"crypto/sha256"
"encoding/base64"
"encoding/base64"
"encoding/hex"
"encoding/hex"
"errors"
"errors"
"
hash
"
"
golang.org/x/crypto/pbkdf2
"
"strings"
"strings"
)
)
...
@@ -32,60 +31,10 @@ func GetRandomString(n int, alphabets ...byte) (string, error) {
...
@@ -32,60 +31,10 @@ func GetRandomString(n int, alphabets ...byte) (string, error) {
// EncodePassword encodes a password using PBKDF2.
// EncodePassword encodes a password using PBKDF2.
func
EncodePassword
(
password
string
,
salt
string
)
(
string
,
error
)
{
func
EncodePassword
(
password
string
,
salt
string
)
(
string
,
error
)
{
newPasswd
,
err
:=
PBKDF2
([]
byte
(
password
),
[]
byte
(
salt
),
10000
,
50
,
sha256
.
New
)
newPasswd
:=
pbkdf2
.
Key
([]
byte
(
password
),
[]
byte
(
salt
),
10000
,
50
,
sha256
.
New
)
if
err
!=
nil
{
return
""
,
err
}
return
hex
.
EncodeToString
(
newPasswd
),
nil
return
hex
.
EncodeToString
(
newPasswd
),
nil
}
}
// PBKDF2 implements Password-Based Key Derivation Function 2), aimed to reduce
// the vulnerability of encrypted keys to brute force attacks.
// http://code.google.com/p/go/source/browse/pbkdf2/pbkdf2.go?repo=crypto
func
PBKDF2
(
password
,
salt
[]
byte
,
iter
,
keyLen
int
,
h
func
()
hash
.
Hash
)
([]
byte
,
error
)
{
prf
:=
hmac
.
New
(
h
,
password
)
hashLen
:=
prf
.
Size
()
numBlocks
:=
(
keyLen
+
hashLen
-
1
)
/
hashLen
var
buf
[
4
]
byte
dk
:=
make
([]
byte
,
0
,
numBlocks
*
hashLen
)
U
:=
make
([]
byte
,
hashLen
)
for
block
:=
1
;
block
<=
numBlocks
;
block
++
{
// N.B.: || means concatenation, ^ means XOR
// for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter
// U_1 = PRF(password, salt || uint(i))
prf
.
Reset
()
if
_
,
err
:=
prf
.
Write
(
salt
);
err
!=
nil
{
return
nil
,
err
}
buf
[
0
]
=
byte
(
block
>>
24
)
buf
[
1
]
=
byte
(
block
>>
16
)
buf
[
2
]
=
byte
(
block
>>
8
)
buf
[
3
]
=
byte
(
block
)
if
_
,
err
:=
prf
.
Write
(
buf
[
:
4
]);
err
!=
nil
{
return
nil
,
err
}
dk
=
prf
.
Sum
(
dk
)
T
:=
dk
[
len
(
dk
)
-
hashLen
:
]
copy
(
U
,
T
)
// U_n = PRF(password, U_(n-1))
for
n
:=
2
;
n
<=
iter
;
n
++
{
prf
.
Reset
()
if
_
,
err
:=
prf
.
Write
(
U
);
err
!=
nil
{
return
nil
,
err
}
U
=
U
[
:
0
]
U
=
prf
.
Sum
(
U
)
for
x
:=
range
U
{
T
[
x
]
^=
U
[
x
]
}
}
}
return
dk
[
:
keyLen
],
nil
}
// GetBasicAuthHeader returns a base64 encoded string from user and password.
// GetBasicAuthHeader returns a base64 encoded string from user and password.
func
GetBasicAuthHeader
(
user
string
,
password
string
)
string
{
func
GetBasicAuthHeader
(
user
string
,
password
string
)
string
{
var
userAndPass
=
user
+
":"
+
password
var
userAndPass
=
user
+
":"
+
password
...
...
pkg/util/encryption.go
View file @
8cf75b4e
...
@@ -6,6 +6,7 @@ import (
...
@@ -6,6 +6,7 @@ import (
"crypto/rand"
"crypto/rand"
"crypto/sha256"
"crypto/sha256"
"errors"
"errors"
"golang.org/x/crypto/pbkdf2"
"io"
"io"
)
)
...
@@ -73,5 +74,5 @@ func Encrypt(payload []byte, secret string) ([]byte, error) {
...
@@ -73,5 +74,5 @@ func Encrypt(payload []byte, secret string) ([]byte, error) {
// Key needs to be 32bytes
// Key needs to be 32bytes
func
encryptionKeyToBytes
(
secret
,
salt
string
)
([]
byte
,
error
)
{
func
encryptionKeyToBytes
(
secret
,
salt
string
)
([]
byte
,
error
)
{
return
PBKDF2
([]
byte
(
secret
),
[]
byte
(
salt
),
10000
,
32
,
sha256
.
New
)
return
pbkdf2
.
Key
([]
byte
(
secret
),
[]
byte
(
salt
),
10000
,
32
,
sha256
.
New
),
nil
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment