use PBKDF2 to esnure key is 23bytes.

2025-01-26 16:27:02 -06:00 · 2016-01-26 05:15:29 +08:00 · 2016-01-26 05:15:29 +08:00 · c8c337cead
commit c8c337cead
parent 05868bc1df
2 changed files with 17 additions and 18 deletions
--- a/pkg/util/encryption.go
+++ b/pkg/util/encryption.go
@ -4,13 +4,17 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/rand"
+	"crypto/sha256"
 	"io"

 	"github.com/grafana/grafana/pkg/log"
 )

+const saltLength = 8
+
 func Decrypt(payload []byte, secret string) []byte {
-	key := encryptionKeyToBytes(secret)
+	salt := payload[:saltLength]
+	key := encryptionKeyToBytes(secret, string(salt))

 	block, err := aes.NewCipher(key)
 	if err != nil {
@ -22,8 +26,8 @@ func Decrypt(payload []byte, secret string) []byte {
 	if len(payload) < aes.BlockSize {
 		log.Fatal(4, "payload too short")
 	}
-	iv := payload[:aes.BlockSize]
-	payload = payload[aes.BlockSize:]
+	iv := payload[saltLength : saltLength+aes.BlockSize]
+	payload = payload[saltLength+aes.BlockSize:]

 	stream := cipher.NewCFBDecrypter(block, iv)

@ -33,8 +37,9 @@ func Decrypt(payload []byte, secret string) []byte {
 }

 func Encrypt(payload []byte, secret string) []byte {
-	key := encryptionKeyToBytes(secret)
+	salt := GetRandomString(saltLength)

+	key := encryptionKeyToBytes(secret, salt)
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		log.Fatal(4, err.Error())
@ -42,25 +47,20 @@ func Encrypt(payload []byte, secret string) []byte {

 	// The IV needs to be unique, but not secure. Therefore it's common to
 	// include it at the beginning of the ciphertext.
-	ciphertext := make([]byte, aes.BlockSize+len(payload))
-	iv := ciphertext[:aes.BlockSize]
+	ciphertext := make([]byte, saltLength+aes.BlockSize+len(payload))
+	copy(ciphertext[:saltLength], []byte(salt))
+	iv := ciphertext[saltLength : saltLength+aes.BlockSize]
 	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
 		log.Fatal(4, err.Error())
 	}

 	stream := cipher.NewCFBEncrypter(block, iv)
-	stream.XORKeyStream(ciphertext[aes.BlockSize:], payload)
+	stream.XORKeyStream(ciphertext[saltLength+aes.BlockSize:], payload)

 	return ciphertext
 }

 // Key needs to be 32bytes
-func encryptionKeyToBytes(secret string) []byte {
-	key := make([]byte, 32, 32)
-	keyBytes := []byte(secret)
-	secretLength := len(keyBytes)
-	for i := 0; i < 32; i++ {
-		key[i] = keyBytes[i%secretLength]
-	}
-	return key
+func encryptionKeyToBytes(secret, salt string) []byte {
+	return PBKDF2([]byte(secret), []byte(salt), 10000, 32, sha256.New)
 }
--- a/pkg/util/encryption_test.go
+++ b/pkg/util/encryption_test.go
@ -10,12 +10,11 @@ func TestEncryption(t *testing.T) {

 	Convey("When getting encryption key", t, func() {

-		key := encryptionKeyToBytes("secret")
+		key := encryptionKeyToBytes("secret", "salt")
 		So(len(key), ShouldEqual, 32)

-		key = encryptionKeyToBytes("a very long secret key that is larger then 32bytes")
+		key = encryptionKeyToBytes("a very long secret key that is larger then 32bytes", "salt")
 		So(len(key), ShouldEqual, 32)
-
 	})

 	Convey("When decrypting basic payload", t, func() {