mirror of
https://github.com/grafana/grafana.git
synced 2024-11-28 03:34:15 -06:00
5f6383a750
See, $ gometalinter --vendor --deadline 10m --disable-all --enable=golint ./... encoding.go:15:1⚠️ comment on exported function GetRandomString should be of the form "GetRandomString ..." (golint) encoding.go:30:1⚠️ exported function EncodePassword should have comment or be unexported (golint) encoding.go:35:1⚠️ comment on exported function EncodeMd5 should be of the form "EncodeMd5 ..." (golint) encoding.go:42:1⚠️ comment on exported function PBKDF2 should be of the form "PBKDF2 ..." (golint) encoding.go:80:1⚠️ exported function GetBasicAuthHeader should have comment or be unexported (golint) encoding.go:85:1⚠️ exported function DecodeBasicAuthHeader should have comment or be unexported (golint) encoding.go:105:1⚠️ exported function RandomHex should have comment or be unexported (golint) encryption.go:14:1⚠️ exported function Decrypt should have comment or be unexported (golint) encryption.go:39:1⚠️ exported function Encrypt should have comment or be unexported (golint) ip.go:7:1⚠️ exported function SplitIpPort should have comment or be unexported (golint) json.go:3:6⚠️ exported type DynMap should have comment or be unexported (golint) md5.go:22:1⚠️ comment on exported function Md5SumString should be of the form "Md5SumString ..." (golint) strings.go:10:1⚠️ exported function StringsFallback2 should have comment or be unexported (golint) strings.go:14:1⚠️ exported function StringsFallback3 should have comment or be unexported (golint) strings.go:27:1⚠️ exported function SplitString should have comment or be unexported (golint) strings.go:35:1⚠️ exported function GetAgeString should have comment or be unexported (golint) url.go:8:6⚠️ exported type UrlQueryReader should have comment or be unexported (golint) url.go:12:1⚠️ exported function NewUrlQueryReader should have comment or be unexported (golint) url.go:23:1⚠️ exported method UrlQueryReader.Get should have comment or be unexported (golint) url.go:32:1⚠️ exported function JoinUrlFragments should have comment or be unexported (golint) validation.go:16:1⚠️ exported function IsEmail should have comment or be unexported (golint)
119 lines
3.2 KiB
Go
119 lines
3.2 KiB
Go
package util
|
|
|
|
import (
|
|
"crypto/hmac"
|
|
"crypto/md5"
|
|
"crypto/rand"
|
|
"crypto/sha256"
|
|
"encoding/base64"
|
|
"encoding/hex"
|
|
"errors"
|
|
"hash"
|
|
"strings"
|
|
)
|
|
|
|
// GetRandomString generate random string by specify chars.
|
|
// source: https://github.com/gogits/gogs/blob/9ee80e3e5426821f03a4e99fad34418f5c736413/modules/base/tool.go#L58
|
|
func GetRandomString(n int, alphabets ...byte) string {
|
|
const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
|
var bytes = make([]byte, n)
|
|
rand.Read(bytes)
|
|
for i, b := range bytes {
|
|
if len(alphabets) == 0 {
|
|
bytes[i] = alphanum[b%byte(len(alphanum))]
|
|
} else {
|
|
bytes[i] = alphabets[b%byte(len(alphabets))]
|
|
}
|
|
}
|
|
return string(bytes)
|
|
}
|
|
|
|
// EncodePassword encodes a password using PBKDF2.
|
|
func EncodePassword(password string, salt string) string {
|
|
newPasswd := PBKDF2([]byte(password), []byte(salt), 10000, 50, sha256.New)
|
|
return hex.EncodeToString(newPasswd)
|
|
}
|
|
|
|
// EncodeMd5 encodes a string to md5 hex value.
|
|
func EncodeMd5(str string) string {
|
|
m := md5.New()
|
|
m.Write([]byte(str))
|
|
return hex.EncodeToString(m.Sum(nil))
|
|
}
|
|
|
|
// PBKDF2 implements Password-Based Key Derivation Function 2), aimed to reduce
|
|
// the vulnerability of encrypted keys to brute force attacks.
|
|
// http://code.google.com/p/go/source/browse/pbkdf2/pbkdf2.go?repo=crypto
|
|
func PBKDF2(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
|
|
prf := hmac.New(h, password)
|
|
hashLen := prf.Size()
|
|
numBlocks := (keyLen + hashLen - 1) / hashLen
|
|
|
|
var buf [4]byte
|
|
dk := make([]byte, 0, numBlocks*hashLen)
|
|
U := make([]byte, hashLen)
|
|
for block := 1; block <= numBlocks; block++ {
|
|
// N.B.: || means concatenation, ^ means XOR
|
|
// for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter
|
|
// U_1 = PRF(password, salt || uint(i))
|
|
prf.Reset()
|
|
prf.Write(salt)
|
|
buf[0] = byte(block >> 24)
|
|
buf[1] = byte(block >> 16)
|
|
buf[2] = byte(block >> 8)
|
|
buf[3] = byte(block)
|
|
prf.Write(buf[:4])
|
|
dk = prf.Sum(dk)
|
|
T := dk[len(dk)-hashLen:]
|
|
copy(U, T)
|
|
|
|
// U_n = PRF(password, U_(n-1))
|
|
for n := 2; n <= iter; n++ {
|
|
prf.Reset()
|
|
prf.Write(U)
|
|
U = U[:0]
|
|
U = prf.Sum(U)
|
|
for x := range U {
|
|
T[x] ^= U[x]
|
|
}
|
|
}
|
|
}
|
|
return dk[:keyLen]
|
|
}
|
|
|
|
// GetBasicAuthHeader returns a base64 encoded string from user and password.
|
|
func GetBasicAuthHeader(user string, password string) string {
|
|
var userAndPass = user + ":" + password
|
|
return "Basic " + base64.StdEncoding.EncodeToString([]byte(userAndPass))
|
|
}
|
|
|
|
// DecodeBasicAuthHeader decodes user and password from a basic auth header.
|
|
func DecodeBasicAuthHeader(header string) (string, string, error) {
|
|
var code string
|
|
parts := strings.SplitN(header, " ", 2)
|
|
if len(parts) == 2 && parts[0] == "Basic" {
|
|
code = parts[1]
|
|
}
|
|
|
|
decoded, err := base64.StdEncoding.DecodeString(code)
|
|
if err != nil {
|
|
return "", "", err
|
|
}
|
|
|
|
userAndPass := strings.SplitN(string(decoded), ":", 2)
|
|
if len(userAndPass) != 2 {
|
|
return "", "", errors.New("Invalid basic auth header")
|
|
}
|
|
|
|
return userAndPass[0], userAndPass[1], nil
|
|
}
|
|
|
|
// RandomHex returns a random string from a n seed.
|
|
func RandomHex(n int) (string, error) {
|
|
bytes := make([]byte, n)
|
|
if _, err := rand.Read(bytes); err != nil {
|
|
return "", err
|
|
}
|
|
return hex.EncodeToString(bytes), nil
|
|
}
|