opensource/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash.git synced 2025-10-28 04:05:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

improve (crypto): derivate secret_key for each usage to reduce attack surface in the worst case scenario

Browse Source
This commit is contained in:
Mickael KERJEAN
2019-01-18 13:48:04 +11:00
parent 7af12753ca
commit ec6eb0e8fa
10 changed files with 53 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
server/common/constants.go
View File

@ -16,4 +16,22 @@ const (
URL_SETUP = "/admin/setup"
)
var BUILD_NUMBER string
var (
BUILD_NUMBER string
SECRET_KEY string
SECRET_KEY_DERIVATE_FOR_PROOF string
SECRET_KEY_DERIVATE_FOR_ADMIN string
SECRET_KEY_DERIVATE_FOR_USER string
)
/*
* Improve security by calculating derivative of the secret key to restrict the attack surface
* in the worst case scenario with one compromise secret key
*/
func InitSecretDerivate(secret string) {
SECRET_KEY = secret
SECRET_KEY_DERIVATE_FOR_PROOF = Hash("PROOF_" + SECRET_KEY, len(SECRET_KEY))
SECRET_KEY_DERIVATE_FOR_ADMIN = Hash("ADMIN_" + SECRET_KEY, len(SECRET_KEY))
SECRET_KEY_DERIVATE_FOR_USER = Hash("USER_" + SECRET_KEY, len(SECRET_KEY))
}