opensource/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash.git synced 2025-10-28 04:05:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

improve (crypto): derivate secret_key for each usage to reduce attack surface in the worst case scenario

Browse Source
This commit is contained in:
Mickael KERJEAN
2019-01-18 13:48:04 +11:00
parent 7af12753ca
commit ec6eb0e8fa
10 changed files with 53 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/model/share.go
View File

@ -261,7 +261,7 @@ func ShareProofGetAlreadyVerified(req *http.Request) []Proof {
if len(cookieValue) > 500 {
return p
}
j, err := DecryptString(SECRET_KEY, cookieValue)
j, err := DecryptString(SECRET_KEY_DERIVATE_FOR_PROOF, cookieValue)
if err != nil {
return p
}
@ -306,7 +306,7 @@ func shareProofAreEquivalent(ref Proof, p Proof) bool {
}
for _, chunk := range strings.Split(ref.Value, ",") {
chunk = strings.Trim(chunk, " ")
if p.Id == Hash(ref.Key + "::" + chunk) {
if p.Id == Hash(ref.Key + "::" + chunk, 20) {
return true
}
}