示例#1
0
func CreateCrypto(c *cli.Context) (*secure.AesGCM, error) {
	keyPath := c.String("key-path")

	if keyPath == "" {
		usr, err := user.Current()
		if err != nil {
			fmt.Println(err.Error())
		}
		keyPath = usr.HomeDir + "/.rss/key"
	}

	key, err := ioutil.ReadFile(keyPath)
	if err != nil {
		fmt.Printf("Unable to read key file: %s\n%s\n", keyPath, err.Error())
		return nil, err
	}

	key = bytes.Trim(key, "\n")
	secretPbkdf := secure.NewPbkdf2(key, 16)
	crypto, err := secure.NewAesGCM(secretPbkdf)
	if err != nil {
		fmt.Printf("Error creating crypto: %s\n", err)
		return nil, err
	}
	return crypto, nil
}
示例#2
0
func createCrypto(logger lager.Logger, secret string) *secure.AesGCM {
	// generate secure encryption key using key derivation function (pbkdf2)
	secretPbkdf2 := secure.NewPbkdf2([]byte(secret), 16)
	crypto, err := secure.NewAesGCM(secretPbkdf2)
	if err != nil {
		logger.Fatal("error-creating-route-service-crypto", err)
	}
	return crypto
}
示例#3
0
	BeforeEach(func() {
		var err error
		// valid key size
		key = []byte("super-secret-key")
		Expect(err).ToNot(HaveOccurred())
		aesGcm, err = secure.NewAesGCM(key)
		Expect(err).ToNot(HaveOccurred())
	})

	Describe("NewPbkdf2", func() {

		Context("when a plaintext secret is provided", func() {

			Context("when password length is less than desired key len", func() {
				It("generates an encryption key of desired ken length", func() {
					k := secure.NewPbkdf2([]byte(""), 16)
					Expect(k).To(HaveLen(16))

					k = secure.NewPbkdf2([]byte("short-key"), 16)
					Expect(k).To(HaveLen(16))

					k = secure.NewPbkdf2([]byte("1234678901234567890abc"), 16)
					Expect(k).To(HaveLen(16))

					k = secure.NewPbkdf2([]byte("short-key"), 32)
					Expect(k).To(HaveLen(32))
				})
			})

			Context("when password length is greater than desired key len", func() {
				It("generates an encryption key of desired ken length", func() {