Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add sha256 support with old md5 support #3

Merged
merged 2 commits into from
Sep 18, 2019
Merged

Add sha256 support with old md5 support #3

merged 2 commits into from
Sep 18, 2019

Conversation

Shiranuit
Copy link
Contributor

@Shiranuit Shiranuit commented Sep 16, 2019
edited
Loading

What does this PR do ?

The goal of this PR is to avoid using MD5 hashes in hexadecimal format as a key for aes-256-cbc because even if they are 32 bytes long, which should give us 256 bits password entropy (256^32 == 2^256) which is good at the first look.
We know that there would only be hexadecimal characters within the 32 bytes so it reduces the password entropy to 128 bits (16^32 == 2^128).
So we use a 256 bits password to encrypt data but we only have a 128 bits for the password entropy.

This is why this PR use SHA256 instead of MD5, to provide 256 bits length password and 256 bits of password entropy, and also support the decryption of old data encrypted with MD5 hashed keys.

@Shiranuit Shiranuit self-assigned this Sep 16, 2019
@Shiranuit Shiranuit changed the base branch from master to 1-dev September 16, 2019 16:24
@Aschen
Copy link
Contributor

Aschen commented Sep 16, 2019

More an enhancement to me

Aschen
Aschen suggested changes Sep 16, 2019
View reviewed changes
Copy link
Contributor

@Aschen Aschen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add an unit test with an AES hash

@Shiranuit Shiranuit added enhancement New feature or request and removed changelog:new-feature labels Sep 17, 2019
@codecov
Copy link

codecov bot commented Sep 17, 2019
edited
Loading

Codecov Report

Merging #3 into 1-dev will increase coverage by 0.58%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff            @@
##            1-dev      #3      +/-   ##
=========================================
+ Coverage   90.32%   90.9%   +0.58%     
=========================================
  Files           1       1              
  Lines          62      66       +4     
=========================================
+ Hits           56      60       +4     
  Misses          6       6
Impacted Files Coverage Δ
lib/vault.js 90.9% <100%> (+0.58%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7cad38d...8828ae5. Read the comment docs.

@Shiranuit Shiranuit merged commit 6ba2eaf into 1-dev Sep 18, 2019
@Shiranuit Shiranuit deleted the sha256-support branch September 18, 2019 07:51
@Shiranuit Shiranuit mentioned this pull request Oct 17, 2019
Merged
@Aschen Aschen mentioned this pull request Apr 14, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Aschen Aschen Aschen approved these changes

@scottinet scottinet scottinet approved these changes

Assignees

@Shiranuit Shiranuit

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Shiranuit @Aschen @scottinet