Change all key generation to use PBKDF2;

change all internal encryption back to cbc mode; add hidden command to convert from gcm to cbc internally
2025-12-15 21:47:23 +00:00 · 2019-07-08 20:45:01 -04:00 · 2019-07-08 20:45:01 -04:00 · 347fbe7268
commit 347fbe7268
parent da95f9a5f0
12 changed files with 288 additions and 53 deletions
--- a/cli/commands/decrypt.go
+++ b/cli/commands/decrypt.go
@ -1,7 +1,6 @@
 package commands

 import (
-	"encoding/hex"
 	"fmt"
 	"io/ioutil"
 	"os"
@ -34,11 +33,8 @@ the new file.`,
 			contents, err := ioutil.ReadFile(file)
 			check(err)

-			key, err := hex.DecodeString(cfg.GetString(types.KeyPrivateKey))
-			check(err)
-
-			passkey, err := crypto.CombinePasswordAndKey([]byte(masterpass), []byte(key))
-			check(err)
+			key := cfg.GetString(types.KeyPrivateKey)
+			passkey := crypto.GeneratePBKDF2Key([]byte(masterpass), []byte(key))

 			contents, err = crypto.GCMDecrypt(passkey, contents)
 			check(err)
--- a/cli/commands/encrypt.go
+++ b/cli/commands/encrypt.go
@ -1,7 +1,6 @@
 package commands

 import (
-	"encoding/hex"
 	"fmt"
 	"io/ioutil"
 	"os"
@ -30,11 +29,8 @@ new file.`,
 			contents, err := ioutil.ReadFile(file)
 			check(err)

-			key, err := hex.DecodeString(cfg.GetString(types.KeyPrivateKey))
-			check(err)
-
-			passkey, err := crypto.CombinePasswordAndKey([]byte(masterpass), []byte(key))
-			check(err)
+			key := cfg.GetString(types.KeyPrivateKey)
+			passkey := crypto.GeneratePBKDF2Key([]byte(masterpass), []byte(key))

 			contents, err = crypto.GCMEncrypt(passkey, contents)
 			check(err)
--- a/cli/commands/root.go
+++ b/cli/commands/root.go
@ -38,6 +38,7 @@ can interact with the entire Selfpass API.`,
 		commands.MakeUpdate(mgr, makeInitClient(mgr, clientInit)),
 		commands.MakeGet(mgr, makeInitClient(mgr, clientInit)),
 		commands.MakeDelete(makeInitClient(mgr, clientInit)),
+		commands.MakeGCMToCBC(mgr, makeInitClient(mgr, clientInit)),
 	)

 	check(rootCmd.Execute())