summaryrefslogtreecommitdiffstats
path: root/modules/context
diff options
context:
space:
mode:
authorsilverwind <me@silverwind.io>2021-05-10 08:45:17 +0200
committerGitHub <noreply@github.com>2021-05-10 07:45:17 +0100
commit1e6fa57acbe3c05cb996b789e8c2d381c953826f (patch)
treec4f1ce55b3423f97952b630462cef5b2035961ec /modules/context
parent270aab429ef025df9a0b9bf9e3982729ae8df449 (diff)
downloadgitea-1e6fa57acbe3c05cb996b789e8c2d381c953826f.tar.gz
gitea-1e6fa57acbe3c05cb996b789e8c2d381c953826f.zip
Use single shared random string generation function (#15741)
* Use single shared random string generation function - Replace 3 functions that do the same with 1 shared one - Use crypto/rand over math/rand for a stronger RNG - Output only alphanumerical for URL compatibilty Fixes: #15536 * use const string method * Update modules/avatar/avatar.go Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: a1012112796 <1012112796@qq.com>
Diffstat (limited to 'modules/context')
-rw-r--r--modules/context/secret.go100
1 files changed, 0 insertions, 100 deletions
diff --git a/modules/context/secret.go b/modules/context/secret.go
deleted file mode 100644
index fcb488d211..0000000000
--- a/modules/context/secret.go
+++ /dev/null
@@ -1,100 +0,0 @@
-// Copyright 2019 The Gitea Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package context
-
-import (
- "crypto/aes"
- "crypto/cipher"
- "crypto/rand"
- "crypto/sha256"
- "encoding/base64"
- "errors"
- "io"
-)
-
-// NewSecret creates a new secret
-func NewSecret() (string, error) {
- return NewSecretWithLength(32)
-}
-
-// NewSecretWithLength creates a new secret for a given length
-func NewSecretWithLength(length int64) (string, error) {
- return randomString(length)
-}
-
-func randomBytes(len int64) ([]byte, error) {
- b := make([]byte, len)
- if _, err := rand.Read(b); err != nil {
- return nil, err
- }
- return b, nil
-}
-
-func randomString(len int64) (string, error) {
- b, err := randomBytes(len)
- return base64.URLEncoding.EncodeToString(b), err
-}
-
-// AesEncrypt encrypts text and given key with AES.
-func AesEncrypt(key, text []byte) ([]byte, error) {
- block, err := aes.NewCipher(key)
- if err != nil {
- return nil, err
- }
- b := base64.StdEncoding.EncodeToString(text)
- ciphertext := make([]byte, aes.BlockSize+len(b))
- iv := ciphertext[:aes.BlockSize]
- if _, err := io.ReadFull(rand.Reader, iv); err != nil {
- return nil, err
- }
- cfb := cipher.NewCFBEncrypter(block, iv)
- cfb.XORKeyStream(ciphertext[aes.BlockSize:], []byte(b))
- return ciphertext, nil
-}
-
-// AesDecrypt decrypts text and given key with AES.
-func AesDecrypt(key, text []byte) ([]byte, error) {
- block, err := aes.NewCipher(key)
- if err != nil {
- return nil, err
- }
- if len(text) < aes.BlockSize {
- return nil, errors.New("ciphertext too short")
- }
- iv := text[:aes.BlockSize]
- text = text[aes.BlockSize:]
- cfb := cipher.NewCFBDecrypter(block, iv)
- cfb.XORKeyStream(text, text)
- data, err := base64.StdEncoding.DecodeString(string(text))
- if err != nil {
- return nil, err
- }
- return data, nil
-}
-
-// EncryptSecret encrypts a string with given key into a hex string
-func EncryptSecret(key string, str string) (string, error) {
- keyHash := sha256.Sum256([]byte(key))
- plaintext := []byte(str)
- ciphertext, err := AesEncrypt(keyHash[:], plaintext)
- if err != nil {
- return "", err
- }
- return base64.StdEncoding.EncodeToString(ciphertext), nil
-}
-
-// DecryptSecret decrypts a previously encrypted hex string
-func DecryptSecret(key string, cipherhex string) (string, error) {
- keyHash := sha256.Sum256([]byte(key))
- ciphertext, err := base64.StdEncoding.DecodeString(cipherhex)
- if err != nil {
- return "", err
- }
- plaintext, err := AesDecrypt(keyHash[:], ciphertext)
- if err != nil {
- return "", err
- }
- return string(plaintext), nil
-}