Support argon2id password hash algo #637
Conversation
common/password-hash.c
Outdated
| } | ||
|
|
||
| int | ||
| pdkdf2_sha256_derive_key (const char *data_in, int in_len, int version, |
There was a problem hiding this comment.
不需要把兼容多种 enc 版本的代码复制过来。这个 password-hash.c 的代码应该重新写。对于 pbkdf2_256 算法应该只支持使用 repo_salt 的情况。(参数名字叫 salt 就行了,把这个函数看做一个通用的工具函数。)概念上,你应该把新写的这些代码和原有的 derive_key 函数完全分开来看。新写的函数就只是用来处理指定了 hash_algo 的情况,且仅用于计算 password hash,不用于 derive 加密 random key 用的 key 和 iv。
另外函数名字 pbkdf2 写错了。
common/password-hash.c
Outdated
|
|
||
| int | ||
| argon2id_derive_key (const char *data_in, int in_len, int version, | ||
| const char *repo_salt, |
There was a problem hiding this comment.
这个函数也是不需要考虑 version 问题,直接接受传入的 salt 即可。
另外,这两个 derive_key 函数应该定义为 static 吧。
common/password-hash.c
Outdated
| } | ||
|
|
||
| void | ||
| pwd_hash_init (const char *algo, const char *params_str, PwdHashParams *params) |
There was a problem hiding this comment.
这个函数应该没有必要了。需要生成 pwd_hash 或者验证密码的代码,只需要读取相应的配置字符串,传入给 pwd_hash_derive_key 函数就行了。使用 pwd_hash 模块的代码自己去判断是否要使用新的 password hash 算法。
common/seafile-crypt.c
Outdated
| int | ||
| seafile_derive_key (const char *data_in, int in_len, int version, | ||
| const char *repo_salt, | ||
| const char *algo, const char *params_str, |
common/seafile-crypt.c
Outdated
| @@ -107,6 +90,8 @@ int | |||
| seafile_generate_random_key (const char *passwd, | |||
| int version, | |||
| const char *repo_salt, | |||
| const char *algo, | |||
| const char *params, | |||
common/seafile-crypt.c
Outdated
| @@ -139,6 +124,8 @@ void | |||
| seafile_generate_magic (int version, const char *repo_id, | |||
There was a problem hiding this comment.
这个函数不用改。应该有一个新的函数用来基于 pwd_algo 生成 pwd_hash。
common/seafile-crypt.c
Outdated
| @@ -193,11 +190,12 @@ int | |||
| seafile_decrypt_repo_enc_key (int enc_version, | |||
| const char *passwd, const char *random_key, | |||
| const char *repo_salt, | |||
| const char *algo, const char *params_str, | |||
| return -1; | ||
| } | ||
| } | ||
|
|
There was a problem hiding this comment.
这块的逻辑需要根据我的评论重新写一下。是否使用新的 password hash 算法和加密版本应该无关。
common/commit-mgr.c
Outdated
| @@ -633,12 +636,18 @@ commit_to_json_object (SeafCommit *commit) | |||
|
|
|||
| if (commit->encrypted) { | |||
| json_object_set_int_member (object, "enc_version", commit->enc_version); | |||
| if (commit->enc_version >= 1) | |||
| // If pwd_hash is setted, the magic field is no longer included in the commit of the newly created repo. | |||
common/commit-mgr.c
Outdated
| @@ -739,6 +754,10 @@ commit_from_json_object (const char *commit_id, json_t *object) | |||
| (second_parent_id && !is_object_id_valid(second_parent_id))) | |||
| return commit; | |||
|
|
|||
| // If pwd_hash is setted, the magic field is no longer included in the commit of the newly created repo. | |||
| @@ -800,6 +819,11 @@ commit_from_json_object (const char *commit_id, json_t *object) | |||
| commit->random_key = g_strdup (random_key); | |||
| if (enc_version >= 3) | |||
| commit->salt = g_strdup(salt); | |||
There was a problem hiding this comment.
上面的代码,如果 pwd_hash != NULL,那么不要设置 magic。这样数据结构会干净一点,也更一致。
common/password-hash.c
Outdated
|
|
||
| // pwd_hash_init is used to init default pwd hash algorithms. | ||
| void | ||
| pwd_hash_init (const char *algo, const char *params_str, PwdHashParams *params) |
There was a problem hiding this comment.
这个函数名字改为 parse_pwd_hash_params 吧。
common/rpc-service.c
Outdated
| @@ -696,6 +698,8 @@ GObject * | |||
| seafile_generate_magic_and_random_key(int enc_version, | |||
| const char* repo_id, | |||
| const char *passwd, | |||
| const char *pwd_hash_algo, | |||
| const char *pwd_hash_params, | |||
There was a problem hiding this comment.
这个 rpc 不需要传入这两个参数。这两个参数应该是底层内部确定的。新建的资料库应该总是使用配置文件中的 pwd_hash 算法和参数;如果没有配置,那么就是用旧的 magic 计算方式。
common/seafile-crypt.h
Outdated
| seafile_crypt_get_pwd_hash_algo (); | ||
|
|
||
| const char * | ||
| seafile_crypt_get_pwd_hash_params (); |
| @@ -146,6 +149,11 @@ func Get(id string) *Repo { | |||
| repo.RandomKey = commit.RandomKey | |||
| repo.Salt = commit.Salt | |||
| } | |||
| if commit.PwdHash != "" { | |||
There was a problem hiding this comment.
commit to repo 和 repo to commit 的逻辑应该和 C 部分的一致吧。就是如果 PwdHash 不为空,那么 Magic 就应该为空。
server/repo-mgr.c
Outdated
| const char *pwd_hash; | ||
| const char *pwd_hash_algo; | ||
| const char *pwd_hash_params; | ||
| } RepoCryptCompat; |
No description provided.