use origin input key by default #46
Conversation
|
eh, I'll take a look at test problems later |
|
@haorenfsa This would break backward compatibility, right? Better avoid breaking it even though the current impl is wrong. |
|
@chase Will you please review this PR? @haorenfsa found that you mistakenly use the MD5 digest of the user key instead of the user key itself in the |
|
@agentzh okey, I'll check it later |
|
the CI test seems passed, but still showing pending |
|
@haorenfsa Yeah, seems like a github or travis bug. |
lib/resty/aes.lua
Outdated
| if option == options.default then | ||
| if type(_hash) == "table" then | ||
| if not _hash.iv or #_hash.iv ~= 16 then | ||
| return nil, "bad iv" |
There was a problem hiding this comment.
We should use 4-space indentations consistently. Please fix other similar places, if any.
| @@ -293,3 +293,24 @@ failed to new: bad iv | |||
| --- no_error_log | |||
| [error] | |||
|
|
|||
There was a problem hiding this comment.
We always use 3 blank lines to separate test blocks. Please use the reindex script to auto-format this .t file. Thank you.
lib/resty/aes.lua
Outdated
| local options = { | ||
| default = 0x01, | ||
| key_without_gen = 0x02 | ||
| -- may add other things like padding mode; or use bit 'or/and' operation for combined option |
There was a problem hiding this comment.
This line is too long, exceeding 80 columns.
lib/resty/aes.lua
Outdated
|
|
||
| local options = { | ||
| default = 0x01, | ||
| key_without_gen = 0x02 |
There was a problem hiding this comment.
Better add a trailing comma to simplify adding more options in the future.
There was a problem hiding this comment.
Also, the option name"key_without_gen" is confusing. What does it mean?
BTW, shall we add some docs to README for this change or feature?
There was a problem hiding this comment.
about "key_without_gen" option
By default, new() function in aes.lua uses EVP_BytesToKey in openssl to generate key and iv from input key together with salt and etc by md5. Use generated key can avoid some attacks.
But sometimes people just want to use simple key without iv and generation instead, for compatibility or other reason.
so how should we name it? use_origin_key?
about docs
Of course we should. It takes me quite a while when I crash into this.
There was a problem hiding this comment.
@haorenfsa use_raw_key might be a better name? Also, maye we do not need the default option at all?
There was a problem hiding this comment.
yeah,it's better. And default can be replaced with nil input
lib/resty/aes.lua
Outdated
| end | ||
|
|
||
| -- note it's key padding not data padding, and it use zero padding only; | ||
| key = key..string.rep("\0", _cipherLength - #key) |
There was a problem hiding this comment.
Please avoid this global variable string. We should avoid use of Lua globals on such Lua hot code paths. We should write
local str_rep = string.rep
function blah(...)
str_rep(...)
end
This way we also save 2 table looks on hot code paths, one is the table lookup of the key "string" in the global environment table, and the other is the lookup of the key "rep" in the "string" table.
|
LGTM, and I apply the patch for my aes.lua |
|
which version will include this change? |
|
If I recall correctly, the use of MD5 was for compatibility of some library or language which I cannot place exactly. Security-wise, what I committed is quite a big mistake, even if it was for the sake of compatibility. If this matches the valid behavior of the most commonly integrated tools/languages, it should be merged. That said, I do not have time to help maintain the code I contributed or do code reviews, unfortunately. |
|
Thanks to @shaoyue
…On Tue, Nov 28, 2017 at 7:47 PM, shaoyue ***@***.***> wrote:
almost forgot about this patch... I'll commit a update for tutorial in
this patch later this week, and is there anything else need to be altered?
@agentzh <https://github.com/agentzh>
@wenxzhen <https://github.com/wenxzhen> my team has been using this patch
in production environment for several months, and it is doing well.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#46 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AB-dn5LTegy1i5-tjMLk0HPozp8rCw0Aks5s6_LhgaJpZM4O8OP4>
.
|
add example of using "use_raw_key" option
|
@agentzh plz review again when you can spare some time? thanks for the attention |
|
@haorenfsa I'll look into this as soon as I can manage. Sorry for the delay on my side. |
|
same problem. I'm trying to decrypt data encrypted by crypto-js(AES-256, ECB) and worked around it with the following code |
this patch is mean to fix issues like #28, #19
and it's now compatite with openssl shell command and php
note it's not related to pull request #35 : it's only about the key, not data.
things might concern :
new()function, which is by default _M.hash.md5;eg: