search

campeon23 / split-fetcher

The code is a concurrent file downloader in Go that splits a file into multiple parts, downloads them in parallel, and assembles the final file, with support for Etag validation to ensure file integrity.
MIT License
1 stars 0 forks source link

Separate Keys for HMAC and Encryption #150

Closed campeon23 closed 1 year ago

campeon23 commented 1 year ago

Description: The application currently uses an identical key for both encryption and HMAC generation. This convergence can introduce cryptographic vulnerabilities.

Recommendation: Implement a key derivation function to yield two distinct keys: one for encryption and another for HMAC. This separation mitigates potential cryptographic risks.

Example Fix:

import (
    "crypto/hmac"
    "crypto/sha256"
)

func deriveKeys(masterKey []byte) (encryptionKey, hmacKey []byte) {
    h := hmac.New(sha256.New, masterKey)
    h.Write([]byte("encryption"))
    encryptionKey = h.Sum(nil)

    h.Reset()
    h.Write([]byte("hmac"))
    hmacKey = h.Sum(nil)

    return
}

Acceptance Criteria:

  • Split the master key into separate keys for encryption and HMAC.
  • Ensure all parts of the codebase adhere to this separation.
  • Update related tests and validate the separation.
  • Document the importance and methods of this distinction.

Severity Level: High

campeon23 commented 1 year ago

Given the recent developments and improvements made to our encryption process:

We have fully integrated the AEAD using the GCM methodology, ensuring a higher level of encryption and authentication.

Post GCM integration, the separate HMAC functionalities were found to be redundant, leading to their deprecation.

Our team has rigorously tested the new encryption method, confirming its security robustness and seamless functionality.

Additionally, during the refactoring phase, we optimized our logic structure. Specifically, the timestamp generation for manifest file tagging has been moved from the run() function to localAppConfig.Execute().

Considering these comprehensive changes and advancements, the concerns raised in this ticket regarding the convergence of the encryption key and HMAC are no longer valid or applicable.

Therefore, I am marking this ticket as invalidated. Should there be any further inquiries or adjustments related to this or other aspects, kindly open a new ticket or readdress the current one with the specifics.

Invalidating the ticket based on the latest implementations and changes.