admin/milvus
1
0
Fork 0
mirror of https://gitee.com/milvus-io/milvus.git synced 2025-12-31 07:55:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
milvus/internal/util/crypto/crypto.go
codeman 95a3830dc6
fix password comparison too slow (#17874) (#17897) 
Signed-off-by: kejiang <ke.jiang@zilliz.com>

Co-authored-by: kejiang <ke.jiang@zilliz.com>
2022-06-29 20:02:18 +08:00

62 lines
1.4 KiB
Go
Raw Blame History

package crypto
import (
"crypto/sha256"
"encoding/base64"
"encoding/hex"
"github.com/milvus-io/milvus/internal/log"
"github.com/milvus-io/milvus/internal/proto/internalpb"
"go.uber.org/zap"
"golang.org/x/crypto/bcrypt"
)
func SHA256(src string, salt string) string {
h := sha256.New()
h.Write([]byte(src + salt))
sum := h.Sum(nil)
s := hex.EncodeToString(sum)
return s
}
// PasswordEncrypt encrypt password
func PasswordEncrypt(pwd string) (string, error) {
bytes, err := bcrypt.GenerateFromPassword([]byte(pwd), bcrypt.MinCost)
if err != nil {
return "", err
}
return string(bytes), err
}
// PasswordVerify verify password
func PasswordVerify(rawPwd string, credInfo *internalpb.CredentialInfo) bool {
// 1. hit cache
if credInfo.Sha256Password != "" {
encryped := SHA256(rawPwd, credInfo.Username)
return encryped == credInfo.Sha256Password
}
// 2. miss cache, verify against encrypted password from etcd
err := bcrypt.CompareHashAndPassword([]byte(credInfo.EncryptedPassword), []byte(rawPwd))
if err != nil {
log.Error("Verify password failed", zap.Error(err))
}
return err == nil
}
func Base64Decode(pwd string) (string, error) {
bytes, err := base64.StdEncoding.DecodeString(pwd)
if err != nil {
return "", err
}
return string(bytes), err
}
func Base64Encode(pwd string) string {
return base64.StdEncoding.EncodeToString([]byte(pwd))
}
Reference in New Issue View Git Blame Copy Permalink