Merge branch 'mayuriSecurityMdl' into 'devbranch'

Securitymdl :SecurityKeyCreator and PasswordSalt

See merge request !18

constantmdl/constantmdl.go

@@ -30,3 +30,18 @@ const IDLECONNTIMEOUT = time.Second * 90
 
 // TASKCOUNT is used as default task count in filepipe
 const TASKCOUNT = 5
+
+// constants used for CreateSecurityKey function in securitymdl
+const (
+	MAX_RANDOM_STRING_LENGTH = 256
+	RANDOM_STRING_LENGTH     = 16
+	NUMBERS_PERCENT          = 10
+	SMALL_CHARS_PERCENT      = 40
+	CAP_CHARS_PERCENT        = 40
+	SPECIAL_CHARS_PERCENT    = 10
+	CharSet                  = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!#$%&'()*+,-./:;<=>?@[]^_`{|}~0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!#$%&'()*+,-./:;<=>?@[]^_`{|}~0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!#$%&'()*@"
+	NUMBERS_SET              = "0123456789"
+	SMALL_CHARS_SET          = "abcdefghijklmnopqrstuvwxyz"
+	CAP_CHARS_SET            = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	SPECIAL_CHARS_SET        = "!#$%&'()*+,-./:;<=>?@[]^_`{|}~"
+)

securitymdl/securitymdl.go

@@ -5,9 +5,13 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	"encoding/base64"
+	"math/rand"
+	"time"
 
+	"corelab.mkcl.org/MKCLOS/coredevelopmentplatform/corepkgv2/constantmdl"
 	"corelab.mkcl.org/MKCLOS/coredevelopmentplatform/corepkgv2/errormdl"
 	"corelab.mkcl.org/MKCLOS/coredevelopmentplatform/corepkgv2/loggermdl"
+	"golang.org/x/crypto/bcrypt"
 )
 
 // SetSecurityConfig will set security key and initializationVector
@@ -165,3 +169,26 @@ func AESDecrypt(encodedData, key []byte) ([]byte, error) {
 
 // 	return byteArray, nil
 // }
+
+// CreateSecurityKey generates random string of given length
+func CreateSecurityKey(keyLength int) (string, error) {
+	if keyLength <= constantmdl.MAX_RANDOM_STRING_LENGTH {
+		seededRand := rand.New(rand.NewSource(time.Now().UnixNano()))
+		b := make([]byte, keyLength)
+		for i := range b {
+			b[i] = constantmdl.CharSet[seededRand.Intn(keyLength)]
+		}
+		return string(b), nil
+	}
+	return "", errormdl.Wrap("length should be less than 256 bytes (2048 bits)")
+}
+
+// SaltPassword Salt using bcrypt creates saltedString of given string
+func SaltPassword(password string) (string, error) {
+	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost)
+	if errormdl.CheckErr(err) != nil {
+		loggermdl.LogError("error occured while calling bcrypt.GenerateFromPassword() : ", errormdl.CheckErr(err))
+		return "", errormdl.CheckErr(err)
+	}
+	return string(hash), nil
+}

securitymdl/securitymdl_test.go

@@ -160,3 +160,36 @@ func TestAESDecryptDifferenceCheck2(t *testing.T) {
 	assert.Error(t, encError, "length of (length - unpadding) is less than 0 / crypto/cipher: input not full blocks")
 	errormdl.IsTestingNegetiveCaseOnCheckInt2 = false
 }
+
+func TestCreateSecurityKey(t *testing.T) {
+	errormdl.IsTestingNegetiveCaseOnCheckInt2 = true
+	keyLength := 256
+	key, _ := CreateSecurityKey(keyLength)
+	assert.Len(t, key, keyLength, "length is equal")
+	errormdl.IsTestingNegetiveCaseOnCheckInt2 = false
+}
+func TestCreateSecurityKeyForOutOfRange(t *testing.T) {
+	errormdl.IsTestingNegetiveCaseOnCheckInt2 = true
+	keyLength := 257
+	_, keyerr := CreateSecurityKey(keyLength)
+	loggermdl.LogError("error is : ", keyerr)
+	assert.Error(t, keyerr, "length is out of range,length should be less than 256 bytes (2048 bits)")
+	errormdl.IsTestingNegetiveCaseOnCheckInt2 = false
+}
+func BenchmarkCreateSecurityKey(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		CreateSecurityKey(16)
+	}
+}
+
+func TestSaltPassword(t *testing.T) {
+	errormdl.IsTestingNegetiveCaseOnCheckInt2 = true
+	saltedPwd, _ := SaltPassword("P@ssw0rd")
+	assert.NotZero(t, len(saltedPwd), "Should give len")
+	errormdl.IsTestingNegetiveCaseOnCheckInt2 = false
+}
+func BenchmarkSaltPassword(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		SaltPassword("P@ssw0rd")
+	}
+}