KeyFromPassword uses key derivation to generate a stronger key from a probably weak password.
(folderID, password string)
| 561 | // KeyFromPassword uses key derivation to generate a stronger key from a |
| 562 | // probably weak password. |
| 563 | func (g *KeyGenerator) KeyFromPassword(folderID, password string) *[keySize]byte { |
| 564 | cacheKey := folderKeyCacheKey{folderID, password} |
| 565 | g.mut.Lock() |
| 566 | defer g.mut.Unlock() |
| 567 | if key, ok := g.folderKeys.Get(cacheKey); ok { |
| 568 | return key |
| 569 | } |
| 570 | bs, err := scrypt.Key([]byte(password), knownBytes(folderID), 32768, 8, 1, keySize) |
| 571 | if err != nil { |
| 572 | panic("key derivation failure: " + err.Error()) |
| 573 | } |
| 574 | if len(bs) != keySize { |
| 575 | panic("key derivation failure: wrong number of bytes") |
| 576 | } |
| 577 | var key [keySize]byte |
| 578 | copy(key[:], bs) |
| 579 | g.folderKeys.Add(cacheKey, &key) |
| 580 | return &key |
| 581 | } |
| 582 | |
| 583 | var hkdfSalt = []byte("syncthing") |
| 584 |