Skip to content

Commit

Permalink
KSM-551 Stop generating UIDs that start with "-" (#37)
Browse files Browse the repository at this point in the history
  • Loading branch information
@idimov-keeper
idimov-keeper authored Sep 5, 2024
1 parent 41c9c64 commit cb3d0c1
Show file tree
Hide file tree
Showing 10 changed files with 38 additions and 13 deletions.
4 changes: 4 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,10 @@ secretsManager.Save(secretToUpdate)
# Change Log
## 1.6.4
* KSM-551 - Stop generating UIDs that start with "-"
## 1.6.3
* KSM-497 - Expose additional methods to create record from data, options and UID
Expand Down
4 changes: 4 additions & 0 deletions core/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,10 @@ secretsManager.Save(secretToUpdate)
# Change Log
## 1.6.4
* KSM-551 - Stop generating UIDs that start with "-"
## 1.6.3
* KSM-497 - Expose additional methods to create record from data, options and UID
Expand Down
4 changes: 1 addition & 3 deletions core/core.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -636,15 +636,13 @@ func (c *SecretsManager) prepareCreateFolderPayload(createOptions CreateOptions,
ClientId: c.Config.Get(KEY_CLIENT_ID),
SharedFolderUid: createOptions.FolderUid,
ParentUid: createOptions.SubFolderUid,
FolderUid: GenerateUid(),
}

if strings.TrimSpace(payload.ClientId) == "" {
return nil, fmt.Errorf("unable to update folder - client Id is missing from the configuration")
}

folderUid, _ := GetRandomBytes(16)
payload.FolderUid = BytesToUrlSafeStr(folderUid)

folderKey, _ := GetRandomBytes(32)
if encryptedFolderKey, err := EncryptAesCbc(folderKey, sharedFolderKey); err == nil {
payload.SharedFolderKey = BytesToUrlSafeStr(encryptedFolderKey)
Expand Down
2 changes: 1 addition & 1 deletion core/dtos.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -377,7 +377,7 @@ func NewRecordFromRecordDataWithUid(recordUid string, recordData *RecordCreate,
}

if len(ruid) != 16 {
if newUid, err := GenerateRandomBytes(16); err == nil {
if newUid, err := GenerateUidBytes(); err == nil {
ruid = newUid
} else {
return nil
Expand Down
4 changes: 2 additions & 2 deletions core/keeper_globals.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ import (

const (
versionMajor string = "16"
version string = "16.6.3"
keeperSecretsManagerClientId string = "mg16.6.3" // Golang client ID starts with "mg" + version
version string = "16.6.4"
keeperSecretsManagerClientId string = "mg16.6.4" // Golang client ID starts with "mg" + version

Check failure

Code scanning / CodeQL

Hard-coded credentials Critical

Hard-coded
secret
Loading
.
defaultKeeperHostname string = "keepersecurity.com"
clientIdHashTag string = "KEEPER_SECRETS_MANAGER_CLIENT_ID" // Tag for hashing the client key to client id
)
Expand Down
21 changes: 20 additions & 1 deletion core/utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,8 +126,27 @@ func GenerateRandomBytes(size int) ([]byte, error) {
return GetRandomBytes(size)
}

func GenerateUidBytes() (bytes []byte, err error) {
dash := byte('\xf8') // 1111_1000

for i := 0; i < 8; i++ {
bytes, err = GenerateRandomBytes(16)
if err != nil {
return nil, err
}
if dash&bytes[0] != dash {
break
}
}
if dash&bytes[0] == dash {
bytes[0] = bytes[0] & byte('\x7f') // 0b0111_1111
}

return bytes, nil
}

func GenerateUid() string {
uid, _ := GetRandomBytes(16)
uid, _ := GenerateUidBytes()
return BytesToUrlSafeStr(uid)
}

Expand Down
2 changes: 1 addition & 1 deletion example/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ module example

go 1.14

require github.com/keeper-security/secrets-manager-go/core v1.6.2
require github.com/keeper-security/secrets-manager-go/core v1.6.4
4 changes: 2 additions & 2 deletions example/go.sum
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
github.com/keeper-security/secrets-manager-go/core v1.6.2 h1:bRZUJI/s5WwVbceSNlKyKqYuBNKkZCyNPH4lU2GYiF0=
github.com/keeper-security/secrets-manager-go/core v1.6.2/go.mod h1:dtlaeeds9+SZsbDAZnQRsDSqEAK9a62SYtqhNql+VgQ=
github.com/keeper-security/secrets-manager-go/core v1.6.3 h1:XEHZ8fQ2DFBISK80jWdHmzT56PFqEkXSkakqZxTD8zI=
github.com/keeper-security/secrets-manager-go/core v1.6.3/go.mod h1:dtlaeeds9+SZsbDAZnQRsDSqEAK9a62SYtqhNql+VgQ=
2 changes: 1 addition & 1 deletion test/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ module github.com/keeper-security/secrets-manager-go/core/test

go 1.14

require github.com/keeper-security/secrets-manager-go/core v1.6.2
require github.com/keeper-security/secrets-manager-go/core v1.6.4
4 changes: 2 additions & 2 deletions test/go.sum
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
github.com/keeper-security/secrets-manager-go/core v1.6.2 h1:bRZUJI/s5WwVbceSNlKyKqYuBNKkZCyNPH4lU2GYiF0=
github.com/keeper-security/secrets-manager-go/core v1.6.2/go.mod h1:dtlaeeds9+SZsbDAZnQRsDSqEAK9a62SYtqhNql+VgQ=
github.com/keeper-security/secrets-manager-go/core v1.6.3 h1:XEHZ8fQ2DFBISK80jWdHmzT56PFqEkXSkakqZxTD8zI=
github.com/keeper-security/secrets-manager-go/core v1.6.3/go.mod h1:dtlaeeds9+SZsbDAZnQRsDSqEAK9a62SYtqhNql+VgQ=

0 comments on commit cb3d0c1

Please sign in to comment.