Non-encrypted confidential information - Hexadecimal - Go

Non-encrypted confidential information - Hexadecimal - Go

Need

Secure encryption of confidential information

Context

  • Usage of Go 1.16 for developing scalable and efficient applications
  • Usage of gin-gonic/gin for building web applications and APIs in Go
  • Usage of net/http for creating a HTTP server in a Node.js application

Description

Non compliant code

        package main

import (
	"github.com/gin-gonic/gin"
	"net/http"
)

func main() {
	r := gin.Default()

	r.GET("/confidential", func(c *gin.Context) {
		confidentialInfo := "48656c6c6f2c20576f726c64" // "Hello, World" in Hexadecimal
		c.String(http.StatusOK, "Confidential Info: %s", confidentialInfo)
	})

	r.Run() // listen and serve on 0.0.0.0:8080
}
        
        

The above code is a simple Go application that uses the Gin framework. It defines a single GET endpoint /confidential which sends back a string of confidential information. However, this confidential information is not encrypted but rather encoded in hexadecimal. The hexadecimal string "48656c6c6f2c20576f726c64" represents the ASCII string "Hello, World".

The vulnerability lies in the fact that this confidential information is not encrypted. Anyone who intercepts this data can easily decode the hexadecimal string to plain text using any online hexadecimal to text converter and gain access to the confidential information. This is a major security risk as it exposes sensitive data to potential attackers.

Steps

  • Use encryption to protect the confidential information.
  • Choose a strong encryption algorithm.
  • Generate a secure encryption key.
  • Encrypt the confidential information using the encryption key.
  • Store the encrypted information instead of the plain text.
  • Ensure that the encryption key is securely managed and protected.
  • Implement proper access controls to restrict unauthorized access to the encrypted information.
  • Use secure protocols (e.g., HTTPS) to transmit the encrypted information.
  • Implement secure coding practices to prevent other vulnerabilities that could compromise the confidentiality of the information.

Compliant code

        package main

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"encoding/hex"
	"github.com/gin-gonic/gin"
	"io"
	"net/http"
)

func main() {
	r := gin.Default()

	r.GET("/confidential", func(c *gin.Context) {
		confidentialInfo := "Hello, World"
		encryptedInfo, err := encrypt([]byte(confidentialInfo), []byte("examplekey123456")) // Use a secure key
		if err != nil {
			c.String(http.StatusInternalServerError, "Error encrypting information")
			return
		}
		c.String(http.StatusOK, "Confidential Info: %s", hex.EncodeToString(encryptedInfo))
	})

	r.Run() // listen and serve on 0.0.0.0:8080
}

func encrypt(plainText, key []byte) ([]byte, error) {
	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	ciphertext := make([]byte, aes.BlockSize+len(plainText))
	iv := ciphertext[:aes.BlockSize]
	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
		return nil, err
	}

	stream := cipher.NewCFBEncrypter(block, iv)
	stream.XORKeyStream(ciphertext[aes.BlockSize:], plainText)

	return ciphertext, nil
}
        
        

The updated code now encrypts the confidential information using the AES encryption algorithm before sending it to the client. The encrypt function takes the plain text and a key as input, generates a new cipher block from the key, creates a byte slice for the ciphertext with an additional block size to accommodate the initialization vector (IV), generates a random IV, creates a new CFB encrypter stream with the cipher block and IV, and finally XORs the plain text with the key stream to get the ciphertext.

The key used for encryption is "examplekey123456". In a real-world scenario, this key should be securely generated and stored, and not hardcoded as it is in this example.

The encrypted confidential information is then encoded to a hexadecimal string before being sent to the client. This ensures that even if an attacker intercepts the information, they would not be able to understand it without the encryption key.

Please note that this code does not implement access controls or secure transmission protocols, which are also important for protecting confidential information.

References