fix(fips): use standard lib pbkdf2 [be-12164] (#1038)

.golangci.yaml

@@ -37,6 +37,8 @@ linters:
               desc: use github.com/portainer/portainer/pkg/libcrypto
             - pkg: github.com/portainer/libhttp
               desc: use github.com/portainer/portainer/pkg/libhttp
+            - pkg: golang.org/x/crypto/pbkdf2
+              desc: use standard crypto/pbkdf2 instead - important for FIPS mode
     forbidigo:
       forbid:
         - pattern: ^tls\.Config$

api/crypto/aes.go

@@ -5,6 +5,7 @@ import (
 	"bytes"
 	"crypto/aes"
 	"crypto/cipher"
+	"crypto/pbkdf2"
 	"crypto/rand"
 	"crypto/sha256"
 	"errors"
@@ -15,7 +16,6 @@ import (
 	"github.com/portainer/portainer/pkg/fips"
 
 	"golang.org/x/crypto/argon2"
-	"golang.org/x/crypto/pbkdf2"
 	"golang.org/x/crypto/scrypt"
 )
 
@@ -248,7 +248,10 @@ func aesEncryptGCMFIPS(input io.Reader, output io.Writer, passphrase []byte) err
 		return err
 	}
 
-	key := pbkdf2.Key(passphrase, salt, pbkdf2Iterations, 32, sha256.New)
+	key, err := pbkdf2.Key(sha256.New, string(passphrase), salt, pbkdf2Iterations, 32)
+	if err != nil {
+		return fmt.Errorf("error deriving key: %w", err)
+	}
 
 	block, err := aes.NewCipher(key)
 	if err != nil {
@@ -315,7 +318,10 @@ func aesDecryptGCMFIPS(input io.Reader, passphrase []byte) (io.Reader, error) {
 		return nil, err
 	}
 
-	key := pbkdf2.Key(passphrase, salt, pbkdf2Iterations, 32, sha256.New)
+	key, err := pbkdf2.Key(sha256.New, string(passphrase), salt, pbkdf2Iterations, 32)
+	if err != nil {
+		return nil, fmt.Errorf("error deriving key: %w", err)
+	}
 
 	// Initialize AES cipher block
 	block, err := aes.NewCipher(key)