test loading secret key
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
6
controllers/unlock.go
Normal file
6
controllers/unlock.go
Normal file
@@ -0,0 +1,6 @@
|
||||
package controllers
|
||||
|
||||
import "github.com/gin-gonic/gin"
|
||||
|
||||
func Unlock(c *gin.Context) {
|
||||
}
|
||||
9
main.go
9
main.go
@@ -23,6 +23,8 @@ import (
|
||||
var sha1ver string // sha1 revision used to build the program
|
||||
var buildTime string // when the executable was built
|
||||
|
||||
var keyString string
|
||||
|
||||
func main() {
|
||||
|
||||
// Load data from environment file
|
||||
@@ -47,9 +49,15 @@ func main() {
|
||||
log.SetOutput(logfileWriter)
|
||||
log.Printf("SMT starting execution. Built on %s from sha1 %s\n", buildTime, sha1ver)
|
||||
|
||||
// Set secrets key from .env file
|
||||
keyString = os.Getenv("SECRETS_KEY")
|
||||
|
||||
// Initiate connection to sqlite and make sure our schema is up to date
|
||||
models.ConnectDatabase()
|
||||
|
||||
// let the models package know our secrets key
|
||||
models.LoadSecretKey(keyString)
|
||||
|
||||
// Create context that listens for the interrupt signal from the OS.
|
||||
ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
|
||||
defer stop()
|
||||
@@ -136,6 +144,7 @@ func main() {
|
||||
// Register our routes
|
||||
public := router.Group("/api")
|
||||
public.POST("/login", controllers.Login)
|
||||
public.POST("/unlock", controllers.Unlock)
|
||||
|
||||
// API calls that only an administrator can make
|
||||
adminOnly := router.Group("/api/admin")
|
||||
|
||||
12
models/db_unlock.go
Normal file
12
models/db_unlock.go
Normal file
@@ -0,0 +1,12 @@
|
||||
package models
|
||||
|
||||
type Unlock struct {
|
||||
SecretsKey string `json:"secrets"`
|
||||
}
|
||||
|
||||
func (u *Unlock) UnlockSecrets() (*Unlock, error) {
|
||||
|
||||
// Receive secrets key and store in memory somehow
|
||||
|
||||
return u, nil
|
||||
}
|
||||
@@ -8,7 +8,6 @@ import (
|
||||
"errors"
|
||||
"io"
|
||||
"log"
|
||||
"os"
|
||||
|
||||
"github.com/jmoiron/sqlx"
|
||||
)
|
||||
@@ -156,7 +155,9 @@ func (s *Secret) UpdateSecret() (*Secret, error) {
|
||||
|
||||
func (s *Secret) EncryptSecret() (*Secret, error) {
|
||||
|
||||
keyString := os.Getenv("SECRETS_KEY")
|
||||
//keyString := os.Getenv("SECRETS_KEY")
|
||||
keyString := secretKey
|
||||
|
||||
// The key argument should be the AES key, either 16 or 32 bytes
|
||||
// to select AES-128 or AES-256.
|
||||
key := []byte(keyString)
|
||||
@@ -203,7 +204,9 @@ func (s *Secret) EncryptSecret() (*Secret, error) {
|
||||
func (s *Secret) DecryptSecret() (*Secret, error) {
|
||||
// The key argument should be the AES key, either 16 or 32 bytes
|
||||
// to select AES-128 or AES-256.
|
||||
keyString := os.Getenv("SECRETS_KEY")
|
||||
//keyString := os.Getenv("SECRETS_KEY")
|
||||
keyString := secretKey
|
||||
|
||||
key := []byte(keyString)
|
||||
|
||||
if len(s.Secret) < nonceSize {
|
||||
|
||||
@@ -15,6 +15,7 @@ import (
|
||||
)
|
||||
|
||||
var db *sqlx.DB
|
||||
var secretKey string
|
||||
|
||||
const (
|
||||
sqlFile = "smt.db"
|
||||
@@ -80,6 +81,11 @@ func ConnectDatabase() {
|
||||
//defer db.Close()
|
||||
}
|
||||
|
||||
func LoadSecretKey(key string) {
|
||||
// Store the secret key so that we can access it when encrypting/decrypting
|
||||
secretKey = key
|
||||
}
|
||||
|
||||
func DisconnectDatabase() {
|
||||
log.Printf("DisconnectDatabase called")
|
||||
defer db.Close()
|
||||
|
||||
Reference in New Issue
Block a user