diff --git a/controllers/unlock.go b/controllers/unlock.go new file mode 100644 index 0000000..e7a2097 --- /dev/null +++ b/controllers/unlock.go @@ -0,0 +1,6 @@ +package controllers + +import "github.com/gin-gonic/gin" + +func Unlock(c *gin.Context) { +} diff --git a/main.go b/main.go index 4015e49..7115fbe 100644 --- a/main.go +++ b/main.go @@ -23,6 +23,8 @@ import ( var sha1ver string // sha1 revision used to build the program var buildTime string // when the executable was built +var keyString string + func main() { // Load data from environment file @@ -47,9 +49,15 @@ func main() { log.SetOutput(logfileWriter) log.Printf("SMT starting execution. Built on %s from sha1 %s\n", buildTime, sha1ver) + // Set secrets key from .env file + keyString = os.Getenv("SECRETS_KEY") + // Initiate connection to sqlite and make sure our schema is up to date models.ConnectDatabase() + // let the models package know our secrets key + models.LoadSecretKey(keyString) + // Create context that listens for the interrupt signal from the OS. ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM) defer stop() @@ -136,6 +144,7 @@ func main() { // Register our routes public := router.Group("/api") public.POST("/login", controllers.Login) + public.POST("/unlock", controllers.Unlock) // API calls that only an administrator can make adminOnly := router.Group("/api/admin") diff --git a/models/db_unlock.go b/models/db_unlock.go new file mode 100644 index 0000000..37d8d35 --- /dev/null +++ b/models/db_unlock.go @@ -0,0 +1,12 @@ +package models + +type Unlock struct { + SecretsKey string `json:"secrets"` +} + +func (u *Unlock) UnlockSecrets() (*Unlock, error) { + + // Receive secrets key and store in memory somehow + + return u, nil +} diff --git a/models/secret.go b/models/secret.go index 42e091c..b989e53 100644 --- a/models/secret.go +++ b/models/secret.go @@ -8,7 +8,6 @@ import ( "errors" "io" "log" - "os" "github.com/jmoiron/sqlx" ) @@ -156,7 +155,9 @@ func (s *Secret) UpdateSecret() (*Secret, error) { func (s *Secret) EncryptSecret() (*Secret, error) { - keyString := os.Getenv("SECRETS_KEY") + //keyString := os.Getenv("SECRETS_KEY") + keyString := secretKey + // The key argument should be the AES key, either 16 or 32 bytes // to select AES-128 or AES-256. key := []byte(keyString) @@ -203,7 +204,9 @@ func (s *Secret) EncryptSecret() (*Secret, error) { func (s *Secret) DecryptSecret() (*Secret, error) { // The key argument should be the AES key, either 16 or 32 bytes // to select AES-128 or AES-256. - keyString := os.Getenv("SECRETS_KEY") + //keyString := os.Getenv("SECRETS_KEY") + keyString := secretKey + key := []byte(keyString) if len(s.Secret) < nonceSize { diff --git a/models/setup.go b/models/setup.go index 1927745..068a4c8 100644 --- a/models/setup.go +++ b/models/setup.go @@ -15,6 +15,7 @@ import ( ) var db *sqlx.DB +var secretKey string const ( sqlFile = "smt.db" @@ -80,6 +81,11 @@ func ConnectDatabase() { //defer db.Close() } +func LoadSecretKey(key string) { + // Store the secret key so that we can access it when encrypting/decrypting + secretKey = key +} + func DisconnectDatabase() { log.Printf("DisconnectDatabase called") defer db.Close()