nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

update README
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-12 09:41:26 +11:00
parent d087492c31
commit a3333cebb6
6 changed files with 170 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
models/key.go
View File

@@ -71,26 +71,30 @@ func ReceiveKey(key string) error {
return errors.New("secret key provided is not exactly 32 bytes long")
}
// TODO hash the secret key and store it on disk so we can verify if correct secret key is received
filePath, _ := getHashFilePath()
if os.Getenv("SECRETS_KEY") == "" {
// Hash the secret key and store it on disk so we can verify if correct secret key is received
filePath, _ := getHashFilePath()
if filePath != "" && utils.FileExists(filePath) {
log.Printf("ReceiveKey detected hash file at '%s'\n", filePath)
// File already exists, compare received key with hash in file
compare, err := compareHashWithPlaintext(key, filePath)
if err != nil {
return fmt.Errorf("unable to verify secret key: '%s'", err.Error())
}
if !compare {
return errors.New("secret key is not correct")
if filePath != "" && utils.FileExists(filePath) {
log.Printf("ReceiveKey detected hash file at '%s'\n", filePath)
// File already exists, compare received key with hash in file
compare, err := compareHashWithPlaintext(key, filePath)
if err != nil {
return fmt.Errorf("unable to verify secret key: '%s'", err.Error())
}
if !compare {
return errors.New("secret key is not correct")
} else {
log.Printf("ReceiveKey successfully verified supplied key\n")
}
} else if filePath != "" {
log.Printf("ReceiveKey storing key into file '%s'\n", filePath)
storeKeyHash(key, filePath)
} else {
log.Printf("ReceiveKey successfully verified supplied key\n")
return fmt.Errorf("unable to determine path to key hash file '%s'", hashFileName)
}
} else if filePath != "" {
log.Printf("ReceiveKey storing key into file '%s'\n", filePath)
storeKeyHash(key, filePath)
} else {
return fmt.Errorf("unable to determine path to key hash file '%s'", hashFileName)
log.Printf("ReceiveKey not storing hash on disk since we read key from environment variable")
}
// Store the secret key in memory so that we can access it when encrypting/decrypting