Disable individual encryption per transaction

2016-07-19 17:38:32 +01:00 · 2016-07-19 17:38:32 +01:00 · a06263d738
commit a06263d738
parent 6ad1717f9f
4 changed files with 2 additions and 58 deletions
--- a/kvs/boltdb/tx.go
+++ b/kvs/boltdb/tx.go
@ -163,11 +163,6 @@ func (tx *TX) Put(key, val []byte) (err error) {
 		return
 	}

-	if val, err = cryp.Encrypt(tx.ck, val); err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	if err = tx.bu.Put(key, val); err != nil {
 		err = &kvs.DBError{err}
 		return
@ -205,11 +200,6 @@ func (tx *TX) CPut(key, val, exp []byte) (err error) {
 		return
 	}

-	if val, err = cryp.Encrypt(tx.ck, val); err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	if err = tx.bu.Put(key, val); err != nil {
 		err = &kvs.DBError{err}
 		return
@ -359,12 +349,6 @@ func get(tx *TX, key, val []byte) (kv *KV, err error) {
 		val: val,
 	}

-	kv.val, err = cryp.Decrypt(tx.ck, kv.val)
-	if err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	kv.val, err = cryp.Decrypt(tx.ds.ck, kv.val)
 	if err != nil {
 		err = &kvs.CKError{err}
--- a/kvs/mysql/tx.go
+++ b/kvs/mysql/tx.go
@ -191,11 +191,6 @@ func (tx *TX) Put(key, val []byte) (err error) {
 		return
 	}

-	if val, err = cryp.Encrypt(tx.ck, val); err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	if _, err = tx.tx.Exec("INSERT INTO kv (`key`, `val`) VALUES (?, ?) ON DUPLICATE KEY UPDATE `val` = ?", key, val, val); err != nil {
 		err = &kvs.DBError{err}
 		return
@ -228,11 +223,6 @@ func (tx *TX) CPut(key, val, exp []byte) (err error) {
 		return
 	}

-	if val, err = cryp.Encrypt(tx.ck, val); err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	if _, err = tx.tx.Exec("INSERT INTO kv (`key`, `val`) VALUES (?, ?) ON DUPLICATE KEY UPDATE `val` = ?", key, val, val); err != nil {
 		err = &kvs.DBError{err}
 		return
@ -340,12 +330,6 @@ func get(tx *TX, key, val []byte) (kv *KV, err error) {
 		val: val,
 	}

-	kv.val, err = cryp.Decrypt(tx.ck, kv.val)
-	if err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	kv.val, err = cryp.Decrypt(tx.ds.ck, kv.val)
 	if err != nil {
 		err = &kvs.CKError{err}
--- a/kvs/pgsql/tx.go
+++ b/kvs/pgsql/tx.go
@ -191,11 +191,6 @@ func (tx *TX) Put(key, val []byte) (err error) {
 		return
 	}

-	if val, err = cryp.Encrypt(tx.ck, val); err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	if _, err = tx.tx.Exec("INSERT INTO kv (`key`, `val`) VALUES ($1, $2) ON DUPLICATE KEY UPDATE `val` = $3", key, val, val); err != nil {
 		err = &kvs.DBError{err}
 		return
@ -228,11 +223,6 @@ func (tx *TX) CPut(key, val, exp []byte) (err error) {
 		return
 	}

-	if val, err = cryp.Encrypt(tx.ck, val); err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	if _, err = tx.tx.Exec("INSERT INTO kv (`key`, `val`) VALUES ($1, $2) ON DUPLICATE KEY UPDATE `val` = $3", key, val, val); err != nil {
 		err = &kvs.DBError{err}
 		return
@ -340,12 +330,6 @@ func get(tx *TX, key, val []byte) (kv *KV, err error) {
 		val: val,
 	}

-	kv.val, err = cryp.Decrypt(tx.ck, kv.val)
-	if err != nil {
-		err = &kvs.CKError{err}
-		return
-	}
-
 	kv.val, err = cryp.Decrypt(tx.ds.ck, kv.val)
 	if err != nil {
 		err = &kvs.CKError{err}
--- a/sql/use.go
+++ b/sql/use.go
@ -21,7 +21,7 @@ func (p *Parser) parseUseStatement(explain bool) (stmt *UseStatement, err error)
 	var tok Token
 	var exi bool

-	tok, _, err = p.shouldBe(NAMESPACE, DATABASE, CIPHERKEY)
+	tok, _, err = p.shouldBe(NAMESPACE, DATABASE)
 	if err != nil {
 		return nil, err
 	}
@ -46,15 +46,7 @@ func (p *Parser) parseUseStatement(explain bool) (stmt *UseStatement, err error)
 			p.c.Set("DB", stmt.DB)
 		}

-		if is(tok, CIPHERKEY) {
-			_, stmt.CK, err = p.shouldBe(IDENT, STRING)
-			if err != nil || (len(stmt.CK) != 16 && len(stmt.CK) != 24 && len(stmt.CK) != 32) {
-				return nil, &ParseError{Found: stmt.CK, Expected: []string{"16, 24, or 32 bit cipher key"}}
-			}
-			p.c.Set("CK", stmt.CK)
-		}
-
-		tok, _, exi = p.mightBe(NAMESPACE, DATABASE, CIPHERKEY)
+		tok, _, exi = p.mightBe(NAMESPACE, DATABASE)
 		if !exi {
 			break
 		}