From e23473cfa9d3bbae697d278e63290a4b24f44a2c Mon Sep 17 00:00:00 2001 From: Tobie Morgan Hitchcock Date: Mon, 18 Jul 2016 23:00:23 +0100 Subject: [PATCH] Ensure correct encryption key is provided if using populated data store --- kvs/db.go | 26 ++++++++++++++++++++++++- util/keys/ck.go | 51 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 76 insertions(+), 1 deletion(-) create mode 100644 util/keys/ck.go diff --git a/kvs/db.go b/kvs/db.go index e1a98f7f..f1694e04 100644 --- a/kvs/db.go +++ b/kvs/db.go @@ -15,9 +15,11 @@ package kvs import ( + "fmt" "strings" "github.com/abcum/surreal/cnf" + "github.com/abcum/surreal/util/keys" ) var stores = make(map[string]func(*cnf.Options) (DS, error)) @@ -44,7 +46,29 @@ func New(opts *cnf.Options) (db *DB, err error) { ds, err = stores["pgsql"](opts) } - return &DB{ds: ds}, err + db = &DB{ds: ds} + + err = db.enc(opts) + + return + +} + +func (db *DB) enc(opts *cnf.Options) (err error) { + + ck := &keys.CK{KV: opts.DB.Base} + + kv, _ := db.Get(ck.Encode()) + + if kv.Exists() == false { + err = db.Put(ck.Encode(), []byte("±")) + } + + if kv.Exists() == true && kv.Str() != "±" { + err = fmt.Errorf("Please provide a valid encryption key for the stored data.") + } + + return } diff --git a/util/keys/ck.go b/util/keys/ck.go new file mode 100644 index 00000000..e1b6afdb --- /dev/null +++ b/util/keys/ck.go @@ -0,0 +1,51 @@ +// Copyright © 2016 Abcum Ltd +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package keys + +import ( + "fmt" +) + +// CK ... +type CK struct { + KV interface{} + CF interface{} + CK interface{} +} + +// init initialises the key +func (k *CK) init() *CK { + k.CF = "!" + k.CK = "¥" + return k +} + +// Encode encodes the key into binary +func (k *CK) Encode() []byte { + k.init() + return encode(k.KV, k.CF, k.CK) +} + +// Decode decodes the key from binary +func (k *CK) Decode(data []byte) { + k.init() + decode(data, &k.KV, &k.CF, &k.CK) +} + +// String returns a string representation of the key +func (k *CK) String() string { + k.init() + return fmt.Sprintf("/%s/%s/%s", k.KV, k.CF, k.CK) +}