Ensure correct encryption key is provided if using populated data store
This commit is contained in:
Tobie Morgan Hitchcock
parent
e1f1031cc7
commit
e23473cfa9
2 changed files with 76 additions and 1 deletions
26
kvs/db.go
26
kvs/db.go
|
|
@ -15,9 +15,11 @@
|
||||||
package kvs
|
package kvs
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/abcum/surreal/cnf"
|
"github.com/abcum/surreal/cnf"
|
||||||
|
"github.com/abcum/surreal/util/keys"
|
||||||
)
|
)
|
||||||
|
|
||||||
var stores = make(map[string]func(*cnf.Options) (DS, error))
|
var stores = make(map[string]func(*cnf.Options) (DS, error))
|
||||||
|
|
@ -44,7 +46,29 @@ func New(opts *cnf.Options) (db *DB, err error) {
|
||||||
ds, err = stores["pgsql"](opts)
|
ds, err = stores["pgsql"](opts)
|
||||||
}
|
}
|
||||||
|
|
||||||
return &DB{ds: ds}, err
|
db = &DB{ds: ds}
|
||||||
|
|
||||||
|
err = db.enc(opts)
|
||||||
|
|
||||||
|
return
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func (db *DB) enc(opts *cnf.Options) (err error) {
|
||||||
|
|
||||||
|
ck := &keys.CK{KV: opts.DB.Base}
|
||||||
|
|
||||||
|
kv, _ := db.Get(ck.Encode())
|
||||||
|
|
||||||
|
if kv.Exists() == false {
|
||||||
|
err = db.Put(ck.Encode(), []byte("±"))
|
||||||
|
}
|
||||||
|
|
||||||
|
if kv.Exists() == true && kv.Str() != "±" {
|
||||||
|
err = fmt.Errorf("Please provide a valid encryption key for the stored data.")
|
||||||
|
}
|
||||||
|
|
||||||
|
return
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
51
util/keys/ck.go
Normal file
51
util/keys/ck.go
Normal file
|
|
@ -0,0 +1,51 @@
|
||||||
|
// Copyright © 2016 Abcum Ltd
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package keys
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
)
|
||||||
|
|
||||||
|
// CK ...
|
||||||
|
type CK struct {
|
||||||
|
KV interface{}
|
||||||
|
CF interface{}
|
||||||
|
CK interface{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// init initialises the key
|
||||||
|
func (k *CK) init() *CK {
|
||||||
|
k.CF = "!"
|
||||||
|
k.CK = "¥"
|
||||||
|
return k
|
||||||
|
}
|
||||||
|
|
||||||
|
// Encode encodes the key into binary
|
||||||
|
func (k *CK) Encode() []byte {
|
||||||
|
k.init()
|
||||||
|
return encode(k.KV, k.CF, k.CK)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decode decodes the key from binary
|
||||||
|
func (k *CK) Decode(data []byte) {
|
||||||
|
k.init()
|
||||||
|
decode(data, &k.KV, &k.CF, &k.CK)
|
||||||
|
}
|
||||||
|
|
||||||
|
// String returns a string representation of the key
|
||||||
|
func (k *CK) String() string {
|
||||||
|
k.init()
|
||||||
|
return fmt.Sprintf("/%s/%s/%s", k.KV, k.CF, k.CK)
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue