Move collection key derivation in KeyHolder
This commit is contained in:
parent
02ff452c09
commit
8f6b544f49
|
@ -16,7 +16,7 @@ func (c *ClICtrl) syncRemoteCollections(ctx context.Context, info model.Account)
|
|||
return fmt.Errorf("failed to get collections: %s", err)
|
||||
}
|
||||
for _, collection := range collections {
|
||||
collectionKey, err := c.getCollectionKey(ctx, collection)
|
||||
collectionKey, err := c.KeyHolder.GetCollectionKey(ctx, collection)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -33,25 +33,3 @@ func (c *ClICtrl) syncRemoteCollections(ctx context.Context, info model.Account)
|
|||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *ClICtrl) getCollectionKey(ctx context.Context, collection api.Collection) ([]byte, error) {
|
||||
accSecretInfo := c.KeyHolder.GetAccountSecretInfo(ctx)
|
||||
userID := ctx.Value("user_id").(int64)
|
||||
if collection.Owner.ID == userID {
|
||||
collKey, err := enteCrypto.SecretBoxOpen(
|
||||
encoding.DecodeBase64(collection.EncryptedKey),
|
||||
encoding.DecodeBase64(collection.KeyDecryptionNonce),
|
||||
accSecretInfo.MasterKey)
|
||||
if err != nil {
|
||||
log.Fatalf("failed to decrypt collection key %s", err)
|
||||
}
|
||||
return collKey, nil
|
||||
} else {
|
||||
collKey, err := enteCrypto.SealedBoxOpen(encoding.DecodeBase64(collection.EncryptedKey),
|
||||
accSecretInfo.PublicKey, accSecretInfo.SecretKey)
|
||||
if err != nil {
|
||||
log.Fatalf("failed to decrypt collection key %s", err)
|
||||
}
|
||||
return collKey, nil
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,9 +1,12 @@
|
|||
package secrets
|
||||
|
||||
import (
|
||||
"cli-go/internal/api"
|
||||
enteCrypto "cli-go/internal/crypto"
|
||||
"cli-go/pkg/model"
|
||||
"cli-go/utils/encoding"
|
||||
"context"
|
||||
"fmt"
|
||||
)
|
||||
|
||||
type KeyHolder struct {
|
||||
|
@ -35,3 +38,25 @@ func (k *KeyHolder) GetAccountSecretInfo(ctx context.Context) *model.AccSecretIn
|
|||
accountKey := ctx.Value("account_id").(string)
|
||||
return k.AccountSecrets[accountKey]
|
||||
}
|
||||
|
||||
func (k *KeyHolder) GetCollectionKey(ctx context.Context, collection api.Collection) ([]byte, error) {
|
||||
accSecretInfo := k.GetAccountSecretInfo(ctx)
|
||||
userID := ctx.Value("user_id").(int64)
|
||||
if collection.Owner.ID == userID {
|
||||
collKey, err := enteCrypto.SecretBoxOpen(
|
||||
encoding.DecodeBase64(collection.EncryptedKey),
|
||||
encoding.DecodeBase64(collection.KeyDecryptionNonce),
|
||||
accSecretInfo.MasterKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("collection %d key drive failed %s", collection.ID, err)
|
||||
}
|
||||
return collKey, nil
|
||||
} else {
|
||||
collKey, err := enteCrypto.SealedBoxOpen(encoding.DecodeBase64(collection.EncryptedKey),
|
||||
accSecretInfo.PublicKey, accSecretInfo.SecretKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("shared collection %d key drive failed %s", collection.ID, err)
|
||||
}
|
||||
return collKey, nil
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue