Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-09 08:15:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

move kms implementation outside the sdk package

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2022-01-06 10:11:47 +01:00
parent bf03eb2a88
commit 0e2d673889
43 changed files with 899 additions and 907 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
plugin/kms.go
View File

@@ -9,16 +9,17 @@ import (
"github.com/hashicorp/go-hclog"
"github.com/hashicorp/go-plugin"
"github.com/drakkan/sftpgo/v2/kms"
"github.com/drakkan/sftpgo/v2/logger"
"github.com/drakkan/sftpgo/v2/sdk/kms"
sdkkms "github.com/drakkan/sftpgo/v2/sdk/kms"
kmsplugin "github.com/drakkan/sftpgo/v2/sdk/plugin/kms"
"github.com/drakkan/sftpgo/v2/util"
)
var (
validKMSSchemes = []string{kms.SchemeAWS, kms.SchemeGCP, kms.SchemeVaultTransit, kms.SchemeAzureKeyVault}
validKMSEncryptedStatuses = []string{kms.SecretStatusVaultTransit, kms.SecretStatusAWS, kms.SecretStatusGCP,
kms.SecretStatusAzureKeyVault}
validKMSSchemes = []string{sdkkms.SchemeAWS, sdkkms.SchemeGCP, sdkkms.SchemeVaultTransit, sdkkms.SchemeAzureKeyVault}
validKMSEncryptedStatuses = []string{sdkkms.SecretStatusVaultTransit, sdkkms.SecretStatusAWS, sdkkms.SecretStatusGCP,
sdkkms.SecretStatusAzureKeyVault}
)
// KMSConfig defines configuration parameters for kms plugins
@@ -133,7 +134,7 @@ func (s *kmsPluginSecretProvider) IsEncrypted() bool {
}
func (s *kmsPluginSecretProvider) Encrypt() error {
if s.Status != kms.SecretStatusPlain {
if s.Status != sdkkms.SecretStatusPlain {
return kms.ErrWrongSecretStatus
}
if s.Payload == "" {
@@ -160,7 +161,7 @@ func (s *kmsPluginSecretProvider) Decrypt() error {
if err != nil {
return err
}
s.Status = kms.SecretStatusPlain
s.Status = sdkkms.SecretStatusPlain
s.Payload = payload
s.Key = ""
s.AdditionalData = ""

4
plugin/plugin.go
View File

@@ -11,8 +11,8 @@ import (
"github.com/hashicorp/go-hclog"
"github.com/drakkan/sftpgo/v2/kms"
"github.com/drakkan/sftpgo/v2/logger"
"github.com/drakkan/sftpgo/v2/sdk/kms"
"github.com/drakkan/sftpgo/v2/sdk/plugin/auth"
"github.com/drakkan/sftpgo/v2/sdk/plugin/eventsearcher"
kmsplugin "github.com/drakkan/sftpgo/v2/sdk/plugin/kms"
@@ -135,7 +135,7 @@ func Initialize(configs []Config, logVerbose bool) error {
kmsID++
kms.RegisterSecretProvider(config.KMSOptions.Scheme, config.KMSOptions.EncryptedStatus,
Handler.Configs[idx].newKMSPluginSecretProvider)
logger.Debug(logSender, "", "registered secret provider for scheme: %v, encrypted status: %v",
logger.Info(logSender, "", "registered secret provider for scheme: %v, encrypted status: %v",
config.KMSOptions.Scheme, config.KMSOptions.EncryptedStatus)
case auth.PluginName:
plugin, err := newAuthPlugin(config)