Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
6d313f6d8f7c01b1ba090cb3a5920ed9a94a2883
sftpgo/kms/gcp/gcp.go
Nicola Murino 776dffcf12 kms: improve modularity
2021-07-13 21:17:21 +02:00

68 lines
1.3 KiB
Go
Raw Blame History

// +build !nogcpkms
package gcp
import (
// we import gcpkms here to be able to disable GCP KMS support using a build tag
_ "gocloud.dev/secrets/gcpkms"
"github.com/drakkan/sftpgo/v2/kms"
"github.com/drakkan/sftpgo/v2/kms/gocloud"
"github.com/drakkan/sftpgo/v2/version"
)
const encryptedStatus = kms.SecretStatusGCP
type gcpSecret struct {
gocloud.Secret
}
func init() {
version.AddFeature("+gcpkms")
kms.RegisterSecretProvider(kms.SchemeGCP, encryptedStatus, newGCPSecret)
}
func newGCPSecret(base kms.BaseSecret, url, masterKey string) kms.SecretProvider {
return &gcpSecret{
gocloud.Secret{
BaseSecret: base,
URL: url,
MasterKey: masterKey,
},
}
}
func (s *gcpSecret) Name() string {
return "GCP"
}
func (s *gcpSecret) IsEncrypted() bool {
return s.Status == encryptedStatus
}
func (s *gcpSecret) Encrypt() error {
if err := s.Secret.Encrypt(); err != nil {
return err
}
s.Status = encryptedStatus
return nil
}
func (s *gcpSecret) Decrypt() error {
if !s.IsEncrypted() {
return kms.ErrWrongSecretStatus
}
return s.Secret.Decrypt()
}
func (s *gcpSecret) Clone() kms.SecretProvider {
baseSecret := kms.BaseSecret{
Status: s.Status,
Payload: s.Payload,
Key: s.Key,
AdditionalData: s.AdditionalData,
Mode: s.Mode,
}
return newGCPSecret(baseSecret, s.URL, s.MasterKey)
}
Reference in New Issue View Git Blame Copy Permalink