38 lines
911 B
Go
38 lines
911 B
Go
|
// Copyright 2019 Drone.IO Inc. All rights reserved.
|
||
|
// Use of this source code is governed by the Drone Non-Commercial License
|
||
|
// that can be found in the LICENSE file.
|
||
|
|
||
|
package encrypt
|
||
|
|
||
|
import (
|
||
|
"crypto/aes"
|
||
|
"errors"
|
||
|
)
|
||
|
|
||
|
// indicates key size is too small.
|
||
|
var errKeySize = errors.New("encryption key must be 32 bytes")
|
||
|
|
||
|
// Encrypter provides database field encryption and decryption.
|
||
|
// Encrypted values are currently limited to strings, which is
|
||
|
// reflected in the interface design.
|
||
|
type Encrypter interface {
|
||
|
Encrypt(plaintext string) ([]byte, error)
|
||
|
Decrypt(ciphertext []byte) (string, error)
|
||
|
}
|
||
|
|
||
|
// New provides a new database field encrypter.
|
||
|
func New(key string) (Encrypter, error) {
|
||
|
if key == "" {
|
||
|
return &none{}, nil
|
||
|
}
|
||
|
if len(key) != 32 {
|
||
|
return nil, errKeySize
|
||
|
}
|
||
|
b := []byte(key)
|
||
|
block, err := aes.NewCipher(b)
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
return &aesgcm{block: block}, nil
|
||
|
}
|