dbcrypt
package
This package is not in the latest version of its module.
Details
Validgo.mod file
The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
- Redistributable license
Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
- Tagged version
Modules with tagged versions give importers more predictable builds.
- Stable version
When a project reaches major version v1 it is considered stable.
- Learn more about best practices
Repository
Links
Open Source Insights
Documentation¶
Overview¶
Package dbcrypt provides a database.Store wrapper that encrypts/decryptsvalues stored at rest in the database.
Encryption is done using Ciphers, which is an abstraction over a set ofencryption keys. Each key has a unique identifier, which is used touniquely identify the key whilst maintaining secrecy.
Currently, AES-256-GCM is the only implemented cipher mode.The Cipher is currently used to encrypt/decrypt the following fields:- database.UserLink.OAuthAccessToken- database.UserLink.OAuthRefreshToken- database.GitAuthLink.OAuthAccessToken- database.GitAuthLink.OAuthRefreshToken- database.DBCryptSentinelValue
Multiple ciphers can be provided to support key rotation. The primary cipheris used to encrypt and decrypt all data. Secondary ciphers are only usedfor decryption and, as a general rule, should only be active when rotatingkeys.
Encryption keys are stored in the database in the table `dbcrypt_keys`.The table has the following schema:
- number: the key number. This is used to avoid conflicts when rotating keys.
- created_at: the time the key was created.
- active_key_digest: the SHA256 digest of the active key. If null, the key has been revoked.
- revoked_key_digest: the SHA256 digest of the revoked key. If null, the key has not been revoked.
- revoked_at: the time the key was revoked. If null, the key has not been revoked.
- test: the encrypted value of the string "coder". This is used to ensure that the key is valid.
Encrypted fields are stored in the database as a base64-encoded string.Each encrypted column MUST have a corresponding _key_id column that is a foreign keyreference to `dbcrypt_keys.active_key_digest`. This ensures that a key cannot berevoked until all rows that use that key have been migrated to a new key.
Index¶
- func Decrypt(ctx context.Context, log slog.Logger, sqlDB *sql.DB, ciphers []Cipher) error
- func Delete(ctx context.Context, log slog.Logger, sqlDB *sql.DB) error
- func New(ctx context.Context, db database.Store, ciphers ...Cipher) (database.Store, error)
- func Rotate(ctx context.Context, log slog.Logger, sqlDB *sql.DB, ciphers []Cipher) error
- type Cipher
- type DecryptFailedError
Constants¶
This section is empty.
Variables¶
This section is empty.
Functions¶
funcDelete¶
Delete deletes all user tokens and revokes all ciphers.This is a destructive operation and should only be usedas a last resort, for example, if the database encryption key has beenlost.
Types¶
typeCipher¶
type Cipher interface {Encrypt([]byte) ([]byte,error)Decrypt([]byte) ([]byte,error)HexDigest()string}funcNewCiphers¶
NewCiphers is a convenience function for creating multiple ciphers.It currently only supports AES-256-GCM.
typeDecryptFailedError¶
type DecryptFailedError struct {Innererror}DecryptFailedError is returned when decryption fails.
func (*DecryptFailedError)Error¶
func (e *DecryptFailedError) Error()string
Source Files