From 4d1acdcaab9d9a230cd0b8d6a46ba8cd3b9dbf4b Mon Sep 17 00:00:00 2001 From: Gabriel Adrian Samfira Date: Sat, 19 Aug 2023 14:39:16 +0000 Subject: [PATCH] Switch to util.Seal and util.Unseal Signed-off-by: Gabriel Adrian Samfira --- database/sql/enterprise.go | 4 ++-- database/sql/organizations.go | 4 ++-- database/sql/repositories.go | 4 ++-- database/sql/util.go | 12 ++++++------ 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/database/sql/enterprise.go b/database/sql/enterprise.go index 585ea286..59ead107 100644 --- a/database/sql/enterprise.go +++ b/database/sql/enterprise.go @@ -17,7 +17,7 @@ func (s *sqlDatabase) CreateEnterprise(ctx context.Context, name, credentialsNam if webhookSecret == "" { return params.Enterprise{}, errors.New("creating enterprise: missing secret") } - secret, err := util.Aes256EncodeString(webhookSecret, s.cfg.Passphrase) + secret, err := util.Seal([]byte(webhookSecret), []byte(s.cfg.Passphrase)) if err != nil { return params.Enterprise{}, errors.Wrap(err, "encoding secret") } @@ -110,7 +110,7 @@ func (s *sqlDatabase) UpdateEnterprise(ctx context.Context, enterpriseID string, } if param.WebhookSecret != "" { - secret, err := util.Aes256EncodeString(param.WebhookSecret, s.cfg.Passphrase) + secret, err := util.Seal([]byte(param.WebhookSecret), []byte(s.cfg.Passphrase)) if err != nil { return params.Enterprise{}, errors.Wrap(err, "encoding secret") } diff --git a/database/sql/organizations.go b/database/sql/organizations.go index 2f826de8..135db539 100644 --- a/database/sql/organizations.go +++ b/database/sql/organizations.go @@ -32,7 +32,7 @@ func (s *sqlDatabase) CreateOrganization(ctx context.Context, name, credentialsN if webhookSecret == "" { return params.Organization{}, errors.New("creating org: missing secret") } - secret, err := util.Aes256EncodeString(webhookSecret, s.cfg.Passphrase) + secret, err := util.Seal([]byte(webhookSecret), []byte(s.cfg.Passphrase)) if err != nil { return params.Organization{}, fmt.Errorf("failed to encrypt string") } @@ -114,7 +114,7 @@ func (s *sqlDatabase) UpdateOrganization(ctx context.Context, orgID string, para } if param.WebhookSecret != "" { - secret, err := util.Aes256EncodeString(param.WebhookSecret, s.cfg.Passphrase) + secret, err := util.Seal([]byte(param.WebhookSecret), []byte(s.cfg.Passphrase)) if err != nil { return params.Organization{}, fmt.Errorf("saving org: failed to encrypt string: %w", err) } diff --git a/database/sql/repositories.go b/database/sql/repositories.go index 086ac93a..31cb79e9 100644 --- a/database/sql/repositories.go +++ b/database/sql/repositories.go @@ -32,7 +32,7 @@ func (s *sqlDatabase) CreateRepository(ctx context.Context, owner, name, credent if webhookSecret == "" { return params.Repository{}, errors.New("creating repo: missing secret") } - secret, err := util.Aes256EncodeString(webhookSecret, s.cfg.Passphrase) + secret, err := util.Seal([]byte(webhookSecret), []byte(s.cfg.Passphrase)) if err != nil { return params.Repository{}, fmt.Errorf("failed to encrypt string") } @@ -114,7 +114,7 @@ func (s *sqlDatabase) UpdateRepository(ctx context.Context, repoID string, param } if param.WebhookSecret != "" { - secret, err := util.Aes256EncodeString(param.WebhookSecret, s.cfg.Passphrase) + secret, err := util.Seal([]byte(param.WebhookSecret), []byte(s.cfg.Passphrase)) if err != nil { return params.Repository{}, fmt.Errorf("saving repo: failed to encrypt string: %w", err) } diff --git a/database/sql/util.go b/database/sql/util.go index f8bebe3f..3f91c573 100644 --- a/database/sql/util.go +++ b/database/sql/util.go @@ -93,7 +93,7 @@ func (s *sqlDatabase) sqlToCommonOrganization(org Organization) (params.Organiza if len(org.WebhookSecret) == 0 { return params.Organization{}, errors.New("missing secret") } - secret, err := util.Aes256DecodeString(org.WebhookSecret, s.cfg.Passphrase) + secret, err := util.Unseal(org.WebhookSecret, []byte(s.cfg.Passphrase)) if err != nil { return params.Organization{}, errors.Wrap(err, "decrypting secret") } @@ -103,7 +103,7 @@ func (s *sqlDatabase) sqlToCommonOrganization(org Organization) (params.Organiza Name: org.Name, CredentialsName: org.CredentialsName, Pools: make([]params.Pool, len(org.Pools)), - WebhookSecret: secret, + WebhookSecret: string(secret), } for idx, pool := range org.Pools { @@ -120,7 +120,7 @@ func (s *sqlDatabase) sqlToCommonEnterprise(enterprise Enterprise) (params.Enter if len(enterprise.WebhookSecret) == 0 { return params.Enterprise{}, errors.New("missing secret") } - secret, err := util.Aes256DecodeString(enterprise.WebhookSecret, s.cfg.Passphrase) + secret, err := util.Unseal(enterprise.WebhookSecret, []byte(s.cfg.Passphrase)) if err != nil { return params.Enterprise{}, errors.Wrap(err, "decrypting secret") } @@ -130,7 +130,7 @@ func (s *sqlDatabase) sqlToCommonEnterprise(enterprise Enterprise) (params.Enter Name: enterprise.Name, CredentialsName: enterprise.CredentialsName, Pools: make([]params.Pool, len(enterprise.Pools)), - WebhookSecret: secret, + WebhookSecret: string(secret), } for idx, pool := range enterprise.Pools { @@ -207,7 +207,7 @@ func (s *sqlDatabase) sqlToCommonRepository(repo Repository) (params.Repository, if len(repo.WebhookSecret) == 0 { return params.Repository{}, errors.New("missing secret") } - secret, err := util.Aes256DecodeString(repo.WebhookSecret, s.cfg.Passphrase) + secret, err := util.Unseal(repo.WebhookSecret, []byte(s.cfg.Passphrase)) if err != nil { return params.Repository{}, errors.Wrap(err, "decrypting secret") } @@ -218,7 +218,7 @@ func (s *sqlDatabase) sqlToCommonRepository(repo Repository) (params.Repository, Owner: repo.Owner, CredentialsName: repo.CredentialsName, Pools: make([]params.Pool, len(repo.Pools)), - WebhookSecret: secret, + WebhookSecret: string(secret), } for idx, pool := range repo.Pools {