Add simple master key provider for secret encryption

2025-11-01 20:08:25 +00:00 · 2021-01-05 17:46:37 +02:00
parent 9647989d99
commit d4e84c0433
12 changed files with 326 additions and 0 deletions
--- a/services/secrets/secrets.go
+++ b/services/secrets/secrets.go
@@ -0,0 +1,42 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package secrets
+
+import (
+	"fmt"
+
+	"code.gitea.io/gitea/modules/setting"
+)
+
+// MasterKeyProviderType is the type of master key provider
+type MasterKeyProviderType string
+
+// Types of master key providers
+const (
+	MasterKeyProviderTypeNone  MasterKeyProviderType = "none"
+	MasterKeyProviderTypePlain MasterKeyProviderType = "plain"
+)
+
+var (
+	masterKey MasterKeyProvider
+)
+
+// Init initializes master key provider based on settings
+func Init() error {
+	switch MasterKeyProviderType(setting.MasterKeyProvider) {
+	case MasterKeyProviderTypeNone:
+		masterKey = NewNopMasterKeyProvider()
+	case MasterKeyProviderTypePlain:
+		masterKey = NewPlainMasterKeyProvider()
+	default:
+		return fmt.Errorf("invalid master key provider %v", setting.MasterKeyProvider)
+	}
+	return nil
+}
+
+// GenerateMasterKey generates a new master key and returns secret or secrets for unsealing
+func GenerateMasterKey() ([][]byte, error) {
+	return masterKey.GenerateMasterKey()
+}