Decouple crypto engine from encryption algorithm #3293
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stacklokbot
reviewed
May 9, 2024
Fixes #3292 Previously the crypto engine was coupled to the AES-CFB algorithm. This PR introduces a new EncryptionAlgorithm interface which represents different cryptographic algorithms. The Engine is now instantiated with an instance of this algorithm. Future PRs will make it possible to support more than one algorithm, and allow the selection of available algorithms to be driven through configuration.
stacklokbot
reviewed
May 9, 2024
stacklokbot
reviewed
May 9, 2024
dmjb
commented
May 9, 2024
| @@ -0,0 +1,61 @@ | |||
| // Copyright 2024 Stacklok, Inc. | |||
There was a problem hiding this comment.
This code was previously in the same file as the crypto engine. Since it is unrelated, move to its own file.
|
|
||
| // Engine provides all functions to encrypt and decrypt data | ||
| type Engine interface { | ||
| EncryptOAuthToken(token *oauth2.Token) (string, error) |
There was a problem hiding this comment.
Previously this method required callers to marshal the token to JSON, and then base64 the result of the encryption method. This logic has been moved inside this method which simplifies its use.
|
|
||
| // AlgorithmTypeFromString converts a string to an EncryptionAlgorithmType | ||
| // or returns errUnknownAlgorithm. | ||
| func AlgorithmTypeFromString(input string) (EncryptionAlgorithmType, error) { |
There was a problem hiding this comment.
Some of this code is not used yet, but will be used in the next PR.
stacklokbot
reviewed
May 9, 2024
stacklokbot
reviewed
May 9, 2024
JAORMX
approved these changes
May 10, 2024
jhrozek
approved these changes
May 10, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Relates to #3292
Previously the crypto engine was coupled to the AES-CFB algorithm. This PR introduces a new EncryptionAlgorithm interface which represents different cryptographic algorithms. The Engine is now instantiated with an instance of this algorithm.
Future PRs will make it possible to support more than one algorithm, and allow the selection of available algorithms to be driven through configuration.
Summary
Provide a brief overview of the changes and the issue being addressed.
Explain the rationale and any background necessary for understanding the changes.
List dependencies required by this change, if any.
Fixes #(related issue)
Change Type
Mark the type of change your PR introduces:
Testing
Outline how the changes were tested, including steps to reproduce and any relevant configurations.
Attach screenshots if helpful.
Review Checklist: