This commit is contained in:
Lunny Xiao 2022-10-16 18:19:38 +08:00 committed by Jason Song
parent b00cd8de90
commit b8c7ea782c
5 changed files with 36 additions and 5 deletions

View File

@ -967,12 +967,12 @@ func loadFromConf(allowEmpty bool, extraConfig string) {
SuccessfulTokensCacheSize = sec.Key("SUCCESSFUL_TOKENS_CACHE_SIZE").MustInt(20)
// Master key provider configuration
MasterKeyProvider = sec.Key("MASTER_KEY_PROVIDER").MustString("none")
MasterKeyProvider = sec.Key("MASTER_KEY_PROVIDER").MustString("plain")
switch MasterKeyProvider {
case "plain":
if MasterKey, err = base64.StdEncoding.DecodeString(sec.Key("MASTER_KEY").MustString("")); err != nil {
log.Fatal("error loading master key: %v", err)
return
MasterKey = []byte(sec.Key("MASTER_KEY").MustString(SecretKey))
if len(MasterKey) > 32 {
MasterKey = MasterKey[:32]
}
case "none":
default:

View File

@ -46,6 +46,7 @@ import (
"code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/services/gitdiff"
secret_service "code.gitea.io/gitea/services/secrets"
"github.com/editorconfig/editorconfig-core-go/v2"
)
@ -478,6 +479,10 @@ func NewFuncMap() []template.FuncMap {
"Shadow": func(s string) string {
return "******"
},
"DecryptSecret": func(s string) string {
v, _ := secret_service.DecryptString(s)
return v
},
}}
}

View File

@ -79,7 +79,7 @@ func (e *aesEncryptionProvider) DecryptString(enc string, key []byte) (string, e
return "", err
}
out, err := e.Encrypt(encb, key)
out, err := e.Decrypt(encb, key)
if err != nil {
return "", err
}

View File

@ -0,0 +1,22 @@
// Copyright 2022 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package secrets
import (
"testing"
"github.com/stretchr/testify/assert"
)
func TestEncryptDecrypt(t *testing.T) {
provider := NewAesEncryptionProvider()
key := []byte("1111111111111111")
pri := "vvvvvvv"
enc, err := provider.EncryptString(pri, key)
assert.NoError(t, err)
v, err := provider.DecryptString(enc, key)
assert.NoError(t, err)
assert.EqualValues(t, pri, v)
}

View File

@ -40,6 +40,10 @@ func Init() error {
return fmt.Errorf("invalid master key provider %v", setting.MasterKeyProvider)
}
if err := masterKey.Init(); err != nil {
return err
}
encProvider = NewAesEncryptionProvider()
return nil