Add simple master key provider for secret encryption

2021-01-05 17:46:37 +02:00
parent 9647989d99
commit d4e84c0433
12 changed files with 326 additions and 0 deletions
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -14,6 +14,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/web/middleware"
+	"code.gitea.io/gitea/services/secrets"

 	"gitea.com/go-chi/binding"
 )
@@ -64,6 +65,7 @@ type InstallForm struct {
 	NoReplyAddress                 string

 	PasswordAlgorithm string
+	MasterKeyProvider secrets.MasterKeyProviderType `binding:"Required;In(none,plain)"`

 	AdminName          string `binding:"OmitEmpty;Username;MaxSize(30)" locale:"install.admin_name"`
 	AdminPasswd        string `binding:"OmitEmpty;MaxSize(255)" locale:"install.admin_password"`
--- a/services/secrets/masterkey.go
+++ b/services/secrets/masterkey.go
@@ -0,0 +1,27 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package secrets
+
+import (
+	"fmt"
+)
+
+// ErrMasterKeySealed is returned when trying to use master key that is sealed
+var ErrMasterKeySealed = fmt.Errorf("master key sealed")
+
+// MasterKeyProvider provides master key used for encryption
+type MasterKeyProvider interface {
+	Init() error
+
+	GenerateMasterKey() ([][]byte, error)
+
+	Unseal(secret []byte) error
+
+	Seal() error
+
+	IsSealed() bool
+
+	GetMasterKey() ([]byte, error)
+}
--- a/services/secrets/masterkey_nop.go
+++ b/services/secrets/masterkey_nop.go
@@ -0,0 +1,43 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package secrets
+
+type nopMasterKeyProvider struct {
+}
+
+// NewNopMasterKeyProvider returns master key provider that holds no master key and is always unsealed
+func NewNopMasterKeyProvider() MasterKeyProvider {
+	return &nopMasterKeyProvider{}
+}
+
+// Init initializes master key provider
+func (k *nopMasterKeyProvider) Init() error {
+	return nil
+}
+
+// GenerateMasterKey always returns empty master key
+func (k *nopMasterKeyProvider) GenerateMasterKey() ([][]byte, error) {
+	return nil, nil
+}
+
+// Unseal master key by providing unsealing secret
+func (k *nopMasterKeyProvider) Unseal(secret []byte) error {
+	return nil
+}
+
+// Seal master key
+func (k *nopMasterKeyProvider) Seal() error {
+	return nil
+}
+
+// IsSealed always returns false
+func (k *nopMasterKeyProvider) IsSealed() bool {
+	return false
+}
+
+// GetMasterKey returns empty master key
+func (k *nopMasterKeyProvider) GetMasterKey() ([]byte, error) {
+	return nil, nil
+}
--- a/services/secrets/masterkey_plain.go
+++ b/services/secrets/masterkey_plain.go
@@ -0,0 +1,59 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package secrets
+
+import (
+	"code.gitea.io/gitea/modules/generate"
+	"code.gitea.io/gitea/modules/setting"
+)
+
+type plainMasterKeyProvider struct {
+	key []byte
+}
+
+// NewPlainMasterKeyProvider returns unsecured static master key provider
+func NewPlainMasterKeyProvider() MasterKeyProvider {
+	return &plainMasterKeyProvider{}
+}
+
+// Init initializes master key provider
+func (k *plainMasterKeyProvider) Init() error {
+	return k.Unseal(nil)
+}
+
+// GenerateMasterKey generates a new master key and returns secret or secrets for unsealing
+func (k *plainMasterKeyProvider) GenerateMasterKey() ([][]byte, error) {
+	key, err := generate.NewMasterKey()
+	if err != nil {
+		return nil, err
+	}
+	k.key = key
+	return [][]byte{key}, nil
+}
+
+// Unseal master key by providing unsealing secret
+func (k *plainMasterKeyProvider) Unseal(secret []byte) error {
+	k.key = setting.MasterKey
+	return nil
+}
+
+// Seal master key
+func (k *plainMasterKeyProvider) Seal() error {
+	k.key = nil
+	return nil
+}
+
+// IsSealed returns if master key is sealed
+func (k *plainMasterKeyProvider) IsSealed() bool {
+	return len(k.key) == 0
+}
+
+// GetMasterKey returns master key
+func (k *plainMasterKeyProvider) GetMasterKey() ([]byte, error) {
+	if k.IsSealed() {
+		return nil, ErrMasterKeySealed
+	}
+	return k.key, nil
+}
--- a/services/secrets/secrets.go
+++ b/services/secrets/secrets.go
@@ -0,0 +1,42 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package secrets
+
+import (
+	"fmt"
+
+	"code.gitea.io/gitea/modules/setting"
+)
+
+// MasterKeyProviderType is the type of master key provider
+type MasterKeyProviderType string
+
+// Types of master key providers
+const (
+	MasterKeyProviderTypeNone  MasterKeyProviderType = "none"
+	MasterKeyProviderTypePlain MasterKeyProviderType = "plain"
+)
+
+var (
+	masterKey MasterKeyProvider
+)
+
+// Init initializes master key provider based on settings
+func Init() error {
+	switch MasterKeyProviderType(setting.MasterKeyProvider) {
+	case MasterKeyProviderTypeNone:
+		masterKey = NewNopMasterKeyProvider()
+	case MasterKeyProviderTypePlain:
+		masterKey = NewPlainMasterKeyProvider()
+	default:
+		return fmt.Errorf("invalid master key provider %v", setting.MasterKeyProvider)
+	}
+	return nil
+}
+
+// GenerateMasterKey generates a new master key and returns secret or secrets for unsealing
+func GenerateMasterKey() ([][]byte, error) {
+	return masterKey.GenerateMasterKey()
+}