Security: Add secrets service (#39418)

* Add secrets service * Revert accidental changes in util encryption * Make minor changes Move functional options to models Revert renaming types to models * Add context * Minor change in GetDataKey * Use CreateDataKeyWithDBSession in CreateDataKey * Handle empty DEK name in DeleteDataKey * Rename defaultProvider * Remove secrets store service
2025-02-25 18:55:37 -06:00 · 2021-10-01 15:39:57 +03:00
parent a6a3ef74be
commit 62689ec804
12 changed files with 594 additions and 2 deletions
--- a/pkg/util/encryption.go
+++ b/pkg/util/encryption.go
@@ -15,6 +15,8 @@ import (
 const saltLength = 8

 // Decrypt decrypts a payload with a given secret.
+// Deprecated. Do not use it.
+// Use encryption.Service instead.
 var Decrypt = func(payload []byte, secret string) ([]byte, error) {
 	if len(payload) < saltLength {
 		return nil, fmt.Errorf("unable to compute salt")
@@ -47,6 +49,8 @@ var Decrypt = func(payload []byte, secret string) ([]byte, error) {
 }

 // Encrypt encrypts a payload with a given secret.
+// Deprecated. Do not use it.
+// Use encryption.Service instead.
 var Encrypt = func(payload []byte, secret string) ([]byte, error) {
 	salt, err := GetRandomString(saltLength)
 	if err != nil {