* signing key wip
use db keyset storage
add signing_key table
add testing for key storage
add ES256 key tests
Remove caching and implement UpdateOrCreate
Stabilize interfaces
* Encrypt private keys
* Fixup signer
* Fixup ext_jwt
* Add GetOrCreatePrivate with automatic key rotation
* use GetOrCreate for ext_jwt
* use GetOrCreate in id
* catch invalid block type
* fix broken test
* remove key generator
* reduce public interface of signing service
* Encryption: Cache new DEKs (only) after commit
* Fix typo
* Update secrets manager tests with new failing case
* Update secrets manager tests with new clarifications (comments)
* Correct broken method calls
* Unify methods
* Cache data keys only after a caution period
* Caution period for data keys caching only for encrypt ops
* chore: add alias for InitTestDB and Session
Adds an alias for the sqlstore InitTestDB and Session, and updates tests using these to reduce dependencies on the sqlstore.Store.
* next pass of removing sqlstore imports
* last little bit
* remove mockstore where possible
* SQLStore: Ensure that sessions are always closed
Delete `NewSession()` in favour of `WithDbSession()`
* Add WithDbSessionForceNewSession to the interface
* Apply suggestions from code review
* Encryption: Move secrets migrations into secrets.Migrator
* Encryption: Refactor secrets.Service initialization
* Encryption: Add support to run secrets migrations even when EE is disabled
* Encryption: Expose secrets migrations through HTTP API
* Update docs
* Fix docs links
* Some adjustments to makes errors explicit through HTTP response
* Encryption: Move secrets migrations into secrets.Migrator
* Encryption: Refactor secrets.Service initialization
* Encryption: Add support to run secrets migrations even when EE is disabled
* Init EE providers on-demand (only when needed)
* Add multiple tests + some adjustments
* Apply feedback
