-
-
Notifications
You must be signed in to change notification settings - Fork 485
/
seccfg.go
54 lines (49 loc) · 1.27 KB
/
seccfg.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package vault
import (
"context"
"github.com/gopasspw/gopass/pkg/config/secrets"
)
func (s *Store) storeSecret(ctx context.Context, key, value string) error {
pw, err := s.agent.Passphrase(ctx, "config.sec", "Please enter passphrase to (un)lock config secrets")
if err != nil {
return err
}
seccfg, err := secrets.New(s.cfgdir, pw)
if err != nil {
return err
}
return seccfg.Set(key, value)
}
func (s *Store) eraseSecret(ctx context.Context, key string) error {
pw, err := s.agent.Passphrase(ctx, "config.sec", "Please enter passphrase to (un)lock config secrets")
if err != nil {
return err
}
seccfg, err := secrets.New(s.cfgdir, pw)
if err != nil {
return err
}
_ = s.agent.Remove(ctx, key)
return seccfg.Unset(key)
}
func (s *Store) loadSecret(ctx context.Context, key string) (string, error) {
pw, err := s.agent.Passphrase(ctx, "config.sec", "Please enter passphrase to (un)lock config secrets")
if err != nil {
return "", err
}
seccfg, err := secrets.New(s.cfgdir, pw)
if err != nil {
return "", err
}
t, err := seccfg.Get(key)
if err == nil && t != "" {
return t, nil
}
t, err = s.agent.Passphrase(ctx, key, "Please enter the secret "+key)
if err != nil {
return "", err
}
_ = s.agent.Remove(ctx, key)
err = seccfg.Set(key, t)
return t, err
}