cadey
/
route
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

certcache: decrypt certs as they are read

This commit is contained in:
Cadey Ratio 2017-01-25 20:25:05 -08:00
parent d40414b40f
commit 7f01cd6ebd
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
database/certcache.go
View File

@ -1,6 +1,7 @@
package database package database
import ( import (
"errors"
"log" "log"
r "github.com/GoRethink/gorethink" r "github.com/GoRethink/gorethink"
@ -57,6 +58,15 @@ func (c *CertCache) Get(ctx context.Context, key string) ([]byte, error) {
switch cert.CryptoLevel { switch cert.CryptoLevel {
case CryptoLevelNone: case CryptoLevelNone:
body = cert.Body body = cert.Body
case CryptoLevelSecretbox:
if c.SimpleBox == nil {
return nil, errors.New("can't read this cert, no key in memory")
}
body, err = c.SimpleBox.Decrypt(cert.Body)
if err != nil {
return nil, autocert.ErrCacheMiss
}
} }
log.Printf("certcache: fetched: %s", key) log.Printf("certcache: fetched: %s", key)