diff options
Diffstat (limited to 'modules/secret')
| -rw-r--r-- | modules/secret/secret.go | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/modules/secret/secret.go b/modules/secret/secret.go index e70ae1839c..af894a054c 100644 --- a/modules/secret/secret.go +++ b/modules/secret/secret.go @@ -16,6 +16,7 @@ import ( ) // AesEncrypt encrypts text and given key with AES. +// It is only internally used at the moment to use "SECRET_KEY" for some database values. func AesEncrypt(key, text []byte) ([]byte, error) { block, err := aes.NewCipher(key) if err != nil { @@ -27,12 +28,13 @@ func AesEncrypt(key, text []byte) ([]byte, error) { if _, err = io.ReadFull(rand.Reader, iv); err != nil { return nil, fmt.Errorf("AesEncrypt unable to read IV: %w", err) } - cfb := cipher.NewCFBEncrypter(block, iv) + cfb := cipher.NewCFBEncrypter(block, iv) //nolint:staticcheck // need to migrate and refactor to a new approach cfb.XORKeyStream(ciphertext[aes.BlockSize:], []byte(b)) return ciphertext, nil } // AesDecrypt decrypts text and given key with AES. +// It is only internally used at the moment to use "SECRET_KEY" for some database values. func AesDecrypt(key, text []byte) ([]byte, error) { block, err := aes.NewCipher(key) if err != nil { @@ -43,7 +45,7 @@ func AesDecrypt(key, text []byte) ([]byte, error) { } iv := text[:aes.BlockSize] text = text[aes.BlockSize:] - cfb := cipher.NewCFBDecrypter(block, iv) + cfb := cipher.NewCFBDecrypter(block, iv) //nolint:staticcheck // need to migrate and refactor to a new approach cfb.XORKeyStream(text, text) data, err := base64.StdEncoding.DecodeString(string(text)) if err != nil { |