Exemple #1
0
func readDBcert() (cert []byte, err error) {
	root := new(secrets.Secret)
	shared := new(secrets.Secret)
	root.Name = certName
	shared.Name = certName

	key := new(secrets.Key)
	key.Name = certID

	priv, err := base64.StdEncoding.DecodeString(certKey)
	if err != nil {
		return
	}

	err = database.GetSharedSecret(shared, key)
	switch err {

	case gorm.ErrRecordNotFound:
		err = errors.New("Cert is not shared or does not exist")
		return

	case nil:
		break

	default:
		return

	}

	err = database.GetRootSecret(root)
	switch err {

	case gorm.ErrRecordNotFound:
		err = errors.New("Cert does not exist")
		return

	case nil:
		break

	default:
		return
	}

	return root.Decrypt(shared, priv)
}
Exemple #2
0
// View downloads a decrypted message
func View(w http.ResponseWriter, r *http.Request) {
	api := newAPI(w, r)
	defer api.req.Body.Close()

	if !api.auth() {
		api.error("Unauthorized", 401)
		return
	}

	request, err := api.read()
	if err != nil {
		log.Debug(err)
		api.error("Bad request", 400)
		return
	}

	if name, ok := api.params["messageName"]; ok {
		request.Name = name
	}

	root := new(secrets.Secret)
	shared := new(secrets.Secret)
	root.Name = request.Name
	shared.Name = request.Name

	key := new(secrets.Key)
	key.Name = api.keyID

	err = database.GetSharedSecret(shared, key)
	switch err {

	case gorm.ErrRecordNotFound:
		api.error("Secret does not exist", 404)
		return

	case nil:
		break

	default:
		log.Error(err)
		api.error("Database error", 500)
		return

	}

	err = database.GetRootSecret(root)
	switch err {

	case gorm.ErrRecordNotFound:
		api.error("Secret does not exist", 404)
		return

	case nil:
		break

	default:
		log.Error(err)
		api.error("Database error", 500)
		return
	}

	message, err := root.Decrypt(shared, api.key)
	if err != nil {
		log.Debug(err)
		api.error("Cannot decrypt secret", 500)
		return
	}
	defer secrets.Zero(message)

	log.Info("Secret: ", shared.Name, " viewed by: ", key.Name)
	viewCount++

	api.rawMessage(message, 200)
}