01ed366e99
Add `WithEncryption` option that passes ECDSA key to the persistent session storage. It uses 32 bytes from marshalled ECDSA key in ASN.1 DER from in AES-256 algorithm encryption in Galois/Counter Mode. Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
48 lines
860 B
Go
48 lines
860 B
Go
package persistent
|
|
|
|
import (
|
|
"crypto/ecdsa"
|
|
"time"
|
|
|
|
"go.uber.org/zap"
|
|
)
|
|
|
|
type cfg struct {
|
|
l *zap.Logger
|
|
timeout time.Duration
|
|
privateKey *ecdsa.PrivateKey
|
|
}
|
|
|
|
// Option allows setting optional parameters of the TokenStore.
|
|
type Option func(*cfg)
|
|
|
|
func defaultCfg() *cfg {
|
|
return &cfg{
|
|
l: zap.L(),
|
|
timeout: 100 * time.Millisecond,
|
|
}
|
|
}
|
|
|
|
// WithLogger returns an option to specify
|
|
// logger.
|
|
func WithLogger(v *zap.Logger) Option {
|
|
return func(c *cfg) {
|
|
c.l = v
|
|
}
|
|
}
|
|
|
|
// WithTimeout returns option to specify
|
|
// database connection timeout.
|
|
func WithTimeout(v time.Duration) Option {
|
|
return func(c *cfg) {
|
|
c.timeout = v
|
|
}
|
|
}
|
|
|
|
// WithEncryptionKey return an option to encrypt private
|
|
// session keys using provided private key.
|
|
func WithEncryptionKey(k *ecdsa.PrivateKey) Option {
|
|
return func(c *cfg) {
|
|
c.privateKey = k
|
|
}
|
|
}
|