| 114 | } |
| 115 | |
| 116 | EncryptionKeys EncryptConfig::getEncryptionKeys() const { |
| 117 | encrypt_config::ConfigFile bootstrap_file{std::ifstream{bootstrapFilePath()}}; |
| 118 | utils::optional<std::string> decryption_key_hex = bootstrap_file.getValue(OLD_KEY_PROPERTY_NAME); |
| 119 | utils::optional<std::string> encryption_key_hex = bootstrap_file.getValue(ENCRYPTION_KEY_PROPERTY_NAME); |
| 120 | |
| 121 | EncryptionKeys keys; |
| 122 | if (decryption_key_hex && !decryption_key_hex->empty()) { |
| 123 | std::string binary_key = hexDecodeAndValidateKey(*decryption_key_hex, OLD_KEY_PROPERTY_NAME); |
| 124 | std::cout << "Old encryption key found in " << bootstrapFilePath() << "\n"; |
| 125 | keys.old_key = utils::crypto::stringToBytes(binary_key); |
| 126 | } |
| 127 | |
| 128 | if (encryption_key_hex && !encryption_key_hex->empty()) { |
| 129 | std::string binary_key = hexDecodeAndValidateKey(*encryption_key_hex, ENCRYPTION_KEY_PROPERTY_NAME); |
| 130 | std::cout << "Using the existing encryption key found in " << bootstrapFilePath() << '\n'; |
| 131 | keys.encryption_key = utils::crypto::stringToBytes(binary_key); |
| 132 | } else { |
| 133 | std::cout << "Generating a new encryption key...\n"; |
| 134 | utils::crypto::Bytes encryption_key = utils::crypto::generateKey(); |
| 135 | writeEncryptionKeyToBootstrapFile(encryption_key); |
| 136 | std::cout << "Wrote the new encryption key to " << bootstrapFilePath() << '\n'; |
| 137 | keys.encryption_key = encryption_key; |
| 138 | } |
| 139 | return keys; |
| 140 | } |
| 141 | |
| 142 | std::string EncryptConfig::hexDecodeAndValidateKey(const std::string& key, const std::string& key_name) const { |
| 143 | // Note: from_hex() allows [and skips] non-hex characters |
nothing calls this directly
no test coverage detected