Skip to content

Commit 60e59c7

Browse files
levydsalevydsa
authored
Add remote encryption key to connector options (#73)
Needs a library release and update with tursodatabase/libsql#2130 before merging. Also fixes #75.
2 parents 7813888 + b7a773a commit 60e59c7

2 files changed

Lines changed: 45 additions & 15 deletions

File tree

lib/include/libsql.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,7 @@ typedef struct {
4141
int sync_interval;
4242
char with_webpki;
4343
char offline;
44+
const char *remote_encryption_key;
4445
} libsql_config;
4546

4647
typedef const libsql_connection *libsql_connection_t;

libsql.go

Lines changed: 44 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -41,10 +41,11 @@ func init() {
4141
}
4242

4343
type config struct {
44-
authToken *string
45-
readYourWrites *bool
46-
encryptionKey *string
47-
syncInterval *time.Duration
44+
authToken *string
45+
readYourWrites *bool
46+
encryptionKey *string
47+
remoteEncrytionKey *string
48+
syncInterval *time.Duration
4849
}
4950

5051
type Option interface {
@@ -98,6 +99,19 @@ func WithEncryption(key string) Option {
9899
})
99100
}
100101

102+
func WithRemoteEncryption(key string) Option {
103+
return option(func(o *config) error {
104+
if o.remoteEncrytionKey != nil {
105+
return fmt.Errorf("encryption key already set")
106+
}
107+
if key == "" {
108+
return fmt.Errorf("encryption key must not be empty")
109+
}
110+
o.encryptionKey = &key
111+
return nil
112+
})
113+
}
114+
101115
func WithSyncInterval(interval time.Duration) Option {
102116
return option(func(o *config) error {
103117
if o.syncInterval != nil {
@@ -131,11 +145,15 @@ func NewEmbeddedReplicaConnector(dbPath string, primaryUrl string, opts ...Optio
131145
if config.encryptionKey != nil {
132146
encryptionKey = *config.encryptionKey
133147
}
148+
remoteEncrytionKey := ""
149+
if config.remoteEncrytionKey != nil {
150+
encryptionKey = *config.encryptionKey
151+
}
134152
syncInterval := time.Duration(0)
135153
if config.syncInterval != nil {
136154
syncInterval = *config.syncInterval
137155
}
138-
return openSyncConnector(dbPath, primaryUrl, authToken, readYourWrites, encryptionKey, syncInterval, false)
156+
return openSyncConnector(dbPath, primaryUrl, authToken, readYourWrites, encryptionKey, remoteEncrytionKey, syncInterval, false)
139157
}
140158

141159
func NewSyncedDatabaseConnector(dbPath string, primaryUrl string, opts ...Option) (*Connector, error) {
@@ -161,11 +179,15 @@ func NewSyncedDatabaseConnector(dbPath string, primaryUrl string, opts ...Option
161179
if config.encryptionKey != nil {
162180
encryptionKey = *config.encryptionKey
163181
}
182+
remoteEncrytionKey := ""
183+
if config.remoteEncrytionKey != nil {
184+
encryptionKey = *config.encryptionKey
185+
}
164186
syncInterval := time.Duration(0)
165187
if config.syncInterval != nil {
166188
syncInterval = *config.syncInterval
167189
}
168-
return openSyncConnector(dbPath, primaryUrl, authToken, readYourWrites, encryptionKey, syncInterval, true)
190+
return openSyncConnector(dbPath, primaryUrl, authToken, readYourWrites, encryptionKey, remoteEncrytionKey, syncInterval, true)
169191
}
170192

171193
type driver struct{}
@@ -228,10 +250,10 @@ func openRemoteConnector(primaryUrl, authToken string) (*Connector, error) {
228250
return &Connector{nativeDbPtr: nativeDbPtr}, nil
229251
}
230252

231-
func openSyncConnector(dbPath, primaryUrl, authToken string, readYourWrites bool, encryptionKey string, syncInterval time.Duration, offline bool) (*Connector, error) {
253+
func openSyncConnector(dbPath, primaryUrl, authToken string, readYourWrites bool, encryptionKey string, remoteEncrytionKey string, syncInterval time.Duration, offline bool) (*Connector, error) {
232254
var closeCh chan struct{}
233255
var closeAckCh chan struct{}
234-
nativeDbPtr, err := libsqlOpenWithSync(dbPath, primaryUrl, authToken, readYourWrites, encryptionKey, offline)
256+
nativeDbPtr, err := libsqlOpenWithSync(dbPath, primaryUrl, authToken, readYourWrites, encryptionKey, remoteEncrytionKey, offline)
235257
if err != nil {
236258
return nil, err
237259
}
@@ -339,7 +361,7 @@ func libsqlOpenRemote(url, authToken string) (C.libsql_database_t, error) {
339361
return db, nil
340362
}
341363

342-
func libsqlOpenWithSync(dbPath, primaryUrl, authToken string, readYourWrites bool, encryptionKey string, offline bool) (C.libsql_database_t, error) {
364+
func libsqlOpenWithSync(dbPath, primaryUrl, authToken string, readYourWrites bool, encryptionKey string, remoteEncrytionKey string, offline bool) (C.libsql_database_t, error) {
343365
dbPathNativeString := C.CString(dbPath)
344366
defer C.free(unsafe.Pointer(dbPathNativeString))
345367
primaryUrlNativeString := C.CString(primaryUrl)
@@ -363,13 +385,20 @@ func libsqlOpenWithSync(dbPath, primaryUrl, authToken string, readYourWrites boo
363385
defer C.free(unsafe.Pointer(encrytionKeyNativeString))
364386
}
365387

388+
var remoteEncrytionKeyNativeString *C.char
389+
if remoteEncrytionKey != "" {
390+
encrytionKeyNativeString = C.CString(encryptionKey)
391+
defer C.free(unsafe.Pointer(encrytionKeyNativeString))
392+
}
393+
366394
config := C.libsql_config{
367-
db_path: dbPathNativeString,
368-
auth_token: authTokenNativeString,
369-
primary_url: primaryUrlNativeString,
370-
read_your_writes: readYourWritesNative,
371-
encryption_key: encrytionKeyNativeString,
372-
offline: offlineNative,
395+
db_path: dbPathNativeString,
396+
auth_token: authTokenNativeString,
397+
primary_url: primaryUrlNativeString,
398+
read_your_writes: readYourWritesNative,
399+
encryption_key: encrytionKeyNativeString,
400+
remote_encryption_key: remoteEncrytionKeyNativeString,
401+
offline: offlineNative,
373402
}
374403

375404
var db C.libsql_database_t

0 commit comments

Comments
 (0)