github.com/opentofu/opentofu@v1.7.1/internal/encryption/keyprovider/pbkdf2/metadata.go

github.com/opentofu/opentofu@v1.7.1/internal/encryption/keyprovider/pbkdf2/metadata.go (about)

     1  // Copyright (c) The OpenTofu Authors
     2  // SPDX-License-Identifier: MPL-2.0
     3  // Copyright (c) 2023 HashiCorp, Inc.
     4  // SPDX-License-Identifier: MPL-2.0
     5  
     6  package pbkdf2
     7  
     8  import (
     9  	"fmt"
    10  
    11  	"github.com/opentofu/opentofu/internal/encryption/keyprovider"
    12  )
    13  
    14  // Metadata describes the metadata to be stored alongside the encrypted form.
    15  type Metadata struct {
    16  	Salt         []byte           `json:"salt"`
    17  	Iterations   int              `json:"iterations"`
    18  	HashFunction HashFunctionName `json:"hash_function"`
    19  	KeyLength    int              `json:"key_length"`
    20  }
    21  
    22  func (m Metadata) isPresent() bool {
    23  	return len(m.Salt) != 0 && m.Iterations != 0 && m.HashFunction != "" && m.KeyLength != 0
    24  }
    25  
    26  func (m Metadata) validate() error {
    27  	if m.Iterations < 0 {
    28  		return &keyprovider.ErrInvalidMetadata{
    29  			Message: fmt.Sprintf("invalid number of iterations (%d)", m.Iterations),
    30  		}
    31  	}
    32  	if m.KeyLength < 0 {
    33  		return &keyprovider.ErrInvalidMetadata{
    34  			Message: fmt.Sprintf("invalid key length (%d)", m.KeyLength),
    35  		}
    36  	}
    37  	if m.HashFunction != "" {
    38  		if err := m.HashFunction.Validate(); err != nil {
    39  			return &keyprovider.ErrInvalidMetadata{
    40  				Message: "invalid hash function name",
    41  				Cause:   err,
    42  			}
    43  		}
    44  	}
    45  	return nil
    46  }