github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/atccmd/cert_cache.go (about)

     1  package atccmd
     2  
     3  import (
     4  	"context"
     5  	"database/sql"
     6  
     7  	"github.com/pf-qiu/concourse/v6/atc/db"
     8  	"github.com/pf-qiu/concourse/v6/atc/db/encryption"
     9  	"golang.org/x/crypto/acme/autocert"
    10  )
    11  
    12  type dbCache struct {
    13  	get, put, delete *sql.Stmt
    14  	es               encryption.Strategy
    15  }
    16  
    17  func newDbCache(conn db.Conn) (autocert.Cache, error) {
    18  	c := new(dbCache)
    19  	c.es = conn.EncryptionStrategy()
    20  	var err error
    21  	c.get, err = conn.Prepare("SELECT cert, nonce FROM cert_cache WHERE domain = $1")
    22  	if err != nil {
    23  		return nil, err
    24  	}
    25  	c.put, err = conn.Prepare("INSERT INTO cert_cache (domain, cert, nonce) VALUES ($1, $2, $3) ON CONFLICT (domain) DO UPDATE SET domain = EXCLUDED.domain, cert = EXCLUDED.cert, nonce = EXCLUDED.nonce")
    26  	if err != nil {
    27  		return nil, err
    28  	}
    29  	c.delete, err = conn.Prepare("DELETE FROM cert_cache WHERE domain = $1")
    30  	return c, err
    31  }
    32  
    33  func (c *dbCache) Get(ctx context.Context, domain string) ([]byte, error) {
    34  	var ciphertext string
    35  	var nonce sql.NullString
    36  	err := c.get.QueryRowContext(ctx, domain).Scan(&ciphertext, &nonce)
    37  	if err == sql.ErrNoRows {
    38  		err = autocert.ErrCacheMiss
    39  	}
    40  	if err != nil {
    41  		return nil, err
    42  	}
    43  	var noncense *string
    44  	if nonce.Valid {
    45  		noncense = &nonce.String
    46  	}
    47  	return c.es.Decrypt(ciphertext, noncense)
    48  }
    49  
    50  func (c *dbCache) Put(ctx context.Context, domain string, cert []byte) error {
    51  	ciphertext, nonce, err := c.es.Encrypt(cert)
    52  	if err != nil {
    53  		return err
    54  	}
    55  	_, err = c.put.ExecContext(ctx, domain, ciphertext, nonce)
    56  	return err
    57  }
    58  
    59  func (c *dbCache) Delete(ctx context.Context, domain string) error {
    60  	_, err := c.delete.ExecContext(ctx, domain)
    61  	return err
    62  }