feat(storage): encrypted secret values (#2588)

This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330. Closes #682
author: James Elliott <james-d-elliott@users.noreply.github.com> 2021-11-25 12:56:58 +1100
committer: GitHub <noreply@github.com> 2021-11-25 12:56:58 +1100
commit: 347bd1be779266742aac4a1576fe58ed20b96d3b (patch)
tree: 873f1cf8e4e6a36a29907189b25a0ef1e4cf3b9d /internal/storage/sql_provider_backend_mysql.go
parent: eb949603484c307827863729db22c1d38fc9e31f (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/internal/storage/sql_provider_backend_mysql.go b/internal/storage/sql_provider_backend_mysql.go
index dfb7ec179..8805aea21 100644
--- a/internal/storage/sql_provider_backend_mysql.go
+++ b/internal/storage/sql_provider_backend_mysql.go
@@ -15,9 +15,9 @@ type MySQLProvider struct {
 }
 
 // NewMySQLProvider a MySQL provider.
-func NewMySQLProvider(config schema.MySQLStorageConfiguration) (provider *MySQLProvider) {
+func NewMySQLProvider(config schema.MySQLStorageConfiguration, encryptionKey string) (provider *MySQLProvider) {
 	provider = &MySQLProvider{
-		SQLProvider: NewSQLProvider(providerMySQL, providerMySQL, dataSourceNameMySQL(config)),
+		SQLProvider: NewSQLProvider(providerMySQL, providerMySQL, dataSourceNameMySQL(config), encryptionKey),
 	}
 
 	// All providers have differing SELECT existing table statements.
author	James Elliott <james-d-elliott@users.noreply.github.com>	2021-11-25 12:56:58 +1100
committer	GitHub <noreply@github.com>	2021-11-25 12:56:58 +1100
commit	347bd1be779266742aac4a1576fe58ed20b96d3b (patch)
tree	873f1cf8e4e6a36a29907189b25a0ef1e4cf3b9d /internal/storage/sql_provider_backend_mysql.go
parent	eb949603484c307827863729db22c1d38fc9e31f (diff)