feat(storage): encrypted secret values (#2588)

This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330. Closes #682
author: James Elliott <james-d-elliott@users.noreply.github.com> 2021-11-25 12:56:58 +1100
committer: GitHub <noreply@github.com> 2021-11-25 12:56:58 +1100
commit: 347bd1be779266742aac4a1576fe58ed20b96d3b (patch)
tree: 873f1cf8e4e6a36a29907189b25a0ef1e4cf3b9d /internal/storage/sql_provider_backend_sqlite.go
parent: eb949603484c307827863729db22c1d38fc9e31f (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/internal/storage/sql_provider_backend_sqlite.go b/internal/storage/sql_provider_backend_sqlite.go
index b11b82239..f54309b06 100644
--- a/internal/storage/sql_provider_backend_sqlite.go
+++ b/internal/storage/sql_provider_backend_sqlite.go
@@ -10,9 +10,9 @@ type SQLiteProvider struct {
 }
 
 // NewSQLiteProvider constructs a SQLite provider.
-func NewSQLiteProvider(path string) (provider *SQLiteProvider) {
+func NewSQLiteProvider(path, encryptionKey string) (provider *SQLiteProvider) {
 	provider = &SQLiteProvider{
-		SQLProvider: NewSQLProvider(providerSQLite, "sqlite3", path),
+		SQLProvider: NewSQLProvider(providerSQLite, "sqlite3", path, encryptionKey),
 	}
 
 	// All providers have differing SELECT existing table statements.
author	James Elliott <james-d-elliott@users.noreply.github.com>	2021-11-25 12:56:58 +1100
committer	GitHub <noreply@github.com>	2021-11-25 12:56:58 +1100
commit	347bd1be779266742aac4a1576fe58ed20b96d3b (patch)
tree	873f1cf8e4e6a36a29907189b25a0ef1e4cf3b9d /internal/storage/sql_provider_backend_sqlite.go
parent	eb949603484c307827863729db22c1d38fc9e31f (diff)