112 lines
3.4 KiB
Elixir
112 lines
3.4 KiB
Elixir
defmodule BDS.AI.SecretBackend do
|
|
@moduledoc """
|
|
Encrypts and decrypts AI provider secrets (AES-256-GCM) with the
|
|
machine-local master key resolved by `BDS.AI.SecretKey`.
|
|
|
|
Values written by earlier releases — encrypted with key material that
|
|
shipped in the repository, or with the deterministic node-name fallback —
|
|
are still readable: `decrypt/1` falls back to the legacy keys, and
|
|
`BDS.AI.SecretMigration` re-encrypts such rows at boot. When no master key
|
|
can be obtained, both operations return `{:error, :secret_key_unavailable}`
|
|
instead of degrading to a weaker key.
|
|
"""
|
|
|
|
require Logger
|
|
|
|
alias BDS.AI.SecretKey
|
|
|
|
@aad "bds-ai-secret"
|
|
|
|
# Key material shipped in the repository before TD-01. Retained only so
|
|
# existing user databases can be read and re-encrypted by
|
|
# BDS.AI.SecretMigration; remove both together in a future release.
|
|
@legacy_repo_key binary_part(
|
|
"bds_desktop_shell_secret_key_base_64_chars_minimum_seed_value_001",
|
|
0,
|
|
32
|
|
)
|
|
|
|
@spec encrypt(String.t()) :: {:ok, String.t()} | {:error, term()}
|
|
def encrypt(value) when is_binary(value) do
|
|
with {:ok, key} <- secret_key() do
|
|
iv = :crypto.strong_rand_bytes(12)
|
|
|
|
{ciphertext, tag} =
|
|
:crypto.crypto_one_time_aead(:aes_256_gcm, key, iv, value, @aad, true)
|
|
|
|
{:ok, Base.encode64(iv <> tag <> ciphertext)}
|
|
end
|
|
end
|
|
|
|
@spec decrypt(String.t()) :: {:ok, String.t()} | {:error, term()}
|
|
def decrypt(encoded) when is_binary(encoded) do
|
|
with {:ok, key} <- secret_key() do
|
|
case decrypt_with(encoded, key) do
|
|
{:ok, plaintext} -> {:ok, plaintext}
|
|
{:error, :invalid_ciphertext} -> decrypt_legacy(encoded)
|
|
end
|
|
end
|
|
end
|
|
|
|
@doc """
|
|
Decrypts strictly with the current master key — no legacy fallback. Used by
|
|
`BDS.AI.SecretMigration` to detect rows that still need re-encryption.
|
|
"""
|
|
@spec decrypt_with_current_key(String.t()) :: {:ok, String.t()} | {:error, term()}
|
|
def decrypt_with_current_key(encoded) when is_binary(encoded) do
|
|
with {:ok, key} <- secret_key() do
|
|
decrypt_with(encoded, key)
|
|
end
|
|
end
|
|
|
|
@doc """
|
|
Attempts decryption with the legacy keys used by earlier releases.
|
|
"""
|
|
@spec decrypt_legacy(String.t()) :: {:ok, String.t()} | {:error, :invalid_ciphertext}
|
|
def decrypt_legacy(encoded) when is_binary(encoded) do
|
|
Enum.find_value(legacy_keys(), {:error, :invalid_ciphertext}, fn key ->
|
|
case decrypt_with(encoded, key) do
|
|
{:ok, plaintext} -> {:ok, plaintext}
|
|
{:error, :invalid_ciphertext} -> nil
|
|
end
|
|
end)
|
|
end
|
|
|
|
defp legacy_keys do
|
|
[
|
|
@legacy_repo_key,
|
|
:crypto.hash(:sha256, Atom.to_string(node()) <> ":bds:ai")
|
|
]
|
|
end
|
|
|
|
defp decrypt_with(encoded, key) do
|
|
with {:ok, binary} <- Base.decode64(encoded),
|
|
<<iv::binary-size(12), tag::binary-size(16), ciphertext::binary>> <- binary,
|
|
plaintext when is_binary(plaintext) <-
|
|
:crypto.crypto_one_time_aead(
|
|
:aes_256_gcm,
|
|
key,
|
|
iv,
|
|
ciphertext,
|
|
@aad,
|
|
tag,
|
|
false
|
|
) do
|
|
{:ok, plaintext}
|
|
else
|
|
_other -> {:error, :invalid_ciphertext}
|
|
end
|
|
end
|
|
|
|
defp secret_key do
|
|
case SecretKey.fetch() do
|
|
{:ok, key} ->
|
|
{:ok, key}
|
|
|
|
{:error, reason} ->
|
|
Logger.error("AI secret key unavailable: #{inspect(reason)}")
|
|
{:error, :secret_key_unavailable}
|
|
end
|
|
end
|
|
end
|