kms: add context.Context to KMS API calls (#15327)

This commit adds a `context.Context` to the the KMS `{Stat, CreateKey, GenerateKey}` API calls. The context will be used to terminate external calls as soon as the client requests gets canceled. A follow-up PR will add a `context.Context` to the remaining `DecryptKey` API call. Signed-off-by: Andreas Auernhammer <hi@aead.dev>
2025-11-07 21:02:58 -05:00 · 2022-07-19 03:54:27 +02:00
parent 957e3ed729
commit 242d06274a
18 changed files with 64 additions and 65 deletions
--- a/internal/config/crypto.go
+++ b/internal/config/crypto.go
@@ -19,6 +19,7 @@ package config

 import (
 	"bytes"
+	"context"
 	"crypto/rand"
 	"encoding/binary"
 	"errors"
@@ -61,13 +62,13 @@ func DecryptBytes(KMS kms.KMS, ciphertext []byte, context kms.Context) ([]byte,
 //
 // The same context must be provided when decrypting the
 // ciphertext.
-func Encrypt(KMS kms.KMS, plaintext io.Reader, context kms.Context) (io.Reader, error) {
+func Encrypt(KMS kms.KMS, plaintext io.Reader, ctx kms.Context) (io.Reader, error) {
 	algorithm := sio.AES_256_GCM
 	if !fips.Enabled && !sioutil.NativeAES() {
 		algorithm = sio.ChaCha20Poly1305
 	}

-	key, err := KMS.GenerateKey("", context)
+	key, err := KMS.GenerateKey(context.Background(), "", ctx)
 	if err != nil {
 		return nil, err
 	}