Remove nonce encryption for workerAuth

4 years ago · 4c55305a49
parent 4117841cf9
commit 4c55305a49
1 changed files with 2 additions and 8 deletions
--- a/internal/servers/repository_workerauth.go
+++ b/internal/servers/repository_workerauth.go
@ -125,6 +125,7 @@ func StoreNodeInformationTx(ctx context.Context, writer db.Writer, databaseWrapp
 	nodeAuth.WorkerKeyIdentifier = node.Id
 	nodeAuth.WorkerEncryptionPubKey = node.EncryptionPublicKeyBytes
 	nodeAuth.WorkerSigningPubKey = node.CertificatePublicKeyPkix
+	nodeAuth.Nonce = node.RegistrationNonce

 	var err error
 	nodeAuth.KeyId, err = databaseWrapper.KeyId(ctx)
@ -135,10 +136,6 @@ func StoreNodeInformationTx(ctx context.Context, writer db.Writer, databaseWrapp
 	if err != nil {
 		return errors.Wrap(ctx, err, op)
 	}
-	nodeAuth.Nonce, err = encrypt(ctx, node.RegistrationNonce, databaseWrapper)
-	if err != nil {
-		return errors.Wrap(ctx, err, op)
-	}

 	// Get workerId from state passed in
 	var result workerAuthWorkerId
@ -383,6 +380,7 @@ func (r *WorkerAuthRepositoryStorage) loadNodeInformation(ctx context.Context, n

 	node.EncryptionPublicKeyBytes = authorizedWorker.WorkerEncryptionPubKey
 	node.CertificatePublicKeyPkix = authorizedWorker.WorkerSigningPubKey
+	node.RegistrationNonce = authorizedWorker.Nonce

 	// Default values are used for key types
 	node.EncryptionPublicKeyType = types.KEYTYPE_X25519
@ -398,10 +396,6 @@ func (r *WorkerAuthRepositoryStorage) loadNodeInformation(ctx context.Context, n
 	if err != nil {
 		return errors.Wrap(ctx, err, op)
 	}
-	node.RegistrationNonce, err = decrypt(ctx, authorizedWorker.Nonce, databaseWrapper)
-	if err != nil {
-		return errors.Wrap(ctx, err, op)
-	}

 	// Get cert bundles from the other table
 	certBundles, err := r.findCertBundles(ctx, node.Id)