Refactor passphrase

author: Levi Durfee <levi.durfee@gmail.com> 2026-01-08 13:34:40 -0500
committer: Levi Durfee <levi.durfee@gmail.com> 2026-01-08 14:38:58 -0500
commit: f83cffff038da3752847577bee22816e4243f565 (patch)
tree: 10662748646240871776cbdc98e30148b2014997 /internal/goaes.go
parent: 4beaad7b57dc2f010195eaf605216a40d3c904fd (diff)
1 files changed, 2 insertions, 8 deletions
diff --git a/internal/goaes.go b/internal/goaes.go
index d67921a..7bc71f3 100644
--- a/internal/goaes.go
+++ b/internal/goaes.go
@@ -8,7 +8,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"os"
 
 	"golang.org/x/crypto/argon2"
 )
@@ -20,15 +19,10 @@ const (
 	keyLen  = 32
 )
 
-func NewKEKFromEnvB64(passphraseEnvVar string, salt Salt) (KEK, error) {
-	b64Passphrase := os.Getenv(passphraseEnvVar)
-	if b64Passphrase == "" {
-		return nil, fmt.Errorf("%s is not set", passphraseEnvVar)
-	}
-
+func NewKEKFromEnvB64(b64Passphrase string, salt Salt) (KEK, error) {
 	passphrase, err := base64.StdEncoding.DecodeString(b64Passphrase)
 	if err != nil {
-		return nil, fmt.Errorf("decode %s base64: %w", passphraseEnvVar, err)
+		return nil, fmt.Errorf("decode %s base64: %w", b64Passphrase, err)
 	}
 
 	raw := argon2.IDKey(passphrase, salt, time, memory, threads, keyLen)
author	Levi Durfee <levi.durfee@gmail.com>	2026-01-08 13:34:40 -0500
committer	Levi Durfee <levi.durfee@gmail.com>	2026-01-08 14:38:58 -0500
commit	f83cffff038da3752847577bee22816e4243f565 (patch)
tree	10662748646240871776cbdc98e30148b2014997 /internal/goaes.go
parent	4beaad7b57dc2f010195eaf605216a40d3c904fd (diff)