2023-03-15 16:00:52 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2018-09-18 03:03:00 +00:00
|
|
|
package vault
|
|
|
|
|
2019-06-20 19:14:58 +00:00
|
|
|
import (
|
2019-06-24 03:05:51 +00:00
|
|
|
"github.com/hashicorp/go-hclog"
|
2022-08-23 19:37:16 +00:00
|
|
|
aeadwrapper "github.com/hashicorp/go-kms-wrapping/wrappers/aead/v2"
|
2019-10-18 18:46:00 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/helper/logging"
|
|
|
|
"github.com/hashicorp/vault/vault/seal"
|
2019-06-20 19:14:58 +00:00
|
|
|
testing "github.com/mitchellh/go-testing-interface"
|
|
|
|
)
|
2018-09-18 03:03:00 +00:00
|
|
|
|
2021-02-18 20:40:18 +00:00
|
|
|
func NewTestSeal(t testing.T, opts *seal.TestSealOpts) Seal {
|
2019-10-18 18:46:00 +00:00
|
|
|
t.Helper()
|
|
|
|
if opts == nil {
|
2020-01-11 01:39:52 +00:00
|
|
|
opts = &seal.TestSealOpts{}
|
2019-10-18 18:46:00 +00:00
|
|
|
}
|
|
|
|
if opts.Logger == nil {
|
|
|
|
opts.Logger = logging.NewVaultLogger(hclog.Debug)
|
|
|
|
}
|
|
|
|
|
|
|
|
switch opts.StoredKeys {
|
2021-12-07 01:12:20 +00:00
|
|
|
case seal.StoredKeysSupportedShamirRoot:
|
2023-05-04 18:22:30 +00:00
|
|
|
newSeal := NewDefaultSeal(seal.NewAccess(aeadwrapper.NewShamirWrapper()))
|
2019-10-18 18:46:00 +00:00
|
|
|
// Need StoredShares set or this will look like a legacy shamir seal.
|
|
|
|
newSeal.SetCachedBarrierConfig(&SealConfig{
|
|
|
|
StoredShares: 1,
|
|
|
|
SecretThreshold: 1,
|
|
|
|
SecretShares: 1,
|
|
|
|
})
|
|
|
|
return newSeal
|
2020-01-11 01:39:52 +00:00
|
|
|
case seal.StoredKeysNotSupported:
|
2023-05-04 18:22:30 +00:00
|
|
|
newSeal := NewDefaultSeal(seal.NewAccess(aeadwrapper.NewShamirWrapper()))
|
2019-10-18 18:46:00 +00:00
|
|
|
newSeal.SetCachedBarrierConfig(&SealConfig{
|
|
|
|
StoredShares: 0,
|
|
|
|
SecretThreshold: 1,
|
|
|
|
SecretShares: 1,
|
|
|
|
})
|
|
|
|
return newSeal
|
|
|
|
default:
|
2023-05-04 18:22:30 +00:00
|
|
|
access, _ := seal.NewTestSeal(opts)
|
|
|
|
seal, err := NewAutoSeal(access)
|
2022-08-23 19:37:16 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
return seal
|
2019-06-24 03:05:51 +00:00
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
}
|