Allow base64-encoded keys to be used on the CLI for init/rekey.

Fixes #653.
2015-10-06 12:47:01 -04:00 · 2015-10-06 12:47:01 -04:00 · ad840233eb
parent 63e4f28f60
commit ad840233eb
3 changed files with 51 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,9 @@
+## 0.4.0 (Unreleased)
+
+IMPROVEMENTS:
+
+* Base64-encoded PGP keys can be used with the CLI for `init` and `rekey` operations [GH-653]
+
 ## 0.3.1 (October 6, 2015)

 SECURITY:
--- a/helper/pgpkeys/flag.go
+++ b/helper/pgpkeys/flag.go
@ -36,7 +36,12 @@ func (p *PubKeyFilesFlag) Set(value string) error {
 			return err
 		}

+		_, err = base64.StdEncoding.DecodeString(buf.String())
+		if err == nil {
+			*p = append(*p, buf.String())
+		} else {
 			*p = append(*p, base64.StdEncoding.EncodeToString(buf.Bytes()))
 		}
+	}
 	return nil
 }
--- a/helper/pgpkeys/flag_test.go
+++ b/helper/pgpkeys/flag_test.go
@ -19,7 +19,7 @@ func TestPubKeyFilesFlag_implements(t *testing.T) {
 	}
 }

-func TestPubKeyFilesFlagSet(t *testing.T) {
+func TestPubKeyFilesFlagSetBinary(t *testing.T) {
 	tempDir, err := ioutil.TempDir("", "vault-test")
 	if err != nil {
 		t.Fatalf("Error creating temporary directory: %s", err)
@ -69,6 +69,44 @@ func TestPubKeyFilesFlagSet(t *testing.T) {
 	}
 }

+func TestPubKeyFilesFlagSetB64(t *testing.T) {
+	tempDir, err := ioutil.TempDir("", "vault-test")
+	if err != nil {
+		t.Fatalf("Error creating temporary directory: %s", err)
+	}
+	defer os.RemoveAll(tempDir)
+
+	err = ioutil.WriteFile(tempDir+"/pubkey1", []byte(pubKey1), 0755)
+	if err != nil {
+		t.Fatalf("Error writing pub key 1 to temp file: %s", err)
+	}
+	err = ioutil.WriteFile(tempDir+"/pubkey2", []byte(pubKey2), 0755)
+	if err != nil {
+		t.Fatalf("Error writing pub key 2 to temp file: %s", err)
+	}
+    err = ioutil.WriteFile(tempDir+"/pubkey3", []byte(pubKey3), 0755)
+	if err != nil {
+		t.Fatalf("Error writing pub key 3 to temp file: %s", err)
+	}
+
+	pkf := new(PubKeyFilesFlag)
+	err = pkf.Set(tempDir + "/pubkey1,@" + tempDir + "/pubkey2")
+	if err != nil {
+		t.Fatalf("err: %s", err)
+	}
+
+	err = pkf.Set(tempDir + "/pubkey3")
+	if err == nil {
+		t.Fatalf("err: should not have been able to set a second value")
+	}
+
+	expected := []string{pubKey1, pubKey2}
+	if !reflect.DeepEqual(pkf.String(), fmt.Sprint(expected)) {
+        t.Fatalf("bad: got %s, expected %s", pkf.String(), fmt.Sprint(expected))
+	}
+}
+
+
 const pubKey1 = `mQENBFXbjPUBCADjNjCUQwfxKL+RR2GA6pv/1K+zJZ8UWIF9S0lk7cVIEfJiprzzwiMwBS5cD0da
 rGin1FHvIWOZxujA7oW0O2TUuatqI3aAYDTfRYurh6iKLC+VS+F7H+/mhfFvKmgr0Y5kDCF1j0T/
 063QZ84IRGucR/X43IY7kAtmxGXH0dYOCzOe5UBX1fTn3mXGe2ImCDWBH7gOViynXmb6XNvXkP0f