Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault
This commit is contained in:
commit
b84d26d6da
|
@ -21,8 +21,9 @@ const (
|
||||||
// using the global salt. Primarily, this allows paths in the storage
|
// using the global salt. Primarily, this allows paths in the storage
|
||||||
// backend to be obfuscated if they may contain sensitive information.
|
// backend to be obfuscated if they may contain sensitive information.
|
||||||
type Salt struct {
|
type Salt struct {
|
||||||
config *Config
|
config *Config
|
||||||
salt string
|
salt string
|
||||||
|
generated bool
|
||||||
}
|
}
|
||||||
|
|
||||||
type HashFunc func([]byte) []byte
|
type HashFunc func([]byte) []byte
|
||||||
|
@ -70,6 +71,7 @@ func NewSalt(view logical.Storage, config *Config) (*Salt, error) {
|
||||||
// Generate a new salt if necessary
|
// Generate a new salt if necessary
|
||||||
if s.salt == "" {
|
if s.salt == "" {
|
||||||
s.salt = uuid.GenerateUUID()
|
s.salt = uuid.GenerateUUID()
|
||||||
|
s.generated = true
|
||||||
raw = &logical.StorageEntry{
|
raw = &logical.StorageEntry{
|
||||||
Key: config.Location,
|
Key: config.Location,
|
||||||
Value: []byte(s.salt),
|
Value: []byte(s.salt),
|
||||||
|
@ -87,6 +89,12 @@ func (s *Salt) SaltID(id string) string {
|
||||||
return SaltID(s.salt, id, s.config.HashFunc)
|
return SaltID(s.salt, id, s.config.HashFunc)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DidGenerate returns if the underlying salt value was generated
|
||||||
|
// on initialization or if an existing salt value was loaded
|
||||||
|
func (s *Salt) DidGenerate() bool {
|
||||||
|
return s.generated
|
||||||
|
}
|
||||||
|
|
||||||
// SaltID is used to apply a salt and hash functio to an ID to make sure
|
// SaltID is used to apply a salt and hash functio to an ID to make sure
|
||||||
// it is not reversable
|
// it is not reversable
|
||||||
func SaltID(salt, id string, hash HashFunc) string {
|
func SaltID(salt, id string, hash HashFunc) string {
|
||||||
|
|
|
@ -18,6 +18,10 @@ func TestSalt(t *testing.T) {
|
||||||
t.Fatalf("err: %v", err)
|
t.Fatalf("err: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !salt.DidGenerate() {
|
||||||
|
t.Fatalf("expected generation")
|
||||||
|
}
|
||||||
|
|
||||||
// Verify the salt exists
|
// Verify the salt exists
|
||||||
out, err := inm.Get(DefaultLocation)
|
out, err := inm.Get(DefaultLocation)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -33,6 +37,10 @@ func TestSalt(t *testing.T) {
|
||||||
t.Fatalf("err: %v", err)
|
t.Fatalf("err: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if salt2.DidGenerate() {
|
||||||
|
t.Fatalf("unexpected generation")
|
||||||
|
}
|
||||||
|
|
||||||
// Check for a match
|
// Check for a match
|
||||||
if salt.salt != salt2.salt {
|
if salt.salt != salt2.salt {
|
||||||
t.Fatalf("salt mismatch: %s %s", salt.salt, salt2.salt)
|
t.Fatalf("salt mismatch: %s %s", salt.salt, salt2.salt)
|
||||||
|
|
Loading…
Reference in a new issue