Use hmac-sha256 for protecting secrets in audit entries

This commit is contained in:
Jeff Mitchell 2015-09-19 11:29:31 -04:00
parent 8d71601221
commit c8a0eda224
2 changed files with 8 additions and 5 deletions

View file

@ -140,10 +140,14 @@ func TestHash(t *testing.T) {
},
}
localSalt, err := salt.NewSalt(nil, &salt.Config{
HMAC: sha256.New,
HMACType: "hmac-sha256",
StaticSalt: "foo",
inmemStorage := &logical.InmemStorage{}
inmemStorage.Put(&logical.StorageEntry{
Key: "salt",
Value: []byte("foo"),
})
localSalt, err := salt.NewSalt(inmemStorage, &salt.Config{
HMAC: sha256.New,
HMACType: "hmac-sha256",
})
if err != nil {
t.Fatalf("Error instantiating salt: %s", err)

View file

@ -207,7 +207,6 @@ func (c *Core) newAuditBackend(t string, view logical.Storage, conf map[string]s
return nil, fmt.Errorf("unknown backend type: %s", t)
}
salter, err := salt.NewSalt(view, &salt.Config{
HashFunc: salt.SHA256Hash,
HMAC: sha256.New,
HMACType: "hmac-sha256",
})