open-vault/vault
nsimons ce90a6fa38
Make the error and http code clearer when supplying wrong unseal key (#17836)
* Fix typos

* Return http 400 when wrong unseal key is supplied

* Add changelog

* Add test cases and change one more return case to http 400

The new case is triggered when key length is within valid range
[16, 32], but it has uneven bytes, causing crypto/aes to return
invalid key size.

* remove expected in unit tests

* include error in the new error reason

* add multikey and autoseal test cases

* return invalid key for few more code paths
2022-11-28 16:01:47 -08:00
..
activity update protoc version to 3.21.7 oss (#17499) 2022-10-26 16:49:44 -07:00
cluster autopilot: assume nodes we haven't received heartbeats from are running the same version as we are (#17019) 2022-09-06 14:49:04 -04:00
diagnose refactor: replace strings.Replace with strings.ReplaceAll (#15392) 2022-08-03 15:22:48 -04:00
external_tests improve kv CLI to remove data or custom metadata using kv patch (#18067) 2022-11-21 17:11:36 -05:00
hcp_link update protoc version to 3.21.7 oss (#17499) 2022-10-26 16:49:44 -07:00
quotas VAULT-7707 OSS portion of changes (#18019) 2022-11-17 16:30:39 -05:00
replication Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
seal OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
tokens update protoc version to 3.21.7 oss (#17499) 2022-10-26 16:49:44 -07:00
acl.go prevent memory leak when using control group factors in a policy (#17532) 2022-10-14 19:15:15 -04:00
acl_test.go Fix linter issues in policy.go & acl.go (#16366) 2022-07-22 14:13:14 -04:00
acl_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
activity_log.go Don't return a 204 if there's no historical data (#17935) 2022-11-15 12:15:51 -08:00
activity_log_test.go Make some activity log tests less flaky (#17028) 2022-09-07 09:06:15 -04:00
activity_log_testing_util.go s/path/mount_path (#14164) 2022-02-18 13:44:43 -05:00
activity_log_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
activity_log_util_common.go fix off by one err in current month client count computation (#17457) 2022-10-07 12:37:09 -04:00
activity_log_util_common_test.go fix off by one err in current month client count computation (#17457) 2022-10-07 12:37:09 -04:00
audit.go core: push entry table type-checking into for loop (#17220) 2022-10-05 15:56:12 -04:00
audit_broker.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
audit_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
audited_headers.go vault: deprecate errwrap.Wrapf() (#11577) 2021-05-11 13:12:54 -04:00
audited_headers_test.go Fix some more error shadowing issues (#12990) 2021-11-01 11:43:00 -07:00
auth.go Remove pinned builtin plugin versions from storage (#18051) 2022-11-23 18:36:25 +00:00
auth_test.go Plugins: Allow explicitly specifying the builtin version of a plugin (#17289) 2022-09-22 23:15:46 +01:00
barrier.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
barrier_access.go Fix compile 2018-01-19 05:31:55 -05:00
barrier_aes_gcm.go Barrier: Fix potential locking issue (#17944) 2022-11-16 09:53:22 -08:00
barrier_aes_gcm_test.go validate cipher length before decrypting (#14098) 2022-02-18 07:37:22 -07:00
barrier_test.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
barrier_view.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
barrier_view_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
barrier_view_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
capabilities.go Adds ability to define an inline policy and internal metadata on tokens (#12682) 2021-10-07 10:36:22 -07:00
capabilities_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
cluster.go Add endpoints to provide ability to modify logging verbosity (#16111) 2022-06-27 11:39:53 -04:00
cluster_test.go Wait for standby to have a working grpc connection before we try to use it (#16905) 2022-08-26 12:50:10 -04:00
core.go Make the error and http code clearer when supplying wrong unseal key (#17836) 2022-11-28 16:01:47 -08:00
core_metrics.go Add more raft metrics, emit more metrics on non-perf standbys (#12166) 2022-10-07 09:09:08 -07:00
core_metrics_test.go oss changes (#15487) 2022-05-18 09:16:13 -07:00
core_test.go Plugins: Auto version selection for auth/secrets + tune version (#17167) 2022-09-22 13:53:52 +01:00
core_util.go core: Move rollback period init to NewCore (#17547) 2022-10-13 18:39:00 -04:00
core_util_common.go merkle sync undo logs (#17103) 2022-09-13 10:03:19 -07:00
cors.go Migrate to sdk/internalshared libs in go-secure-stdlib (#12090) 2021-07-15 20:17:31 -04:00
counters.go [VAULT-2852] deprecate req counters in oss (#12197) 2021-07-29 10:21:40 -07:00
counters_test.go Use %q for quoted strings where appropriate (#15216) 2022-08-03 12:32:45 -06:00
custom_response_headers.go reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
custom_response_headers_test.go vault: fix dropped test errors (#14402) 2022-03-08 12:32:27 -07:00
deadlock.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
dynamic_system_view.go Fix unsafe access to perf standby status from systemview (#17186) 2022-10-05 08:56:36 -04:00
dynamic_system_view_test.go core: set namespace within GeneratePasswordFromPolicy (#12635) 2021-09-27 09:08:07 -07:00
expiration.go update gofumpt to 0.3.1 and reformat the repo (#17055) 2022-09-07 17:31:20 -07:00
expiration_integ_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
expiration_test.go Fix a panic at cleanup time in an expiration restore lease benchmark. (#16485) 2022-07-28 05:54:03 -07:00
expiration_testing_util_common.go [VAULT-1981] Add OSS changes (#11999) 2021-07-06 17:12:24 -05:00
expiration_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
external_plugin_test.go plugins: Filter builtins by RunningVersion (#17816) 2022-11-11 14:51:37 -05:00
generate_root.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
generate_root_recovery.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
generate_root_test.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
ha.go Add more raft metrics, emit more metrics on non-perf standbys (#12166) 2022-10-07 09:09:08 -07:00
ha_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
identity_lookup.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
identity_lookup_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
identity_store.go Add plugin version to GRPC interface (#17088) 2022-09-15 16:37:59 -07:00
identity_store_aliases.go move custom metadata validation logic to its own package (#16464) 2022-07-28 10:40:38 -04:00
identity_store_aliases_test.go Support clearing an identity alias' custom_metadata (#13395) 2021-12-10 18:07:47 -05:00
identity_store_entities.go VAULT-9451 Fix data race in entity merge (#17631) 2022-10-21 16:47:59 -04:00
identity_store_entities_test.go Check if plugin version matches running version (#17182) 2022-09-21 12:25:04 -07:00
identity_store_group_aliases.go Refactor usages of Core in IdentityStore so they can be decoupled. (#12461) 2021-08-30 15:31:11 -04:00
identity_store_group_aliases_test.go Update group alias handling to better protect against namespace differences 2019-06-18 16:43:30 -04:00
identity_store_groups.go return bad request instead of server error for identity group cycle detection (#15912) 2022-06-10 10:15:31 -04:00
identity_store_groups_test.go update gofumpt to 0.3.1 and reformat the repo (#17055) 2022-09-07 17:31:20 -07:00
identity_store_oidc.go HCP link integration (#16939) 2022-09-06 14:11:04 -04:00
identity_store_oidc_provider.go identity/oidc: adds claims_supported to discovery document (#16992) 2022-09-02 09:19:25 -07:00
identity_store_oidc_provider_test.go identity/oidc: adds claims_supported to discovery document (#16992) 2022-09-02 09:19:25 -07:00
identity_store_oidc_provider_util.go identity/oidc: Adds proof key for code exchange (PKCE) support (#13917) 2022-02-15 12:02:22 -08:00
identity_store_oidc_test.go unit test: fix oidc periodicfunc flaky test (#15320) 2022-05-09 13:43:23 -05:00
identity_store_oidc_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
identity_store_oss.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
identity_store_schema.go Fix startup failures when aliases from a pre-1.9 vault version exist (#13169) 2021-11-16 14:56:34 -05:00
identity_store_structs.go HCP link integration (#16939) 2022-09-06 14:11:04 -04:00
identity_store_test.go identity/entity-alias: fix bug where alias metadata was shared if alias had same name (#16838) 2022-08-23 15:39:45 -04:00
identity_store_upgrade.go Prevent entity alias creation when entity is in different NS than mount (#943) (#6886) 2019-06-14 12:53:00 -04:00
identity_store_util.go VAULT-9451 Fix data race in entity merge (#17631) 2022-10-21 16:47:59 -04:00
init.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
init_test.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
inspectable.go Introspection API Implementation for Router Struct (#17789) 2022-11-04 09:39:09 -07:00
inspectable_test.go Introspection API Implementation for Router Struct (#17789) 2022-11-04 09:39:09 -07:00
keyring.go reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
keyring_test.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
lock.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
logical_cubbyhole.go Add plugin version to GRPC interface (#17088) 2022-09-15 16:37:59 -07:00
logical_cubbyhole_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
logical_passthrough.go Migrate to sdk/internalshared libs in go-secure-stdlib (#12090) 2021-07-15 20:17:31 -04:00
logical_passthrough_test.go Migrate to sdk/internalshared libs in go-secure-stdlib (#12090) 2021-07-15 20:17:31 -04:00
logical_raw.go Use %q for quoted strings where appropriate (#15216) 2022-08-03 12:32:45 -06:00
logical_system.go VAULT-9427: Add read support to `sys/loggers` endpoints (#17979) 2022-11-28 11:18:36 -05:00
logical_system_activity.go Activity Log Filtering Limit Parameter (#16000) 2022-06-15 15:41:31 -07:00
logical_system_helpers.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
logical_system_integ_test.go Reduce time taken to run the vault test package (#17157) 2022-09-16 09:53:16 -04:00
logical_system_paths.go VAULT-9427: Add read support to `sys/loggers` endpoints (#17979) 2022-11-28 11:18:36 -05:00
logical_system_pprof.go Add support for unauthenticated pprof access on a per-listener basis,… (#11324) 2021-04-19 14:30:59 -04:00
logical_system_quotas.go VAULT-6614 Enable role based quotas for lease-count quotas (OSS) (#16157) 2022-07-05 13:02:00 -04:00
logical_system_raft.go Break grabLockOrStop into two pieces to facilitate investigating deadlocks (#17187) 2022-09-20 11:03:16 -04:00
logical_system_test.go VAULT-9427: Add read support to `sys/loggers` endpoints (#17979) 2022-11-28 11:18:36 -05:00
logical_system_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
login_mfa.go Tolerate NamespaceByID returning (nil,nil) when looking up an mfa enforcement's ns (#17562) 2022-10-17 09:18:02 -04:00
managed_key_registry.go Invalidate the ManagedKeyRegistry cache when Vault config is updated. (#14179) 2022-02-21 09:55:44 -05:00
mfa_auth_resp_priority_queue.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
mfa_auth_resp_priority_queue_test.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
mount.go Remove pinned builtin plugin versions from storage (#18051) 2022-11-23 18:36:25 +00:00
mount_test.go Remove pinned builtin plugin versions from storage (#18051) 2022-11-23 18:36:25 +00:00
mount_util.go Fix unsafe access to perf standby status from systemview (#17186) 2022-10-05 08:56:36 -04:00
namespaces.go Refactor usages of Core in IdentityStore so they can be decoupled. (#12461) 2021-08-30 15:31:11 -04:00
namespaces_oss.go HCP link integration (#16939) 2022-09-06 14:11:04 -04:00
password_policy_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
plugin_catalog.go Remove pinned builtin plugin versions from storage (#18051) 2022-11-23 18:36:25 +00:00
plugin_catalog_test.go Remove pinned builtin plugin versions from storage (#18051) 2022-11-23 18:36:25 +00:00
plugin_reload.go Plugins: Add version info to CLI and server log output (#17430) 2022-10-06 12:54:27 +01:00
policy.go prevent memory leak when using control group factors in a policy (#17532) 2022-10-14 19:15:15 -04:00
policy_store.go core: fix start up policy loading race condition on perf standbys (#17801) 2022-11-03 13:01:39 -04:00
policy_store_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
policy_store_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
policy_test.go Add HTTP PATCH support to KV (#12687) 2021-10-13 15:24:31 -04:00
policy_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
raft.go storage/raft: Add retry_join_as_non_voter config option (#18030) 2022-11-18 17:58:16 +00:00
rekey.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
rekey_test.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
request_forwarding.go Add autopilot automated upgrades and redundancy zones (#15521) 2022-05-20 16:49:11 -04:00
request_forwarding_rpc.go Add more raft metrics, emit more metrics on non-perf standbys (#12166) 2022-10-07 09:09:08 -07:00
request_forwarding_rpc_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
request_forwarding_service.pb.go update protoc version to 3.21.7 oss (#17499) 2022-10-26 16:49:44 -07:00
request_forwarding_service.proto Add autopilot automated upgrades and redundancy zones (#15521) 2022-05-20 16:49:11 -04:00
request_forwarding_service_grpc.pb.go Update protobuf & grpc libraries and protoc plugins (#12679) 2021-09-29 18:25:15 -07:00
request_handling.go Deduplicate policies prior to generating ACL on request (#17914) 2022-11-16 17:43:46 -05:00
request_handling_test.go SSCT Optimizations (OSS) (#14323) 2022-03-01 12:24:45 -08:00
request_handling_util.go Vault-8306 User Lockout RPCs oss changes (#17765) 2022-11-15 15:07:52 -08:00
rollback.go Fix a data race with rollbackPeriod. (#17387) 2022-10-13 09:59:07 -04:00
rollback_test.go When tainting a route during setup, pre-calculate the namespace specific path (#15067) 2022-04-26 09:13:45 -07:00
router.go Introspection API Implementation for Router Struct (#17789) 2022-11-04 09:39:09 -07:00
router_access.go The big one (#5346) 2018-09-17 23:03:00 -04:00
router_test.go When tainting a route during setup, pre-calculate the namespace specific path (#15067) 2022-04-26 09:13:45 -07:00
router_testing.go AWS upgrade role entries (#7025) 2019-07-05 16:55:40 -07:00
seal.go Make the error and http code clearer when supplying wrong unseal key (#17836) 2022-11-28 16:01:47 -08:00
seal_access.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
seal_autoseal.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
seal_autoseal_test.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
seal_test.go Shamir seals now come in two varieties: legacy and new-style. (#7694) 2019-10-18 14:46:00 -04:00
seal_testing.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
seal_testing_util.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
sealunwrapper.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
sealunwrapper_test.go OSS portion of wrapper-v2 (#16811) 2022-08-23 15:37:16 -04:00
testing.go Remove pinned builtin plugin versions from storage (#18051) 2022-11-23 18:36:25 +00:00
testing_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
token_store.go HCP link integration (#16939) 2022-09-06 14:11:04 -04:00
token_store_test.go Use %q for quoted strings where appropriate (#15216) 2022-08-03 12:32:45 -06:00
token_store_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
token_store_util_common.go Load SSCT Generation Counter Upon DR Promotion [OSS] (#16956) 2022-08-31 11:05:21 -07:00
ui.go Add Semgrep Rules to OSS (#14513) 2022-03-18 11:14:03 -07:00
ui_test.go Fix UI custom header values (#10511) 2020-12-15 15:58:03 +01:00
util.go Removed unused methods 2017-01-03 12:51:35 -05:00
util_test.go Utility Enhancements 2016-04-05 20:32:59 -04:00
vault_version_time.go Add build date (#14957) 2022-04-19 14:28:08 -04:00
version_store.go Add build date (#14957) 2022-04-19 14:28:08 -04:00
version_store_test.go Add build date (#14957) 2022-04-19 14:28:08 -04:00
wrapping.go feature: secrets/auth plugin multiplexing (#14946) 2022-08-29 21:42:26 -05:00
wrapping_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00