luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/builtin/logical/pki/managed_key_util.go
Steven Clark 2fb8a9e667
secret/pki: Return correct algorithm type from key fetch API for managed keys (#15468) 
* secret/pki: Return correct algorithm type from key fetch api for managed keys

 - fix an issue that key_type field returned from the key fetch api had
   the ManagedPrivateKey type instead of the real algorithm of the managed key.

* Remove key_type from key list PKI operation. Partial revert of #15435

 - The key_type field should be used solely for the key algorithm but as implemented
   we would be returning the value ManagedPrivateKey for managed keys which is not
   in sync with the rest of the apis. We also did not want to take the performance
   hit if many managed keys existed so we will simply remove the field from the list
   operation
2022-05-17 11:36:14 -04:00

43 lines
1.4 KiB
Go
Raw Blame History

//go:build !enterprise
package pki
import (
"context"
"crypto"
"errors"
"io"
"github.com/hashicorp/vault/sdk/helper/certutil"
)
var errEntOnly = errors.New("managed keys are supported within enterprise edition only")
func generateManagedKeyCABundle(ctx context.Context, b *backend, keyId managedKeyId, data *certutil.CreationBundle, randomSource io.Reader) (bundle *certutil.ParsedCertBundle, err error) {
return nil, errEntOnly
}
func generateManagedKeyCSRBundle(ctx context.Context, b *backend, keyId managedKeyId, data *certutil.CreationBundle, addBasicConstraints bool, randomSource io.Reader) (bundle *certutil.ParsedCSRBundle, err error) {
return nil, errEntOnly
}
func getManagedKeyPublicKey(ctx context.Context, b *backend, keyId managedKeyId) (crypto.PublicKey, error) {
return nil, errEntOnly
}
func parseManagedKeyCABundle(ctx context.Context, b *backend, bundle *certutil.CertBundle) (*certutil.ParsedCertBundle, error) {
return nil, errEntOnly
}
func extractManagedKeyId(privateKeyBytes []byte) (UUIDKey, error) {
return "", errEntOnly
}
func createKmsKeyBundle(ctx context.Context, b *backend, keyId managedKeyId) (certutil.KeyBundle, certutil.PrivateKeyType, error) {
return certutil.KeyBundle{}, certutil.UnknownPrivateKey, errEntOnly
}
func getManagedKeyInfo(ctx context.Context, b *backend, keyId managedKeyId) (*managedKeyInfo, error) {
return nil, errEntOnly
}
Reference in a new issue View git blame Copy permalink