secrets

package
v0.54.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 26, 2026 License: BSD-3-Clause Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type HashPayload added in v0.54.0 

type HashPayload struct {
	// Path is the beginning of a URL request to the Transit Engine.
	Path string
	// Algo selects a hashing algorithm offered by the Transit Engine.
	Algo string
	// Input is the value that will be hashed by Openbao.
	Input string
	// Format determiones whether the output will be encoded as Hex or Base64.
	Format string
}

HashPayload prepares a request to the Openbao Transit Engine to hash a string.

type OtpCode added in v0.52.0 

type OtpCode struct {
	// Path is the beginning of the URL request to the TOTP Engine. This is
	// configurable, because some Openbao servers might namespace a TOTP path.
	Path string
	// Name will name a key, and is part of the URL path.
	Name string
	// Code is a six-character string.
	Code string
}

OtpCode prepares a request to validate a TOTP Code.

type OtpKey added in v0.52.0 

type OtpKey struct {
	Barcode string
	Url     string
}

OtpKey wraps newly created TOTP Keys delivered by the Openbao TOTP Engine. These values can be displayed to a user during a registration process and saved in another database.

type OtpPayload added in v0.52.0 

type OtpPayload struct {
	// Path is the beginning of the URL request to the TOTP Engine. This is
	// configurable, because some Openbao servers might namespace a TOTP path.
	Path string
	// Name will name a key, and is part of the URL path.
	Name string
	// Generate determines whether or not the Openbao server will create a key.
	// When false, the developer needs to offer an existing key to the Openbao
	// server.
	Generate bool
	// Exported determines whether or not a QR Code & Url will be returned after
	// generating a key. Only use this when Generate is True.
	Exported bool
	// Url accepts an existing key URL when Generate is False.
	Url string
	// Key is the root key needed to generate a OTP code when Generate is False
	// and Url is blank.
	Key string
	// Issuer names the organization providing a key.
	Issuer string
	// AccountName can be the e-mail address of a user. Required when Generate
	// is True.
	AccountName string
}

OtpPayload can be used to prepare a request to create a OTP Key on Openbao.

type SkeletonKey added in v0.40.5 

type SkeletonKey struct {
	Openbao *openbao.Client
}

SkeletonKey wrap around an Openbao client. Perhaps it can wrap around other clients that read different storage.

func (*SkeletonKey) ConfigureTLSwithCA added in v0.40.5 

func (sk *SkeletonKey) ConfigureTLSwithCA(cfg *config.HttpServer) (*tls.Config, error)

ConfigureTLSwithCA expects a custom struct named HttpServer in the Config file. It will assemble a tls.Config with a CA, cert, and TLS 1.3

func (*SkeletonKey) Create added in v0.40.5 

func (sk *SkeletonKey) Create(cfg *config.Config)

Create is a method of the SkeletonKey. It is hardcoded for the Openbao client. It basically adds a token to an Openbao client, and adds the client to the SkeletonKey.

func (*SkeletonKey) CreateCertPool added in v0.40.5 

func (sk *SkeletonKey) CreateCertPool(cfg *config.HttpServer) (*x509.CertPool, error)

CreateCertPool expects a custom struct named HttpServer in the Config file. It will read a base64 encoded value from Openbao, then use that certificate to configure a certPool.

func (*SkeletonKey) CreateToken added in v0.54.0 

func (sk *SkeletonKey) CreateToken(data TokenPayload) (string, error)

CreateToken transmits data to the Openbao Transit Engine and returns a random token.

func (*SkeletonKey) DraftTokenPayload added in v0.54.0 

func (sk *SkeletonKey) DraftTokenPayload() TokenPayload

DraftTokenPayload assembles a sanely configured payload for the Openbao Transit Engine.

func (*SkeletonKey) Hash added in v0.54.0 

func (sk *SkeletonKey) Hash(data HashPayload) (string, error)

Hash transmits data to the Openbao Transit Engine for hashing and returns a string.

func (*SkeletonKey) HashDraftPayload added in v0.54.0 

func (sk *SkeletonKey) HashDraftPayload(input string) HashPayload

HashDraftPayload assembles a sanely configured payload.

func (*SkeletonKey) LogicalRead added in v0.52.0 

func (sk *SkeletonKey) LogicalRead(secretPath string) (*openbao.Secret, error)

LogicalRead expects an Openbao endpoint to GET.

func (*SkeletonKey) LogicalWrite added in v0.52.0 

func (sk *SkeletonKey) LogicalWrite(path string, data payload) (*openbao.Secret, error)

LogicalWrite expects an Openbao endpoint and a map of data to PUT.

func (*SkeletonKey) OTPaddKey added in v0.52.0 

func (sk *SkeletonKey) OTPaddKey(data OtpPayload) error

OTPaddKey expects an OtpPayload with an existing Key. When it succeeds, nothing is returned. The key will reside on Openbao. This is useful for adding existing TOTP Keys to a blank Openbao TOTP Engine.

func (*SkeletonKey) OTPcreateKey added in v0.52.0 

func (sk *SkeletonKey) OTPcreateKey(data OtpPayload) (*OtpKey, error)

OTPcreateKey expects an OtpPayload to PUT, and returns a QR Barcode & URL generated by the TOTP Engine of Openbao. The TOTP Engine must be enabled on the Openbao server prior to calling it.

func (*SkeletonKey) OTPdraftCode added in v0.52.0 

func (sk *SkeletonKey) OTPdraftCode(name string, code string) OtpCode

func (*SkeletonKey) OTPdraftPayload added in v0.52.0 

func (sk *SkeletonKey) OTPdraftPayload(generate bool) OtpPayload

OTPdraftPayload creates a OtpPayload struct with a few default values. Whether or not a develoepr wants to generate a new key in the Openbao server will determine which fields are needed in the subsequent invocation of OTPcreateKey(data).

func (*SkeletonKey) OTPverifyCode added in v0.52.0 

func (sk *SkeletonKey) OTPverifyCode(data OtpCode) (bool, error)

func (*SkeletonKey) ReadIntermediateCA added in v0.40.5 

func (sk *SkeletonKey) ReadIntermediateCA(cfg *config.HttpServer) ([]byte, error)

ReadIntermediateCA expects a custom struct named HttpServer in the Config file. It will read a base64 encoded value from Openbao, and return bytes.

func (*SkeletonKey) ReadPathAndKey added in v0.40.5 

func (sk *SkeletonKey) ReadPathAndKey(secretPath, key string) (string, error)

ReadPathAndKey expects an Openbao endpoint, and a JSON key.

func (*SkeletonKey) ReadTlsCertAndKey added in v0.40.5 

func (sk *SkeletonKey) ReadTlsCertAndKey(tlsInfo *config.TlsSecret) (*tls.Certificate, error)

ReadTlsCertAndKey expects a custom struct named TlsSecret in the Config file. It will assemble a x509 certificate and key that is stored in Openbao as a base64 values.

type TokenPayload added in v0.54.0 

type TokenPayload struct {
	// Path is the beginning of a URL request to the Transit Engine.
	Path string
	// Bytes is the amount of bytes desired.
	Bytes int
	// Format determines whether the output will be encoded as Hex or Base64.
	Format string
	// Source can be either "platform" or "all"
	Source string
}

TokenPayload prepares a request to the Openbao Transit Engine to generate random bytes.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.