diff --git a/wrappers/pkcs11/go.mod b/wrappers/pkcs11/go.mod index 085a3d0..c906375 100644 --- a/wrappers/pkcs11/go.mod +++ b/wrappers/pkcs11/go.mod @@ -5,14 +5,39 @@ go 1.22.1 replace github.com/openbao/go-kms-wrapping/v2 => ../../ require ( + github.com/hashicorp/go-uuid v1.0.3 github.com/miekg/pkcs11 v1.1.2-0.20231115102856-9078ad6b9d4b - github.com/openbao/go-kms-wrapping/v2 v2.0.0-00010101000000-000000000000 + github.com/openbao/go-kms-wrapping/v2 v2.1.0 + github.com/openbao/openbao/api/v2 v2.0.1 + github.com/stretchr/testify v1.8.4 ) require ( - github.com/hashicorp/go-uuid v1.0.3 // indirect - golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect - google.golang.org/protobuf v1.31.0 // indirect + github.com/cenkalti/backoff/v3 v3.0.0 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/go-jose/go-jose/v3 v3.0.1 // indirect + github.com/google/go-cmp v0.6.0 // indirect + github.com/hashicorp/errwrap v1.1.0 // indirect + github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/hashicorp/go-multierror v1.1.1 // indirect + github.com/hashicorp/go-retryablehttp v0.7.7 // indirect + github.com/hashicorp/go-rootcerts v1.0.2 // indirect + github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 // indirect + github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect + github.com/hashicorp/go-sockaddr v1.0.2 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/rogpeppe/go-internal v1.13.1 // indirect + github.com/ryanuber/go-glob v1.0.0 // indirect + golang.org/x/crypto v0.24.0 // indirect + golang.org/x/net v0.26.0 // indirect + golang.org/x/text v0.16.0 // indirect + golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect + google.golang.org/protobuf v1.33.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect ) retract [v2.0.0, v2.0.2] diff --git a/wrappers/pkcs11/go.sum b/wrappers/pkcs11/go.sum index c4a4124..b8f0c38 100644 --- a/wrappers/pkcs11/go.sum +++ b/wrappers/pkcs11/go.sum @@ -1,21 +1,103 @@ +github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3eG1c= +github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= +github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= +github.com/go-test/deep v1.0.2 h1:onZX1rnHT3Wv6cqNgYyFOOlgVKJrksuCMCRvJStbMYw= +github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= +github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= +github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= +github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= +github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= +github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= +github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 h1:om4Al8Oy7kCm/B86rLCLah4Dt5Aa0Fr5rYBG60OzwHQ= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= +github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc= +github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/miekg/pkcs11 v1.1.2-0.20231115102856-9078ad6b9d4b h1:J/AzCvg5z0Hn1rqZUJjpbzALUmkKX0Zwbc/i4fw7Sfk= github.com/miekg/pkcs11 v1.1.2-0.20231115102856-9078ad6b9d4b/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= +github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/openbao/openbao/api/v2 v2.0.1 h1:oyDqLa8m+XY3YBbgQ4YnX5o+/4/ybShiDPMC/7WomtE= +github.com/openbao/openbao/api/v2 v2.0.1/go.mod h1:qIp3G8D5vaW+r7TG2YoCCEo/5HxTvidwZA0GiwA1iJ8= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= +github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= +github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= +golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= +golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= +golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= +golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/time v0.0.0-20220411224347-583f2d630306 h1:+gHMid33q6pen7kv9xvT+JRinntgeXO2AeZVd0AWD3w= +golang.org/x/time v0.0.0-20220411224347-583f2d630306/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/wrappers/pkcs11/options.go b/wrappers/pkcs11/options.go index 867f877..fba5df2 100644 --- a/wrappers/pkcs11/options.go +++ b/wrappers/pkcs11/options.go @@ -97,57 +97,71 @@ func getDefaultOptions() options { } // WithSlot sets the slot -func WithSlot(slot string) OptionFunc { - return func(o *options) error { - o.withSlot = slot - return nil +func WithSlot(slot string) wrapping.Option { + return func() interface{} { + return OptionFunc(func(o *options) error { + o.withSlot = slot + return nil + }) } } // WithSlot sets the slot -func WithTokenLabel(slot string) OptionFunc { - return func(o *options) error { - o.withTokenLabel = slot - return nil +func WithTokenLabel(slot string) wrapping.Option { + return func() interface{} { + return OptionFunc(func(o *options) error { + o.withTokenLabel = slot + return nil + }) } } // WithPin sets the pin -func WithPin(pin string) OptionFunc { - return func(o *options) error { - o.withPin = pin - return nil +func WithPin(pin string) wrapping.Option { + return func() interface{} { + return OptionFunc(func(o *options) error { + o.withPin = pin + return nil + }) } } // WithLib sets the module -func WithLib(lib string) OptionFunc { - return func(o *options) error { - o.withLib = lib - return nil +func WithLib(lib string) wrapping.Option { + return func() interface{} { + return OptionFunc(func(o *options) error { + o.withLib = lib + return nil + }) } } // WithLabel sets the label -func WithKeyId(keyId string) OptionFunc { - return func(o *options) error { - o.withKeyId = keyId - return nil +func WithKeyId(keyId string) wrapping.Option { + return func() interface{} { + return OptionFunc(func(o *options) error { + o.withKeyId = keyId + return nil + }) } } // WithLabel sets the label -func WithKeyLabel(label string) OptionFunc { - return func(o *options) error { - o.withKeyLabel = label - return nil +func WithKeyLabel(label string) wrapping.Option { + return func() interface{} { + return OptionFunc(func(o *options) error { + o.withKeyLabel = label + return nil + }) } } // WithMechanism sets the mechanism -func WithMechanism(mechanism string) OptionFunc { - return func(o *options) error { - o.withMechanism = mechanism - return nil +func WithMechanism(mechanism string) wrapping.Option { + return func() interface{} { + return OptionFunc(func(o *options) error { + o.withMechanism = mechanism + return nil + }) } } diff --git a/wrappers/pkcs11/options_test.go b/wrappers/pkcs11/options_test.go new file mode 100644 index 0000000..fa9569c --- /dev/null +++ b/wrappers/pkcs11/options_test.go @@ -0,0 +1,112 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package pkcs11 + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +// Test_GetOpts provides unit tests for GetOpts and all the options +func Test_GetOpts(t *testing.T) { + t.Parallel() + t.Run("WithKeyId", func(t *testing.T) { + assert, require := assert.New(t), require.New(t) + // test default of 0 + opts, err := getOpts() + require.NoError(err) + testOpts, err := getOpts() + require.NoError(err) + testOpts.withKeyId = "" + assert.Equal(opts, testOpts) + + const with = "testKeyId" + opts, err = getOpts(WithKeyId(with)) + require.NoError(err) + testOpts.withKeyId = with + assert.Equal(opts, testOpts) + }) + t.Run("WithSlot", func(t *testing.T) { + assert, require := assert.New(t), require.New(t) + // test default of 0 + opts, err := getOpts() + require.NoError(err) + testOpts, err := getOpts() + require.NoError(err) + testOpts.withSlot = "" + assert.Equal(opts, testOpts) + + const with = "1024" + opts, err = getOpts(WithSlot(with)) + require.NoError(err) + testOpts.withSlot = with + assert.Equal(opts, testOpts) + }) + t.Run("WithPin", func(t *testing.T) { + assert, require := assert.New(t), require.New(t) + // test default of 0 + opts, err := getOpts() + require.NoError(err) + testOpts, err := getOpts() + require.NoError(err) + testOpts.withPin = "" + assert.Equal(opts, testOpts) + + const with = "000000" + opts, err = getOpts(WithPin(with)) + require.NoError(err) + testOpts.withPin = with + assert.Equal(opts, testOpts) + }) + t.Run("WithLib", func(t *testing.T) { + assert, require := assert.New(t), require.New(t) + // test default of 0 + opts, err := getOpts() + require.NoError(err) + testOpts, err := getOpts() + require.NoError(err) + testOpts.withLib = "" + assert.Equal(opts, testOpts) + + const with = "/usr/lib/pkcs11.so" + opts, err = getOpts(WithLib(with)) + require.NoError(err) + testOpts.withLib = with + assert.Equal(opts, testOpts) + }) + t.Run("WithTokenLabel", func(t *testing.T) { + assert, require := assert.New(t), require.New(t) + // test default of 0 + opts, err := getOpts() + require.NoError(err) + testOpts, err := getOpts() + require.NoError(err) + testOpts.withTokenLabel = "" + assert.Equal(opts, testOpts) + + const with = "labelTest" + opts, err = getOpts(WithTokenLabel(with)) + require.NoError(err) + testOpts.withTokenLabel = with + assert.Equal(opts, testOpts) + }) + t.Run("WithMechanism", func(t *testing.T) { + assert, require := assert.New(t), require.New(t) + // test default of 0 + opts, err := getOpts() + require.NoError(err) + testOpts, err := getOpts() + require.NoError(err) + testOpts.withMechanism = "" + assert.Equal(opts, testOpts) + + const with = "CKM_AES_GCM" + opts, err = getOpts(WithMechanism(with)) + require.NoError(err) + testOpts.withMechanism = with + assert.Equal(opts, testOpts) + }) +} diff --git a/wrappers/pkcs11/pkcs11.go b/wrappers/pkcs11/pkcs11.go index c648982..3428e03 100644 --- a/wrappers/pkcs11/pkcs11.go +++ b/wrappers/pkcs11/pkcs11.go @@ -11,12 +11,6 @@ import ( wrapping "github.com/openbao/go-kms-wrapping/v2" ) -// These constants contain the accepted env vars; the Vault one is for backwards compat -const ( - EnvPkcs11WrapperKeyId = "PKCS11_WRAPPER_KEY_ID" - EnvVaultPkcs11SealKeyId = "VAULT_PKCS11_SEAL_KEY_ID" -) - // Wrapper is a Wrapper that uses PKCS11 type Wrapper struct { client pkcs11ClientEncryptor diff --git a/wrappers/pkcs11/pkcs11_acc_test.go b/wrappers/pkcs11/pkcs11_acc_test.go index c933567..566ca66 100644 --- a/wrappers/pkcs11/pkcs11_acc_test.go +++ b/wrappers/pkcs11/pkcs11_acc_test.go @@ -14,13 +14,12 @@ import ( // but the KMS key used is generally not free. // // To run this test, the following env variables need to be set: -// - VAULT_PKCS11_SEAL_KEY_ID or PKCS11_WRAPPING_KEY_ID -// - PKCS11_WRAPPER_KEY_ID -// - PKCS11_SLOT -// - PKCS11_PIN -// - PKCS11_MODULE -// - PKCS11_LABEL -// - PKCS11_MECHANISM +// - BAO_HSM_SLOT +// - BAO_HSM_PIN +// - BAO_HSM_LIB +// - BAO_HSM_KEY_LABEL +// - BAO_HSM_KEY_ID +// - BAO_HSM_MECHANISM func TestAccPkcs11Wrapper_Lifecycle(t *testing.T) { if os.Getenv("VAULT_ACC") == "" && os.Getenv("KMS_ACC_TESTS") == "" { t.SkipNow() diff --git a/wrappers/pkcs11/pkcs11_client.go b/wrappers/pkcs11/pkcs11_client.go index 69a8944..f936c3b 100644 --- a/wrappers/pkcs11/pkcs11_client.go +++ b/wrappers/pkcs11/pkcs11_client.go @@ -10,7 +10,7 @@ import ( "encoding/binary" "encoding/hex" - "github.com/openbao/openbao/api" + "github.com/openbao/openbao/api/v2" uuid "github.com/hashicorp/go-uuid" pkcs11 "github.com/miekg/pkcs11" wrapping "github.com/openbao/go-kms-wrapping/v2" @@ -550,4 +550,4 @@ func numberAutoParse(value string, bitSize int) (uint64, error) { ret, err = strconv.ParseUint(value, 10, bitSize) } return ret, err -} \ No newline at end of file +}