Affected by GO-2023-1849
and 9 other vulnerabilities
GO-2023-1849: Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault
GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault
GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault
GO-2024-2617: Authentication bypass in github.com/hashicorp/vault
GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault
GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault
GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault
GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault
GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault
package
Version:
v1.13.1
Opens a new window with list of versions in this module.
Published: Mar 23, 2023
License: MPL-2.0
Opens a new window with license information.
Imports: 10
Opens a new window with list of imports.
Imported by: 15
Opens a new window with list of known importers.
Documentation
¶
-
func DecryptAES(key, ciphertext, nonce, aad []byte) ([]byte, error)
-
func DeriveSharedKey(secret, ourPublic, theirPublic []byte) ([]byte, error)
-
func EncryptAES(key, plaintext, aad []byte) ([]byte, []byte, error)
-
func GeneratePublicPrivateKey() ([]byte, []byte, error)
-
func GenerateSharedSecret(ourPrivate, theirPublic []byte) ([]byte, error)
-
type Envelope
-
type PublicKeyInfo
func DecryptAES(key, ciphertext, nonce, aad []byte) ([]byte, error)
Use AES256-GCM to decrypt some ciphertext with a provided key and nonce. The
returned values are the plaintext and error respectively.
func DeriveSharedKey(secret, ourPublic, theirPublic []byte) ([]byte, error)
DeriveSharedKey uses HKDF to derive a key from a shared secret and public keys
Use AES256-GCM to encrypt some plaintext with a provided key. The returned values are
the ciphertext, the nonce, and error respectively.
generatePublicPrivateKey uses curve25519 to generate a public and private key
pair.
func GenerateSharedSecret(ourPrivate, theirPublic []byte) ([]byte, error)
GenerateSharedSecret uses the private key and the other party's public key to
generate the shared secret.
type Envelope struct {
Curve25519PublicKey []byte `json:"curve25519_public_key"`
Nonce []byte `json:"nonce"`
EncryptedPayload []byte `json:"encrypted_payload"`
}
type PublicKeyInfo struct {
Curve25519PublicKey []byte `json:"curve25519_public_key"`
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.