Affected by GO-2023-2063 and 8 other vulnerabilities

GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

keymanager

package

v1.14.2 Latest Latest Go to latest Published: Aug 24, 2023 License: MPL-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hashicorp/vault

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type KeyManager
type PassthroughKeyManager
- func NewPassthroughKeyManager(ctx context.Context, key []byte) (*PassthroughKeyManager, error)
- func (w *PassthroughKeyManager) RetrievalToken(ctx context.Context) ([]byte, error)
- func (w *PassthroughKeyManager) Wrapper() wrapping.Wrapper

Constants ¶

View Source

const (
	KeyID = "root"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type KeyManager ¶

type KeyManager interface {
	// Returns a wrapping.Wrapper which can be used to perform key-related operations.
	Wrapper() wrapping.Wrapper
	// RetrievalToken is the material returned which can be used to source back the
	// encryption key. Depending on the implementation, the token can be the
	// encryption key itself or a token/identifier used to exchange the token.
	RetrievalToken(ctx context.Context) ([]byte, error)
}

type PassthroughKeyManager ¶

type PassthroughKeyManager struct {
	// contains filtered or unexported fields
}

func NewPassthroughKeyManager ¶

func NewPassthroughKeyManager(ctx context.Context, key []byte) (*PassthroughKeyManager, error)

NewPassthroughKeyManager returns a new instance of the Kube encryption key. If a key is provided, it will be used as the encryption key for the wrapper, otherwise one will be generated.

func (*PassthroughKeyManager) RetrievalToken ¶

func (w *PassthroughKeyManager) RetrievalToken(ctx context.Context) ([]byte, error)

RetrievalToken returns the key that was used on the wrapper since this key manager is simply a passthrough and does not provide a mechanism to abstract this key.

func (*PassthroughKeyManager) Wrapper ¶

func (w *PassthroughKeyManager) Wrapper() wrapping.Wrapper

Wrapper returns the manager's wrapper for key operations.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL