-
Notifications
You must be signed in to change notification settings - Fork 4.2k
/
managed_key_util.go
37 lines (28 loc) · 1.17 KB
/
managed_key_util.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
//go:build !enterprise
package pki
import (
"context"
"errors"
"io"
"github.com/hashicorp/vault/sdk/helper/certutil"
"github.com/hashicorp/vault/sdk/logical"
)
var errEntOnly = errors.New("managed keys are supported within enterprise edition only")
func generateCABundle(_ context.Context, _ *backend, input *inputBundle, data *certutil.CreationBundle, randomSource io.Reader) (*certutil.ParsedCertBundle, error) {
if kmsRequested(input) {
return nil, errEntOnly
}
return certutil.CreateCertificateWithRandomSource(data, randomSource)
}
func generateCSRBundle(_ context.Context, _ *backend, input *inputBundle, data *certutil.CreationBundle, addBasicConstraints bool, randomSource io.Reader) (*certutil.ParsedCSRBundle, error) {
if kmsRequested(input) {
return nil, errEntOnly
}
return certutil.CreateCSRWithRandomSource(data, addBasicConstraints, randomSource)
}
func parseCABundle(_ context.Context, _ *backend, _ *logical.Request, bundle *certutil.CertBundle) (*certutil.ParsedCertBundle, error) {
return bundle.ToParsedCertBundle()
}
func withManagedPKIKey(_ context.Context, _ *backend, _ keyId, _ string, _ logical.ManagedSigningKeyConsumer) error {
return errEntOnly
}