* Use DRBG based RSA key generation everywhere
* switch to the conditional generator
* Use DRBG based RSA key generation everywhere
* switch to the conditional generator
* Add an ENV var to disable the DRBG in a pinch
* update go.mod
* Use DRBG based RSA key generation everywhere
* switch to the conditional generator
* Add an ENV var to disable the DRBG in a pinch
* Use DRBG based RSA key generation everywhere
* update go.mod
* fix import
* Remove rsa2 alias, remove test code
* move cryptoutil/rsa.go to sdk
* move imports too
* remove makefile change
* rsa2->rsa
* more rsa2->rsa, remove test code
* fix some overzelous search/replace
* Update to a real tag
* changelog
* copyright
* work around copyright check
* work around copyright check pt2
* bunch of dupe imports
* missing import
* wrong license
* fix go.mod conflict
* missed a spot
* dupe import
* add ml-dsa key type and stubs
* add in sdk changes
* ent breakout
* fix private key func and run go mod tidy
* change function name
* tidy go.mod
---------
Co-authored-by: Scott G. Miller <smiller@hashicorp.com>
* [transit-pkcs1v15] transit support for the pkcs1v15 padding scheme – without UI tests (yet).
* [transit-pkcs1v15] renamed padding_scheme parameter in transit documentation.
* [transit-pkcs1v15] add changelog file.
* [transit-pkcs1v15] remove the algorithm path as padding_scheme is chosen by parameter.
* Update ui/app/templates/components/transit-key-action/datakey.hbs
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update ui/app/templates/components/transit-key-action/datakey.hbs
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update ui/app/templates/components/transit-key-action/datakey.hbs
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update website/content/api-docs/secret/transit.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/api-docs/secret/transit.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/api-docs/secret/transit.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Add warnings to PKCS1v1.5 usage
* Update transit
* Update transit, including separating encrypt/decrypt paddings for rewrap
* Clean up factory use in the presence of padding
* address review feedback
* remove defaults
* lint
* more lint
* Some fixes for UI issues
- Fix padding scheme dropdown console error by adding values
to the transit-key-actions.hbs
- Populate both padding scheme drop down menus within rewrap,
not just the one padding_scheme
- Do not submit a padding_scheme value through POST for non-rsa keys
* Fix Transit rewrap API to use decrypt_padding_scheme, encrypt_padding_scheme
- Map the appropriate API fields for the RSA padding scheme to the
batch items within the rewrap API
- Add the ability to create RSA keys within the encrypt API endpoint
- Add test case for rewrap api that leverages the padding_scheme fields
* Fix code linting issues
* simply padding scheme enum
* Apply suggestions from code review
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Fix padding_scheme processing on data key api
- The data key api was using the incorrect parameter name for
the padding scheme
- Enforce that padding_scheme is only used on RSA keys, we
are punting on supporting it for managed keys at the moment.
* Add tests for parsePaddingSchemeArg
* Add missing copywrite headers
* Some small UI fixes
* Add missing param to datakey in api-docs
* Do not send padding_scheme for non-RSA key types within UI
* add UI tests for transit key actions form
---------
Co-authored-by: Marcel Lanz <marcellanz@n-1.ch>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Steve Clark <steven.clark@hashicorp.com>
Co-authored-by: claire bontempo <cbontempo@hashicorp.com>
* Do not generate HMAC keys for CMAC keys on calls to Upgrade
- Missed during the initial development of the Transit CMAC feature,
on initial key creation we did not generate HMAC keys when the key
type was CMAC. The call to the policy's Upgrade function though
would treat this key as requiring an upgrade and add one back.
- Fix this by adding an HMACSupported argument and verifying
on upgrade for HMAC creation that the key type supports HMAC
- Add generic test that verifies we aren't changing a key type iota
value, string it defined and the proper operation of HMACSupported
and CMACSupported functions
* Add warning to test variable
* add gosimport to make fmt and run it
* move installation to tools.sh
* correct weird spacing issue
* Update Makefile
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* fix a weird issue
---------
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* import rsa and ecdsa public keys
* allow import_version to update public keys - wip
* allow import_version to update public keys
* move check key fields into func
* put private/public keys in same switch cases
* fix method in UpdateKeyVersion
* move asymmetrics keys switch to its own method - WIP
* test import public and update it with private counterpart
* test import public keys
* use public_key to encrypt if RSAKey is not present and failed to decrypt
if key version does not have a private key
* move key to KeyEntry parsing from Policy to KeyEntry method
* move extracting of key from input fields into helper function
* change back policy Import signature to keep backwards compatibility and
add new method to import private or public keys
* test import with imported public rsa and ecdsa keys
* descriptions and error messages
* error messages, remove comments and unused code
* changelog
* documentation - wip
* suggested changes - error messages/typos and unwrap public key passed
* fix unwrap key error
* fail if both key fields have been set
* fix in extractKeyFromFields, passing a PolicyRequest wouldn't not work
* checks for read, sign and verify endpoints so they don't return errors when a private key was not imported and tests
* handle panic on "export key" endpoint if imported key is public
* fmt
* remove 'isPrivateKey' argument from 'UpdateKeyVersion' and
'parseFromKey' methods
also: rename 'UpdateKeyVersion' method to 'ImportPrivateKeyForVersion' and 'IsPublicKeyImported' to 'IsPrivateKeyMissing'
* delete 'RSAPublicKey' when private key is imported
* path_export: return public_key for ecdsa and rsa when there's no private key imported
* allow signed data validation with pss algorithm
* remove NOTE comment
* fix typo in EC public key export where empty derBytes was being used
* export rsa public key in pkcs8 format instead of pkcs1 and improve test
* change logic on how check for is private key missing is calculated
---------
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add support for PKCSv1_5_NoOID signatures
This assumes a pre-hashed input has been provided to Vault, but we do
not write the hash's OID into the signature stream. This allows us to
generate the alternative PKCSv1_5_NoOID signature type rather than the
existing PKCSv1_5_DERnull signature type we presently use.
These are specified in RFC 3447 Section 9.2.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Exclude new none type from PSS based tests
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add tests for PKCS#1v1.5 signatures
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
- When we added new tests that validate the RSA PSS feature, they
work properly on normal Go builds, but tests underneath the Boring
Crypto fips implementations fail due to a lack of SHA3 support in
FIPS 140-2.
* accommodate salt lengths for RSA PSS
* address feedback
* generalise salt length to an int
* fix error reporting
* Revert "fix error reporting"
This reverts commit 8adfc15fe3303b8fdf9f094ea246945ab1364077.
* fix a faulty check
* check for min/max salt lengths
* stringly-typed HTTP param
* unit tests for sign/verify HTTP requests
also, add marshaling for both SDK and HTTP requests
* randomly sample valid salt length
* add changelog
* add documentation
- Found by @trishankatdatadog in PR #16549, we were masking errors
coming out of the rsa verification calls as verfication errors and
not returning when they were usage errors.
* add import endpoint
* fix unlock
* add import_version
* refactor import endpoints and add tests
* add descriptions
* Update dependencies to include tink for Transit import operations. Convert Transit wrapping key endpoint to use shared wrapping key retrieval method. Disallow import of convergent keys to Transit via BYOK process.
* Include new 'hash_function' parameter on Transit import endpoints to specify OAEP random oracle hash function used to wrap ephemeral AES key.
* Add default values for Transit import endpoint fields. Prevent an OOB panic in Transit import. Proactively zero out ephemeral AES key used in Transit imports.
* Rename some Transit BYOK import variables. Ensure Transit BYOK ephemeral key is of the size specified byt the RFC.
* Add unit tests for Transit BYOK import endpoint.
* Simplify Transit BYOK import tests. Add a conditional on auto rotation to avoid errors on BYOK keys with allow_rotation=false.
* Added hash_function field to Transit import_version endpoint. Reworked Transit import unit tests. Added unit tests for Transit import_version endpoint.
* Add changelog entry for Transit BYOK.
* Transit BYOK formatting fixes.
* Omit 'convergent_encryption' field from Transit BYOK import endpoint, but reject with an error when the field is provided.
* Minor formatting fix in Transit import.
Co-authored-by: rculpepper <rculpepper@hashicorp.com>
* Support salt in DeriveKey
* Revert "Support salt in DeriveKey"
This reverts commit b295ae4267.
* Refactor out key derivation, symmetric encryption, and symmetric decryption into generic functions
* comments
* comments
* go mod vendor
* bump both go.mods
* This one too
* bump
* bump
* bump
* Make the lesser used params of symmetric ops a struct
* go fmt
* Call GetKey instead of DeriveKey
* Address feedback
* Wrong rv
* Rename calls
* Assign the nonce field
* trivial change
* Check nonce len instead
* go mod vendor
* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru
* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru
* changed some import paths to point to sdk
* Apply suggestions from code review
Co-Authored-By: Lexman42 <Lexman42@users.noreply.github.com>
* updates docs with information on transit/cache-config endpoint
* updates vendored files
* fixes policy tests to actually use a cache where expected and renames the struct and storage path used for cache configurations to be more generic
* updates document links
* fixed a typo in a documentation link
* changes cache_size to just size for the cache-config endpoint
