Jeff Mitchell
941b066780
Add support for PGP encrypting the initial root token. ( #1883 )
2016-09-13 18:42:24 -04:00
Jeff Mitchell
ed48b008ce
Provide base64 keys in addition to hex encoded. ( #1734 )
...
* Provide base64 keys in addition to hex encoded.
Accept these at unseal/rekey time.
Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
2016-08-15 16:01:15 -04:00
Jeff Mitchell
e5b089de0f
Add check against seal type to catch errors before we attempt to use the data
2016-04-15 18:16:48 -04:00
Jeff Mitchell
ab93e3aa63
SealInterface
2016-04-04 10:44:22 -04:00
Jeff Mitchell
33326b30c3
Move meta into its own package
2016-04-01 13:16:05 -04:00
Jeff Mitchell
479775806e
Add -check flag to init.
...
Fixes #949
2016-01-22 13:06:40 -05:00
Jeff Mitchell
3ecd88bd5c
Allow ASCII-armored PGP pub keys to be passed into -pgp-keys.
...
Fixes #940
2016-01-18 17:01:52 -05:00
Jeff Mitchell
027c84c62a
Add rekey nonce/backup.
2016-01-06 09:54:35 -05:00
Jeff Mitchell
4d877dc4eb
Address comments from review.
2015-08-25 15:33:58 -07:00
Jeff Mitchell
e133536b79
Add support for pgp-keys argument to rekey, as well as tests, plus
...
refactor common bits out of init.
2015-08-25 14:52:13 -07:00
Jeff Mitchell
efccbcd23e
Don't store the given public keys in the seal config
2015-08-25 14:52:13 -07:00
Jeff Mitchell
ee10f1a565
Handle people specifying PGP key files with @ in front
2015-08-25 14:52:13 -07:00
Jeff Mitchell
d2023234b9
Add support for "pgp-tokens" parameters to init.
...
There are thorough unit tests that read the returned
encrypted tokens, seal the vault, and unseal it
again to ensure all works as expected.
2015-08-25 14:52:13 -07:00
Mitchell Hashimoto
8de077810e
command/init: tests
2015-03-13 12:53:09 -07:00
