aboutsummaryrefslogtreecommitdiff
path: root/vendor/github.com/hashicorp/vault/api/sys_rekey.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/hashicorp/vault/api/sys_rekey.go')
-rw-r--r--vendor/github.com/hashicorp/vault/api/sys_rekey.go147
1 files changed, 127 insertions, 20 deletions
diff --git a/vendor/github.com/hashicorp/vault/api/sys_rekey.go b/vendor/github.com/hashicorp/vault/api/sys_rekey.go
index e6d039e..ddeac01 100644
--- a/vendor/github.com/hashicorp/vault/api/sys_rekey.go
+++ b/vendor/github.com/hashicorp/vault/api/sys_rekey.go
@@ -26,6 +26,32 @@ func (c *Sys) RekeyRecoveryKeyStatus() (*RekeyStatusResponse, error) {
return &result, err
}
+func (c *Sys) RekeyVerificationStatus() (*RekeyVerificationStatusResponse, error) {
+ r := c.c.NewRequest("GET", "/v1/sys/rekey/verify")
+ resp, err := c.c.RawRequest(r)
+ if err != nil {
+ return nil, err
+ }
+ defer resp.Body.Close()
+
+ var result RekeyVerificationStatusResponse
+ err = resp.DecodeJSON(&result)
+ return &result, err
+}
+
+func (c *Sys) RekeyRecoveryKeyVerificationStatus() (*RekeyVerificationStatusResponse, error) {
+ r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/verify")
+ resp, err := c.c.RawRequest(r)
+ if err != nil {
+ return nil, err
+ }
+ defer resp.Body.Close()
+
+ var result RekeyVerificationStatusResponse
+ err = resp.DecodeJSON(&result)
+ return &result, err
+}
+
func (c *Sys) RekeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error) {
r := c.c.NewRequest("PUT", "/v1/sys/rekey/init")
if err := r.SetJSONBody(config); err != nil {
@@ -78,6 +104,24 @@ func (c *Sys) RekeyRecoveryKeyCancel() error {
return err
}
+func (c *Sys) RekeyVerificationCancel() error {
+ r := c.c.NewRequest("DELETE", "/v1/sys/rekey/verify")
+ resp, err := c.c.RawRequest(r)
+ if err == nil {
+ defer resp.Body.Close()
+ }
+ return err
+}
+
+func (c *Sys) RekeyRecoveryKeyVerificationCancel() error {
+ r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/verify")
+ resp, err := c.c.RawRequest(r)
+ if err == nil {
+ defer resp.Body.Close()
+ }
+ return err
+}
+
func (c *Sys) RekeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) {
body := map[string]interface{}{
"key": shard,
@@ -168,35 +212,98 @@ func (c *Sys) RekeyDeleteRecoveryBackup() error {
return err
}
+func (c *Sys) RekeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
+ body := map[string]interface{}{
+ "key": shard,
+ "nonce": nonce,
+ }
+
+ r := c.c.NewRequest("PUT", "/v1/sys/rekey/verify")
+ if err := r.SetJSONBody(body); err != nil {
+ return nil, err
+ }
+
+ resp, err := c.c.RawRequest(r)
+ if err != nil {
+ return nil, err
+ }
+ defer resp.Body.Close()
+
+ var result RekeyVerificationUpdateResponse
+ err = resp.DecodeJSON(&result)
+ return &result, err
+}
+
+func (c *Sys) RekeyRecoveryKeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
+ body := map[string]interface{}{
+ "key": shard,
+ "nonce": nonce,
+ }
+
+ r := c.c.NewRequest("PUT", "/v1/sys/rekey-recovery-key/verify")
+ if err := r.SetJSONBody(body); err != nil {
+ return nil, err
+ }
+
+ resp, err := c.c.RawRequest(r)
+ if err != nil {
+ return nil, err
+ }
+ defer resp.Body.Close()
+
+ var result RekeyVerificationUpdateResponse
+ err = resp.DecodeJSON(&result)
+ return &result, err
+}
+
type RekeyInitRequest struct {
- SecretShares int `json:"secret_shares"`
- SecretThreshold int `json:"secret_threshold"`
- PGPKeys []string `json:"pgp_keys"`
- Backup bool
+ SecretShares int `json:"secret_shares"`
+ SecretThreshold int `json:"secret_threshold"`
+ StoredShares int `json:"stored_shares"`
+ PGPKeys []string `json:"pgp_keys"`
+ Backup bool
+ RequireVerification bool `json:"require_verification"`
}
type RekeyStatusResponse struct {
- Nonce string
- Started bool
- T int
- N int
- Progress int
- Required int
- PGPFingerprints []string `json:"pgp_fingerprints"`
- Backup bool
+ Nonce string `json:"nonce"`
+ Started bool `json:"started"`
+ T int `json:"t"`
+ N int `json:"n"`
+ Progress int `json:"progress"`
+ Required int `json:"required"`
+ PGPFingerprints []string `json:"pgp_fingerprints"`
+ Backup bool `json:"backup"`
+ VerificationRequired bool `json:"verification_required"`
+ VerificationNonce string `json:"verification_nonce"`
}
type RekeyUpdateResponse struct {
- Nonce string
- Complete bool
- Keys []string
- KeysB64 []string `json:"keys_base64"`
- PGPFingerprints []string `json:"pgp_fingerprints"`
- Backup bool
+ Nonce string `json:"nonce"`
+ Complete bool `json:"complete"`
+ Keys []string `json:"keys"`
+ KeysB64 []string `json:"keys_base64"`
+ PGPFingerprints []string `json:"pgp_fingerprints"`
+ Backup bool `json:"backup"`
+ VerificationRequired bool `json:"verification_required"`
+ VerificationNonce string `json:"verification_nonce,omitempty"`
}
type RekeyRetrieveResponse struct {
- Nonce string
- Keys map[string][]string
+ Nonce string `json:"nonce"`
+ Keys map[string][]string `json:"keys"`
KeysB64 map[string][]string `json:"keys_base64"`
}
+
+type RekeyVerificationStatusResponse struct {
+ Nonce string `json:"nonce"`
+ Started bool `json:"started"`
+ T int `json:"t"`
+ N int `json:"n"`
+ Progress int `json:"progress"`
+}
+
+type RekeyVerificationUpdateResponse struct {
+ Nonce string `json:"nonce"`
+ Complete bool `json:"complete"`
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-30 05:30:45 +0000