From 17cd70cea546e287713a3d4c086528a85abefa2e Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Tue, 4 Oct 2016 14:37:01 -0700
Subject: Add support for Hashicorp Vault

Vault is supported for the following:
As a well-known filesystem for TLS cert, TLS key and SSH signing key.
For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options.
---
 server/util/util.go      | 10 ++++++++++
 server/util/util_test.go | 16 ++++++++++++++++
 2 files changed, 26 insertions(+)
 create mode 100644 server/util/util.go
 create mode 100644 server/util/util_test.go

(limited to 'server/util')

diff --git a/server/util/util.go b/server/util/util.go
new file mode 100644
index 0000000..10f5eca
--- /dev/null
+++ b/server/util/util.go
@@ -0,0 +1,10 @@
+package util
+
+import "golang.org/x/crypto/ssh"
+
+// GetPublicKey marshals a ssh certificate to a string.
+func GetPublicKey(cert *ssh.Certificate) string {
+	marshaled := ssh.MarshalAuthorizedKey(cert)
+	// Strip trailing newline
+	return string(marshaled[:len(marshaled)-1])
+}
diff --git a/server/util/util_test.go b/server/util/util_test.go
new file mode 100644
index 0000000..d294d86
--- /dev/null
+++ b/server/util/util_test.go
@@ -0,0 +1,16 @@
+package util
+
+import (
+	"testing"
+
+	"github.com/nsheridan/cashier/testdata"
+	"golang.org/x/crypto/ssh"
+)
+
+func TestGetPublicKey(t *testing.T) {
+	t.Parallel()
+	c, _, _, _, _ := ssh.ParseAuthorizedKey(testdata.Cert)
+	if GetPublicKey(c.(*ssh.Certificate)) != string(testdata.Cert) {
+		t.Fail()
+	}
+}
-- 
cgit v1.2.3