-
Notifications
You must be signed in to change notification settings - Fork 540
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for HMAC type to vault_transit_secret_backend_key #2034
Add support for HMAC type to vault_transit_secret_backend_key #2034
Conversation
* Add key_size as it is necessary for HMAC. Default to 0 bits as that is the default for all key types _except_ HMAC currently.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! Looking good so far! Had a few comments on checking the Vault server version.
Could we also add a Changelog entry under Unreleased?
* Removed ValidateFunc to rely on Vault's internal validation * Updated CHANGELOG.md * Slightly tweaked the description of `key_size` * Wrapped the `data["key_size"]` allocation in a check for Vault version * Added `SkipFunc` blocks to the `hmac` tests
Thanks for the feedback. I:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Thanks!
This seems done - is there anything else you require from me? |
We don't require anything else, thanks @roberteckert! |
Description
This PR updates the vault_transit_secret_backend_key to accept the
hmac
key type along with the requisitekey_size
argument so that transit keys of thehmac
type can be created.Relates OR Closes #0000
Checklist
Output from acceptance testing:
Community Note