diff --git a/audit/broker.go b/audit/broker.go index 47680e7be3..ce8876f081 100644 --- a/audit/broker.go +++ b/audit/broker.go @@ -448,7 +448,7 @@ func (b *Broker) GetHash(ctx context.Context, name string, input string) (string return "", fmt.Errorf("unknown audit backend %q", name) } - return HashString(ctx, be.backend, input) + return hashString(ctx, be.backend, input) } // IsRegistered is used to check if a given audit backend is registered. diff --git a/audit/entry_formatter.go b/audit/entry_formatter.go index 0072b704db..c4a1987a7e 100644 --- a/audit/entry_formatter.go +++ b/audit/entry_formatter.go @@ -242,12 +242,12 @@ func (f *entryFormatter) formatRequest(ctx context.Context, in *logical.LogInput if !f.config.raw { var err error - auth, err = HashAuth(ctx, f.salter, auth, f.config.hmacAccessor) + auth, err = hashAuth(ctx, f.salter, auth, f.config.hmacAccessor) if err != nil { return nil, err } - req, err = HashRequest(ctx, f.salter, req, f.config.hmacAccessor, in.NonHMACReqDataKeys) + req, err = hashRequest(ctx, f.salter, req, f.config.hmacAccessor, in.NonHMACReqDataKeys) if err != nil { return nil, err } @@ -379,7 +379,7 @@ func (f *entryFormatter) formatResponse(ctx context.Context, in *logical.LogInpu var respData map[string]interface{} if f.config.raw { - // In the non-raw case, elision of list response data occurs inside HashResponse, to avoid redundant deep + // In the non-raw case, elision of list response data occurs inside hashResponse, to avoid redundant deep // copies and hashing of data only to elide it later. In the raw case, we need to do it here. if elideListResponseData && resp.Data != nil { // Copy the data map before making changes, but we only need to go one level deep in this case @@ -394,17 +394,17 @@ func (f *entryFormatter) formatResponse(ctx context.Context, in *logical.LogInpu } } else { var err error - auth, err = HashAuth(ctx, f.salter, auth, f.config.hmacAccessor) + auth, err = hashAuth(ctx, f.salter, auth, f.config.hmacAccessor) if err != nil { return nil, err } - req, err = HashRequest(ctx, f.salter, req, f.config.hmacAccessor, in.NonHMACReqDataKeys) + req, err = hashRequest(ctx, f.salter, req, f.config.hmacAccessor, in.NonHMACReqDataKeys) if err != nil { return nil, err } - resp, err = HashResponse(ctx, f.salter, resp, f.config.hmacAccessor, in.NonHMACRespDataKeys, elideListResponseData) + resp, err = hashResponse(ctx, f.salter, resp, f.config.hmacAccessor, in.NonHMACRespDataKeys, elideListResponseData) if err != nil { return nil, err } diff --git a/audit/hashstructure.go b/audit/hashstructure.go index d49c02865c..95b970e1ae 100644 --- a/audit/hashstructure.go +++ b/audit/hashstructure.go @@ -17,8 +17,8 @@ import ( "github.com/mitchellh/reflectwalk" ) -// HashString hashes the given opaque string and returns it -func HashString(ctx context.Context, salter Salter, data string) (string, error) { +// hashString hashes the given opaque string and returns it +func hashString(ctx context.Context, salter Salter, data string) (string, error) { salt, err := salter.Salt(ctx) if err != nil { return "", err @@ -27,8 +27,8 @@ func HashString(ctx context.Context, salter Salter, data string) (string, error) return salt.GetIdentifiedHMAC(data), nil } -// HashAuth returns a hashed copy of the logical.Auth input. -func HashAuth(ctx context.Context, salter Salter, in *logical.Auth, HMACAccessor bool) (*logical.Auth, error) { +// hashAuth returns a hashed copy of the logical.Auth input. +func hashAuth(ctx context.Context, salter Salter, in *logical.Auth, HMACAccessor bool) (*logical.Auth, error) { if in == nil { return nil, nil } @@ -50,8 +50,8 @@ func HashAuth(ctx context.Context, salter Salter, in *logical.Auth, HMACAccessor return &auth, nil } -// HashRequest returns a hashed copy of the logical.Request input. -func HashRequest(ctx context.Context, salter Salter, in *logical.Request, HMACAccessor bool, nonHMACDataKeys []string) (*logical.Request, error) { +// hashRequest returns a hashed copy of the logical.Request input. +func hashRequest(ctx context.Context, salter Salter, in *logical.Request, HMACAccessor bool, nonHMACDataKeys []string) (*logical.Request, error) { if in == nil { return nil, nil } @@ -70,7 +70,7 @@ func HashRequest(ctx context.Context, salter Salter, in *logical.Request, HMACAc return nil, err } - req.Auth, err = HashAuth(ctx, salter, cp.(*logical.Auth), HMACAccessor) + req.Auth, err = hashAuth(ctx, salter, cp.(*logical.Auth), HMACAccessor) if err != nil { return nil, err } @@ -99,7 +99,7 @@ func HashRequest(ctx context.Context, salter Salter, in *logical.Request, HMACAc return &req, nil } -func hashMap(hashFunc HashCallback, data map[string]interface{}, nonHMACDataKeys []string) error { +func hashMap(hashFunc hashCallback, data map[string]interface{}, nonHMACDataKeys []string) error { for k, v := range data { if o, ok := v.(logical.OptMarshaler); ok { marshaled, err := o.MarshalJSONWithOptions(&logical.MarshalOptions{ @@ -115,8 +115,8 @@ func hashMap(hashFunc HashCallback, data map[string]interface{}, nonHMACDataKeys return HashStructure(data, hashFunc, nonHMACDataKeys) } -// HashResponse returns a hashed copy of the logical.Request input. -func HashResponse(ctx context.Context, salter Salter, in *logical.Response, HMACAccessor bool, nonHMACDataKeys []string, elideListResponseData bool) (*logical.Response, error) { +// hashResponse returns a hashed copy of the logical.Request input. +func hashResponse(ctx context.Context, salter Salter, in *logical.Response, HMACAccessor bool, nonHMACDataKeys []string, elideListResponseData bool) (*logical.Response, error) { if in == nil { return nil, nil } @@ -135,7 +135,7 @@ func HashResponse(ctx context.Context, salter Salter, in *logical.Response, HMAC return nil, err } - resp.Auth, err = HashAuth(ctx, salter, cp.(*logical.Auth), HMACAccessor) + resp.Auth, err = hashAuth(ctx, salter, cp.(*logical.Auth), HMACAccessor) if err != nil { return nil, err } @@ -178,7 +178,7 @@ func HashResponse(ctx context.Context, salter Salter, in *logical.Response, HMAC } // hashWrapInfo returns a hashed copy of the wrapping.ResponseWrapInfo input. -func hashWrapInfo(hashFunc HashCallback, in *wrapping.ResponseWrapInfo, HMACAccessor bool) (*wrapping.ResponseWrapInfo, error) { +func hashWrapInfo(hashFunc hashCallback, in *wrapping.ResponseWrapInfo, HMACAccessor bool) (*wrapping.ResponseWrapInfo, error) { if in == nil { return nil, nil } @@ -201,15 +201,15 @@ func hashWrapInfo(hashFunc HashCallback, in *wrapping.ResponseWrapInfo, HMACAcce // HashStructure takes an interface and hashes all the values within // the structure. Only _values_ are hashed: keys of objects are not. // -// For the HashCallback, see the built-in HashCallbacks below. -func HashStructure(s interface{}, cb HashCallback, ignoredKeys []string) error { +// For the hashCallback, see the built-in HashCallbacks below. +func HashStructure(s interface{}, cb hashCallback, ignoredKeys []string) error { walker := &hashWalker{Callback: cb, IgnoredKeys: ignoredKeys} return reflectwalk.Walk(s, walker) } -// HashCallback is the callback called for HashStructure to hash +// hashCallback is the callback called for HashStructure to hash // a value. -type HashCallback func(string) string +type hashCallback func(string) string // hashWalker implements interfaces for the reflectwalk package // (github.com/mitchellh/reflectwalk) that can be used to automatically @@ -218,8 +218,8 @@ type hashWalker struct { // Callback is the function to call with the primitive that is // to be hashed. If there is an error, walking will be halted // immediately and the error returned. - Callback HashCallback - // IgnoreKeys are the keys that wont have the HashCallback applied + Callback hashCallback + // IgnoreKeys are the keys that wont have the hashCallback applied IgnoredKeys []string // MapElem appends the key itself (not the reflect.Value) to key. // The last element in key is the most recently entered map key. diff --git a/audit/hashstructure_test.go b/audit/hashstructure_test.go index f437b3e14c..5468cbfa7b 100644 --- a/audit/hashstructure_test.go +++ b/audit/hashstructure_test.go @@ -119,12 +119,12 @@ func (*TestSalter) Salt(ctx context.Context) (*salt.Salt, error) { func TestHashString(t *testing.T) { salter := &TestSalter{} - out, err := HashString(context.Background(), salter, "foo") + out, err := hashString(context.Background(), salter, "foo") if err != nil { t.Fatalf("Error instantiating salt: %s", err) } if out != "hmac-sha256:08ba357e274f528065766c770a639abf6809b39ccfd37c2a3157c7f51954da0a" { - t.Fatalf("err: HashString output did not match expected") + t.Fatalf("err: hashString output did not match expected") } } @@ -166,7 +166,7 @@ func TestHashAuth(t *testing.T) { salter := &TestSalter{} for _, tc := range cases { input := fmt.Sprintf("%#v", tc.Input) - out, err := HashAuth(context.Background(), salter, tc.Input, tc.HMACAccessor) + out, err := hashAuth(context.Background(), salter, tc.Input, tc.HMACAccessor) if err != nil { t.Fatalf("err: %s\n\n%s", err, input) } @@ -224,7 +224,7 @@ func TestHashRequest(t *testing.T) { salter := &TestSalter{} for _, tc := range cases { input := fmt.Sprintf("%#v", tc.Input) - out, err := HashRequest(context.Background(), salter, tc.Input, tc.HMACAccessor, tc.NonHMACDataKeys) + out, err := hashRequest(context.Background(), salter, tc.Input, tc.HMACAccessor, tc.NonHMACDataKeys) if err != nil { t.Fatalf("err: %s\n\n%s", err, input) } @@ -289,7 +289,7 @@ func TestHashResponse(t *testing.T) { salter := &TestSalter{} for _, tc := range cases { input := fmt.Sprintf("%#v", tc.Input) - out, err := HashResponse(context.Background(), salter, tc.Input, tc.HMACAccessor, tc.NonHMACDataKeys, false) + out, err := hashResponse(context.Background(), salter, tc.Input, tc.HMACAccessor, tc.NonHMACDataKeys, false) if err != nil { t.Fatalf("err: %s\n\n%s", err, input) } diff --git a/audit/headers.go b/audit/headers.go index 535a61244e..173677631c 100644 --- a/audit/headers.go +++ b/audit/headers.go @@ -248,7 +248,7 @@ func (a *HeadersConfig) ApplyConfig(ctx context.Context, headers map[string][]st // Optionally hmac the values if settings.HMAC { for i, el := range hVals { - hVal, err := HashString(ctx, salter, el) + hVal, err := hashString(ctx, salter, el) if err != nil { return nil, err } diff --git a/audit/headers_test.go b/audit/headers_test.go index e4ff34047f..4c01f697c1 100644 --- a/audit/headers_test.go +++ b/audit/headers_test.go @@ -364,7 +364,7 @@ func (s *FailingSalter) Salt(context.Context) (*salt.Salt, error) { } // TestAuditedHeadersConfig_ApplyConfig_HashStringError tests the case where -// an error is returned from HashString instead of a map of headers. +// an error is returned from hashString instead of a map of headers. func TestAuditedHeadersConfig_ApplyConfig_HashStringError(t *testing.T) { t.Parallel()