Support parseutil.ParsePath for sensitive values in wrapper configs (h…

…ashicorp#272) * Add support for stdlib ParsePath to sensitive options * wip * wire up QuietParsePath to all remaining wrappers * Add ParsePaths * wip new pattern * bug fixes * remove unused * unit test * mod tidy * remove unnecessary change * remove unnecessary change * Use the new parsepath options * add missing errnoturl check * Update to parsepath 0.1.9 * rollback wrapper changes until we have a tagged top level package * Improve ParsePaths behavior in errors, and add a usage comment
openbao · Jan 21, 2025 · 9aac87b · 9aac87b
1 parent 7876aa2
commit 9aac87b
Show file tree

Hide file tree

Showing 5 changed files with 82 additions and 0 deletions.
diff --git a/go.mod b/go.mod
@@ -3,6 +3,7 @@ module github.com/hashicorp/go-kms-wrapping/v2
 go 1.20
 
 require (
+	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.9
 	github.com/hashicorp/go-uuid v1.0.3
 	github.com/mr-tron/base58 v1.2.0
 	github.com/stretchr/testify v1.8.4
@@ -13,8 +14,12 @@ require (
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.6 // indirect
 	github.com/kr/pretty v0.3.0 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/ryanuber/go-glob v1.0.0 // indirect
 	golang.org/x/sys v0.15.0 // indirect
 	gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect

diff --git a/go.sum b/go.sum
@@ -2,6 +2,12 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
+github.com/hashicorp/go-secure-stdlib/parseutil v0.1.9 h1:FW0YttEnUNDJ2WL9XcrrfteS1xW8u+sh4ggM8pN5isQ=
+github.com/hashicorp/go-secure-stdlib/parseutil v0.1.9/go.mod h1:Ll013mhdmsVDuoIXVfBtvgGJsXDYkTw1kooNcoCXuE0=
+github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts=
+github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4=
+github.com/hashicorp/go-sockaddr v1.0.6 h1:RSG8rKU28VTUTvEKghe5gIhIQpv8evvNpnDEyqO4u9I=
+github.com/hashicorp/go-sockaddr v1.0.6/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI=
 github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8=
 github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
@@ -11,12 +17,16 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
+github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o=
 github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
+github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
+github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=

diff --git a/options.go b/options.go
@@ -5,6 +5,7 @@ package wrapping
 
 import (
 	"errors"
+	"github.com/hashicorp/go-secure-stdlib/parseutil"
 )
 
 // GetOpts iterates the inbound Options and returns a struct
@@ -154,3 +155,27 @@ func WithoutHMAC() Option {
 		})
 	}
 }
+
+// ParsePaths is a helper function to take each string pointer argument and call parseutil.ParsePath,
+// replacing the contents of the target string with the result if no error occurs.  The function exits
+// early if it encounters an error.  In that case no passed fields will have been modified.
+//
+// If any passed pointer is nil it will be ignored.
+func ParsePaths(fields ...*string) error {
+	newVals := make([]string, len(fields))
+	for i := 0; i < len(fields); i++ {
+		if fields[i] != nil {
+			if newVal, err := parseutil.ParsePath(*fields[i], parseutil.WithNoTrimSpaces(true), parseutil.WithErrorOnMissingEnv(true)); err != nil && !errors.Is(err, parseutil.ErrNotAUrl) {
+				return err
+			} else {
+				newVals[i] = newVal
+			}
+		}
+	}
+	for i := 0; i < len(fields); i++ {
+		if fields[i] != nil {
+			*fields[i] = newVals[i]
+		}
+	}
+	return nil
+}
diff --git a/options_test.go b/options_test.go
@@ -112,3 +112,44 @@ func testOptionWithError(t *testing.T) Option {
 		})
 	}
 }
+
+func TestParsePaths(t *testing.T) {
+	type options struct {
+		optionA string
+		optionB string
+	}
+
+	test := options{
+		optionA: "Hello, World!",
+		optionB: "file://test-fixtures/secret.txt",
+	}
+	if err := ParsePaths(&test.optionA, &test.optionB); err != nil {
+		t.Fatal(err)
+	}
+	if test.optionB != "Top Secret" {
+		t.Fatalf("expected TopSecret, got %s", test.optionB)
+	}
+
+	// Test nil handling
+	test = options{
+		optionA: "file://test-fixtures/secret.txt",
+	}
+	if err := ParsePaths(nil, &test.optionA, nil); err != nil {
+		t.Fatal(err)
+	}
+	if test.optionA != "Top Secret" {
+		t.Fatalf("expected TopSecret, got %s", test.optionB)
+	}
+
+	// Test errors and error atomicity
+	test = options{
+		optionA: "file://test-fixtures/secret.txt",
+		optionB: "file://test-fixtures/missing.txt",
+	}
+	if err := ParsePaths(&test.optionA, &test.optionB); err == nil {
+		t.Fatal("expected error but didn't get one")
+	}
+	if test.optionA != "file://test-fixtures/secret.txt" {
+		t.Fatalf("optionA was overwritten despite encountering an error")
+	}
+}
diff --git a/test-fixtures/secret.txt b/test-fixtures/secret.txt
@@ -0,0 +1 @@
+Top Secret