func handleSysRekeyInitPut(core *vault.Core, w http.ResponseWriter, r *http.Request) { // Parse the request var req RekeyRequest if err := parseRequest(r, &req); err != nil { respondError(w, http.StatusBadRequest, err) return } if req.Backup && len(req.PGPKeys) == 0 { respondError(w, http.StatusBadRequest, fmt.Errorf("cannot request a backup of the new keys without providing PGP keys for encryption")) } // Initialize the rekey err := core.RekeyInit(&vault.SealConfig{ SecretShares: req.SecretShares, SecretThreshold: req.SecretThreshold, PGPKeys: req.PGPKeys, Backup: req.Backup, }) if err != nil { respondError(w, http.StatusBadRequest, err) return } handleSysRekeyInitGet(core, w, r) }
func handleSysRekeyInitPut(core *vault.Core, w http.ResponseWriter, r *http.Request) { // Parse the request var req RekeyRequest if err := parseRequest(r, &req); err != nil { respondError(w, http.StatusBadRequest, err) return } // Initialize the rekey err := core.RekeyInit(&vault.SealConfig{ SecretShares: req.SecretShares, SecretThreshold: req.SecretThreshold, }) if err != nil { respondError(w, http.StatusBadRequest, err) return } respondOk(w, nil) }
func handleSysRekeyInitPut(core *vault.Core, recovery bool, w http.ResponseWriter, r *http.Request) { // Parse the request var req RekeyRequest if err := parseRequest(r, &req); err != nil { respondError(w, http.StatusBadRequest, err) return } if req.Backup && len(req.PGPKeys) == 0 { respondError(w, http.StatusBadRequest, fmt.Errorf("cannot request a backup of the new keys without providing PGP keys for encryption")) return } // Right now we don't support this, but the rest of the code is ready for // when we do, hence the check below for this to be false if // StoredShares is greater than zero if core.SealAccess().StoredKeysSupported() { respondError(w, http.StatusBadRequest, fmt.Errorf("rekeying of barrier not supported when stored key support is available")) return } // Initialize the rekey err := core.RekeyInit(&vault.SealConfig{ SecretShares: req.SecretShares, SecretThreshold: req.SecretThreshold, StoredShares: req.StoredShares, PGPKeys: req.PGPKeys, Backup: req.Backup, }, recovery) if err != nil { respondError(w, http.StatusBadRequest, err) return } handleSysRekeyInitGet(core, recovery, w, r) }