rebase: bump github.com/IBM/keyprotect-go-client from 0.9.1 to 0.9.2

Bumps [github.com/IBM/keyprotect-go-client](https://github.com/IBM/keyprotect-go-client) from 0.9.1 to 0.9.2. - [Release notes](https://github.com/IBM/keyprotect-go-client/releases) - [Changelog](https://github.com/IBM/keyprotect-go-client/blob/master/CHANGELOG.md) - [Commits](https://github.com/IBM/keyprotect-go-client/compare/v0.9.1...v0.9.2) --- updated-dependencies: - dependency-name: github.com/IBM/keyprotect-go-client dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2024-11-09 16:00:22 +00:00 · 2022-12-19 20:02:34 +00:00 · 2022-12-19 20:02:34 +00:00 · bbcb0eb83e
commit bbcb0eb83e
parent 911bc6eabc
8 changed files with 109 additions and 20 deletions
--- a/go.mod
+++ b/go.mod
@ -3,7 +3,7 @@ module github.com/ceph/ceph-csi
 go 1.18

 require (
-	github.com/IBM/keyprotect-go-client v0.9.1
+	github.com/IBM/keyprotect-go-client v0.9.2
 	github.com/aws/aws-sdk-go v1.44.146
 	github.com/aws/aws-sdk-go-v2/service/sts v1.17.6
 	github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
--- a/go.sum
+++ b/go.sum
@ -81,8 +81,8 @@ github.com/DataDog/datadog-go v2.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3
 github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
 github.com/DataDog/zstd v1.4.4/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo=
 github.com/IBM/keyprotect-go-client v0.5.1/go.mod h1:5TwDM/4FRJq1ZOlwQL1xFahLWQ3TveR88VmL1u3njyI=
-github.com/IBM/keyprotect-go-client v0.9.1 h1:uoPmFX3voN/tH0o9+MdmGAI5/Bf1o25qv82QutQzvVU=
-github.com/IBM/keyprotect-go-client v0.9.1/go.mod h1:yr8h2noNgU8vcbs+vhqoXp3Lmv73PI0zAc6VMgFvWwM=
+github.com/IBM/keyprotect-go-client v0.9.2 h1:3fdmKVRl3gBWw6YJhPxLBJEHFbLhj/1v96qvevZdJdE=
+github.com/IBM/keyprotect-go-client v0.9.2/go.mod h1:yr8h2noNgU8vcbs+vhqoXp3Lmv73PI0zAc6VMgFvWwM=
 github.com/Jeffail/gabs v1.1.1 h1:V0uzR08Hj22EX8+8QMhyI9sX2hwRu+/RJhJUmnwda/E=
 github.com/Jeffail/gabs v1.1.1/go.mod h1:6xMvQMK4k33lb7GUUpaAPh6nKMmemQeg5d4gn7/bOXc=
 github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y=
--- a/vendor/github.com/IBM/keyprotect-go-client/.bumpversion.cfg
+++ b/vendor/github.com/IBM/keyprotect-go-client/.bumpversion.cfg
@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 0.9.1
+current_version = 0.9.2
 commit = True
 message = Update version {current_version} -> {new_version} [skip ci]

--- a/vendor/github.com/IBM/keyprotect-go-client/CHANGELOG.md
+++ b/vendor/github.com/IBM/keyprotect-go-client/CHANGELOG.md
@ -1,3 +1,10 @@
+## [0.9.2](https://github.com/IBM/keyprotect-go-client/compare/v0.9.1...v0.9.2) (2022-12-14)
+
+
+### Bug Fixes
+
+* **build:**  Support for Custom-Header ([#102](https://github.com/IBM/keyprotect-go-client/issues/102)) & wrap() with key version ([d6df84a](https://github.com/IBM/keyprotect-go-client/commit/d6df84af4c56ddcb1543eb91151942db5d5f1d28))
+
 ## [0.9.1](https://github.com/IBM/keyprotect-go-client/compare/v0.9.0...v0.9.1) (2022-12-06)


--- a/vendor/github.com/IBM/keyprotect-go-client/README.md
+++ b/vendor/github.com/IBM/keyprotect-go-client/README.md
@ -1,4 +1,4 @@
-# IBM Cloud Go SDK Version 0.9.1
+# IBM Cloud Go SDK Version 0.9.2

 # keyprotect-go-client

@ -341,3 +341,34 @@ if err != nil {
 }
 fmt.Println(keys)
 ```
+
+### Support for Adding Custom Header
+
+
+1) From ServiceClient (For Every API Call)
+```go
+cc := kp.ClientConfig{
+    BaseURL:    "BASE_URL",
+    APIKey:     "API_KEY",
+    InstanceID: "INSTANCE_ID",
+    Headers: http.Header{
+      "Custom-Header":  {"Custom-Value"},
+    },
+  }
+```
+
+2) From ServiceCall (Per API Call)
+
+* Define Header just before the API Call and Empty out when done.
+
+```go
+client.Config.Headers = make(http.Header))
+client.Config.Headers.Set("Custom-Header", "Custom-Header-Value")
+
+key, err := client.CreateKey(params)
+  if err != nil {
+    panic(err)
+  }
+
+client.Config.Headers = http.Header{}
+```
--- a/vendor/github.com/IBM/keyprotect-go-client/keys.go
+++ b/vendor/github.com/IBM/keyprotect-go-client/keys.go
@ -112,13 +112,20 @@ type KeyVersions struct {
 // KeysActionRequest represents request parameters for a key action
 // API call.
 type KeysActionRequest struct {
-	PlainText           string   `json:"plaintext,omitempty"`
-	AAD                 []string `json:"aad,omitempty"`
-	CipherText          string   `json:"ciphertext,omitempty"`
-	Payload             string   `json:"payload,omitempty"`
-	EncryptedNonce      string   `json:"encryptedNonce,omitempty"`
-	IV                  string   `json:"iv,omitempty"`
-	EncryptionAlgorithm string   `json:"encryptionAlgorithm,omitempty"`
+	PlainText           string      `json:"plaintext,omitempty"`
+	AAD                 []string    `json:"aad,omitempty"`
+	CipherText          string      `json:"ciphertext,omitempty"`
+	Payload             string      `json:"payload,omitempty"`
+	EncryptedNonce      string      `json:"encryptedNonce,omitempty"`
+	IV                  string      `json:"iv,omitempty"`
+	EncryptionAlgorithm string      `json:"encryptionAlgorithm,omitempty"`
+	KeyVersion          *KeyVersion `json:"keyVersion,,omitempty"`
+}
+
+type KeyActionResponse struct {
+	PlainText  string      `json:"plaintext,omitempty"`
+	CipherText string      `json:"ciphertext,omitempty"`
+	KeyVersion *KeyVersion `json:"keyVersion,,omitempty"`
 }

 type KeyVersion struct {
@ -548,6 +555,43 @@ func (c *Client) wrap(ctx context.Context, idOrAlias string, plainText []byte, a
 	return pt, ct, nil
 }

+// WrapWithKeyVersion function supports KeyVersion Details, PlainText and Cyphertext in response
+func (c *Client) WrapV2(ctx context.Context, idOrAlias string, plainText []byte, additionalAuthData *[]string) (*KeyActionResponse, error) {
+	keysActionReq := &KeysActionRequest{}
+	keyActionRes := &KeyActionResponse{}
+
+	if plainText != nil {
+		_, err := base64.StdEncoding.DecodeString(string(plainText))
+		if err != nil {
+			return keyActionRes, err
+		}
+		keysActionReq.PlainText = string(plainText)
+	}
+
+	if additionalAuthData != nil {
+		keysActionReq.AAD = *additionalAuthData
+	}
+
+	keysAction, err := c.doKeysAction(ctx, idOrAlias, "wrap", keysActionReq)
+	if err != nil {
+		return keyActionRes, err
+	}
+
+	keyActionRes = &KeyActionResponse{
+		PlainText:  keysAction.PlainText,
+		CipherText: keysAction.CipherText,
+	}
+	if keysAction.KeyVersion != nil {
+		keyActionRes.KeyVersion = &KeyVersion{
+			ID: keysAction.KeyVersion.ID,
+		}
+		if keysAction.KeyVersion.CreationDate != nil {
+			keyActionRes.KeyVersion.CreationDate = keysAction.KeyVersion.CreationDate
+		}
+	}
+	return keyActionRes, nil
+}
+
 // Unwrap is deprecated since it returns only plaintext and doesn't know how to handle rotation.
 func (c *Client) Unwrap(ctx context.Context, idOrAlias string, cipherText []byte, additionalAuthData *[]string) ([]byte, error) {
 	plainText, _, err := c.UnwrapV2(ctx, idOrAlias, cipherText, additionalAuthData)
--- a/vendor/github.com/IBM/keyprotect-go-client/kp.go
+++ b/vendor/github.com/IBM/keyprotect-go-client/kp.go
@ -71,13 +71,14 @@ type ctxKey string
 // ClientConfig ...
 type ClientConfig struct {
 	BaseURL       string
-	Authorization string  // The IBM Cloud (Bluemix) access token
-	APIKey        string  // Service ID API key, can be used instead of an access token
-	TokenURL      string  // The URL used to get an access token from the API key
-	InstanceID    string  // The IBM Cloud (Bluemix) instance ID that identifies your Key Protect service instance.
-	KeyRing       string  // The ID of the target Key Ring the key is associated with. It is optional but recommended for better performance.
-	Verbose       int     // See verbose values above
-	Timeout       float64 // KP request timeout in seconds.
+	Authorization string      // The IBM Cloud (Bluemix) access token
+	APIKey        string      // Service ID API key, can be used instead of an access token
+	TokenURL      string      // The URL used to get an access token from the API key
+	InstanceID    string      // The IBM Cloud (Bluemix) instance ID that identifies your Key Protect service instance.
+	KeyRing       string      // The ID of the target Key Ring the key is associated with. It is optional but recommended for better performance.
+	Verbose       int         // See verbose values above
+	Timeout       float64     // KP request timeout in seconds.
+	Headers       http.Header // Support for Custom Header
 }

 // DefaultTransport ...
@ -255,6 +256,12 @@ func (c *Client) do(ctx context.Context, req *http.Request, res interface{}) (*h
 	if c.Config.KeyRing != "" {
 		req.Header.Set("x-kms-key-ring", c.Config.KeyRing)
 	}
+	// Adding check for Custom Header Input
+	if c.Config.Headers != nil {
+		for key, value := range c.Config.Headers {
+			req.Header.Set(key, strings.Join(value, ","))
+		}
+	}

 	// set request up to be retryable on 500-level http codes and client errors
 	retryableClient := getRetryableClient(&c.HttpClient)
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -1,4 +1,4 @@
-# github.com/IBM/keyprotect-go-client v0.9.1
+# github.com/IBM/keyprotect-go-client v0.9.2
 ## explicit; go 1.15
 github.com/IBM/keyprotect-go-client
 github.com/IBM/keyprotect-go-client/iam