search

Versent / unicreds

unicreds is a CLI which manages secrets in AWS using DynamoDB and KMS.
https://github.com/Versent/unicreds
MIT License
117 stars 39 forks source link

unmarshal error with credstash saved secrets #75

Closed captn3m0 closed 6 years ago

captn3m0 commented 7 years ago
We face the following error:
``` credstash --region ap-south-1 --table credstash-prod-app get password unicreds --region ap-south-1 --table credstash-prod-app get password --debug • Configure AWS profile= region=ap-south-1 • Getting highest version secret ⨯ failed error=UnmarshalTypeError: cannot unmarshal binary into Go value of type string ```
`list` seems to work fine: ``` ./unicreds --region ap-south-1 --table=credstash-prod-app list +----------------------+---------------------+---------------+ | NAME | VERSION | CREATED-AT | +----------------------+---------------------+---------------+ | password | 0000000000000000000 | Not Available | ``` I've tried it with secrets having Version>0, and it still does not work and give the same error. Secrets have been stored using credstash.
captn3m0 commented 6 years ago

@wolfeidau Any chance this is a known issue/has a workaround?

aerostitch commented 6 years ago

I'm facing the same issue after switching to the latest version of credstash. The issue is that now the hmac is stored as a binary entry whith a sha256 digest when before it was a string. I guess the issue is similar here (I'm using custom code, not the command-line directly). I'll try to push a PR today to address that issue.

wolfeidau commented 6 years ago

I would love to get this fixed so I can do a release with the other PRs I merged today.

Ping me if you need anything.

aerostitch commented 6 years ago

I'm almost done with the PR.

aerostitch commented 6 years ago

PR pushed