Closed amol-gaikwad closed 3 years ago
Vault supports hmac verification as below but spring-vault doesn't provide a way to do it.
Request
curl --location --request POST 'https://127.0.0.1:8200/v1/transit/verify/default-mac/sha2-256' \ --header 'X-Vault-Token: s.NvdLGh4ohtgcXEShSCYfB73n' \ --header 'X-Vault-Request: true' \ --header 'Content-Type: application/json' \ --data-raw '{ "input": "QW1vbCBHYWlrd2FkIHFhOCBDcnlwdG8tYXBpIDIuMTIgZGF0YWJhc2UgOQ==", "hmac" : "vault:v1:VZMQieAS6eodoGvW9KybcMe1Er5EzyHwvp0XivUOYr8=" }'
Response
{ "request_id": "e0049996-0be7-6991-081f-045639742384", "lease_id": "", "renewable": false, "lease_duration": 0, "data": { "valid": true }, "wrap_info": null, "warnings": null, "auth": null }
Support is there in VaultTransitTemplate but it suffers from same issue as algorithm is passed in body instead of url path of transit api.
Vault supports hmac verification as below but spring-vault doesn't provide a way to do it.
Request
Response