Skip to content

Commit

Permalink
Fix JSON serialization of SealGenerationInfo. (#22611)
Browse files Browse the repository at this point in the history
  • Loading branch information
victorr authored Aug 29, 2023
1 parent 5ac26d3 commit 7ed7bdd
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 1 deletion.
2 changes: 1 addition & 1 deletion command/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -2733,7 +2733,7 @@ func (c *ServerCommand) computeSealGenerationInfo(existingSealGenInfo *vaultseal
}
generation = existingSealGenInfo.Generation + 1
}
c.logger.Info("incrementing seal config gen, new generation: ", "generation", generation)
c.logger.Info("incrementing seal geneneration", "generation", generation)

// If the stored copy doesn't match the current configuration, we introduce a new generation
// which keeps track if a rewrap of all CSPs and seal wrapped values has completed (initially false).
Expand Down
1 change: 1 addition & 0 deletions vault/core.go
Original file line number Diff line number Diff line change
Expand Up @@ -2399,6 +2399,7 @@ func (s standardUnsealStrategy) unseal(ctx context.Context, logger log.Logger, c

if !sealGenerationInfo.IsRewrapped() {
// Flag migration performed for seal-rewrap later
c.logger.Trace("seal generation information indicates that a seal-rewrap is needed", "generation", sealGenerationInfo.Generation, "rewrapped", sealGenerationInfo.IsRewrapped())
atomic.StoreUint32(c.sealMigrationDone, 1)
}

Expand Down
28 changes: 28 additions & 0 deletions vault/seal/seal.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ package seal

import (
"context"
"encoding/json"
"errors"
"fmt"
"reflect"
Expand Down Expand Up @@ -130,6 +131,33 @@ func (sgi *SealGenerationInfo) IsRewrapped() bool {
return sgi.rewrapped.Load()
}

type sealGenerationInfoJson struct {
Generation uint64
Seals []*configutil.KMS
Rewrapped bool
}

func (sgi *SealGenerationInfo) MarshalJSON() ([]byte, error) {
return json.Marshal(sealGenerationInfoJson{
Generation: sgi.Generation,
Seals: sgi.Seals,
Rewrapped: sgi.IsRewrapped(),
})
}

func (sgi *SealGenerationInfo) UnmarshalJSON(b []byte) error {
var value sealGenerationInfoJson
if err := json.Unmarshal(b, &value); err != nil {
return err
}

sgi.Generation = value.Generation
sgi.Seals = value.Seals
sgi.SetRewrapped(value.Rewrapped)

return nil
}

type SealInfo struct {
wrapping.Wrapper
Priority int
Expand Down

0 comments on commit 7ed7bdd

Please sign in to comment.