eising/sshecret
1
0
Fork 0
Code Issues 28 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Write new secret manager using existing RSA logic

Browse Source
This commit is contained in:
Allan Eising
2025-06-22 17:17:56 +02:00
parent 5985a726e3
commit 82ec7fabb4
34 changed files with 2042 additions and 640 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
packages/sshecret-sshd/src/sshecret_sshd/commands/shelldriver.py
View File

@ -140,11 +140,23 @@ class ShellStoreSecret(CommandDispatcher):
secret=secret_name,
)
await self.store_managed_secret(secret_name, secret_data)
def encrypt_secret(self, value: str) -> str:
"""Encrypt a secret."""
public_key = load_public_key(self.client.public_key.encode())
return encrypt_string(value, public_key)
async def store_managed_secret(self, secret_name: str, secret_data: str) -> None:
"""Store managed secret."""
system_client = await self.backend.get_system_client()
if not system_client:
return
public_key = load_public_key(system_client.public_key.encode())
encrypted = encrypt_string(secret_data, public_key)
await self.backend.create_client_secret(("id", str(system_client.id)), secret_name, encrypted)
await self.audit(operation=Operation.CREATE, message="Managed secret entry created.", secret=secret_name)
async def get_secret_on_stdin(self) -> str | None:
"""Get secret from stdin."""
secret_data = ""