sneak/secret
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

uses protected memory buffers now for all secrets in ram

Browse Source
This commit is contained in:
Jeffrey Paul
2025-07-15 08:32:33 +02:00
parent d3ca006886
commit 7596049828
22 changed files with 786 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
internal/vault/vault_test.go
View File

@@ -122,8 +122,13 @@ func TestVaultOperations(t *testing.T) {
// Now add a secret
secretName := "test/secret"
secretValue := []byte("test-secret-value")
expectedValue := make([]byte, len(secretValue))
copy(expectedValue, secretValue)
err = vlt.AddSecret(secretName, secretValue, false)
secretBuffer := memguard.NewBufferFromBytes(secretValue)
defer secretBuffer.Destroy()
err = vlt.AddSecret(secretName, secretBuffer, false)
if err != nil {
t.Fatalf("Failed to add secret: %v", err)
}
@@ -152,8 +157,8 @@ func TestVaultOperations(t *testing.T) {
t.Fatalf("Failed to get secret: %v", err)
}
if string(retrievedValue) != string(secretValue) {
t.Errorf("Expected secret value '%s', got '%s'", string(secretValue), string(retrievedValue))
if string(retrievedValue) != string(expectedValue) {
t.Errorf("Expected secret value '%s', got '%s'", string(expectedValue), string(retrievedValue))
}
})