mirror of
https://github.com/fleetdm/fleet
synced 2026-05-23 00:49:03 +00:00
49 lines
1.1 KiB
Go
49 lines
1.1 KiB
Go
package luks
|
|
|
|
import (
|
|
"errors"
|
|
"regexp"
|
|
|
|
"github.com/fleetdm/fleet/v4/orbit/pkg/dialog"
|
|
)
|
|
|
|
type KeyEscrower interface {
|
|
SendLinuxKeyEscrowResponse(LuksResponse) error
|
|
}
|
|
|
|
type LuksRunner struct {
|
|
escrower KeyEscrower
|
|
notifier dialog.Dialog //nolint:structcheck,unused
|
|
}
|
|
|
|
type LuksResponse struct {
|
|
// Passphrase is a newly created passphrase generated by fleetd for securing the LUKS volume.
|
|
// This passphrase will be securely escrowed to the server.
|
|
Passphrase string
|
|
|
|
// KeySlot specifies the LUKS key slot where this new passphrase was created.
|
|
// It is currently not used, but may be useful in the future for passphrase rotation.
|
|
KeySlot *uint
|
|
|
|
// Salt is the salt used to generate the LUKS key.
|
|
Salt string
|
|
|
|
// Err is the error message that occurred during the escrow process.
|
|
Err string
|
|
}
|
|
|
|
func New(escrower KeyEscrower) *LuksRunner {
|
|
return &LuksRunner{
|
|
escrower: escrower,
|
|
}
|
|
}
|
|
|
|
func extractJSON(input []byte) ([]byte, error) {
|
|
// Regular expression to extract JSON
|
|
re := regexp.MustCompile(`(?s)\{.*\}`)
|
|
match := re.FindString(string(input))
|
|
if match == "" {
|
|
return nil, errors.New("no JSON found")
|
|
}
|
|
return []byte(match), nil
|
|
}
|