KEYVALUE:是否有一种方法可以证明存在秘密而不检索数据?作为更安全的读取方法
在我们的代码库中,我们希望一项服务能够验证是否存在秘密(键),而无需实际阅读秘密。在.NET 6上使用1.7.0.4
可以以这种方式完成此类请求:
curl https://myvaultserver/v1/secret/subkeys/mygroup/myservice
数据返回为:
{
"request_id": "2bd49db9-278a-0f25-6038-236897bdea5b",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": {
"metadata": {
"created_time": "2022-06-10T08:41:10.171396632Z",
"custom_metadata": null,
"deletion_time": "",
"destroyed": false,
"version": 16
},
"subkeys": {
"Quote__TeamsWebhook": null,
"RabbitMQ__ConnectionString": null,
"SqlServer__ClientCert": null,
"SqlServer__DataSource": null,
"SqlServer__Password": null,
"SqlServer__UserID": null
}
},
"wrap_info": null,
"warnings": null,
"auth": null
}
In our codebase we want a service to verify if a secret (key) is present without actually reading the secret. Using 1.7.0.4 on .NET 6
such a request can be done in this way :
curl https://myvaultserver/v1/secret/subkeys/mygroup/myservice
data is returned as:
{
"request_id": "2bd49db9-278a-0f25-6038-236897bdea5b",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": {
"metadata": {
"created_time": "2022-06-10T08:41:10.171396632Z",
"custom_metadata": null,
"deletion_time": "",
"destroyed": false,
"version": 16
},
"subkeys": {
"Quote__TeamsWebhook": null,
"RabbitMQ__ConnectionString": null,
"SqlServer__ClientCert": null,
"SqlServer__DataSource": null,
"SqlServer__Password": null,
"SqlServer__UserID": null
}
},
"wrap_info": null,
"warnings": null,
"auth": null
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论