github.com/hashicorp/vault/sdk@v0.11.0/helper/roottoken/encode.go

github.com/hashicorp/vault/sdk@v0.11.0/helper/roottoken/encode.go (about)

     1  // Copyright (c) HashiCorp, Inc.
     2  // SPDX-License-Identifier: MPL-2.0
     3  
     4  package roottoken
     5  
     6  import (
     7  	"encoding/base64"
     8  	"fmt"
     9  
    10  	"github.com/hashicorp/vault/sdk/helper/xor"
    11  )
    12  
    13  // EncodeToken gets a token and an OTP and encodes the token.
    14  // The OTP must have the same length as the token.
    15  func EncodeToken(token, otp string) (string, error) {
    16  	if len(token) == 0 {
    17  		return "", fmt.Errorf("no token provided")
    18  	} else if len(otp) == 0 {
    19  		return "", fmt.Errorf("no otp provided")
    20  	}
    21  
    22  	// This function performs decoding checks so rather than decode the OTP,
    23  	// just encode the value we're passing in.
    24  	tokenBytes, err := xor.XORBytes([]byte(otp), []byte(token))
    25  	if err != nil {
    26  		return "", fmt.Errorf("xor of root token failed: %w", err)
    27  	}
    28  	return base64.RawStdEncoding.EncodeToString(tokenBytes), nil
    29  }