Merge pull request #130 from Venafi/libraries-upgrading

VC-26776 - Upgrading libraries

go.mod

@@ -3,7 +3,7 @@ module github.com/Venafi/vault-pki-backend-venafi
 go 1.21
 
 require (
-	github.com/Venafi/vcert/v4 v4.24.0
+	github.com/Venafi/vcert/v5 v5.1.1
 	github.com/hashicorp/go-hclog v1.5.0
 	github.com/hashicorp/vault/api v1.10.0
 	github.com/hashicorp/vault/sdk v0.10.0
@@ -62,19 +62,26 @@ require (
 	github.com/pierrec/lz4 v2.6.1+incompatible // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/ryanuber/go-glob v1.0.0 // indirect
+	github.com/smartystreets/goconvey v1.8.1 // indirect
+	github.com/sosodev/duration v1.1.0 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
+	go.uber.org/multierr v1.6.0 // indirect
+	go.uber.org/zap v1.23.0 // indirect
 	golang.org/x/crypto v0.13.0 // indirect
 	golang.org/x/mod v0.9.0 // indirect
 	golang.org/x/net v0.15.0 // indirect
+	golang.org/x/oauth2 v0.10.0 // indirect
 	golang.org/x/sys v0.12.0 // indirect
 	golang.org/x/text v0.13.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.7.0 // indirect
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect
 	google.golang.org/grpc v1.57.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/ini.v1 v1.51.0 // indirect
 	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

plugin/pki/backend.go

@@ -2,10 +2,11 @@ package pki
 
 import (
 	"context"
-	"github.com/hashicorp/vault/sdk/framework"
-	"github.com/hashicorp/vault/sdk/logical"
 	"strings"
 	"sync"
+
+	"github.com/hashicorp/vault/sdk/framework"
+	"github.com/hashicorp/vault/sdk/logical"
 )
 
 // Factory creates a new backend implementing the logical.Backend interface

plugin/pki/backend_test.go

@@ -2,9 +2,11 @@ package pki
 
 import (
 	"context"
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
-	"github.com/hashicorp/vault/sdk/logical"
 	"testing"
+
+	"github.com/hashicorp/vault/sdk/logical"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func TestFakeRolesConfigurations(t *testing.T) {
@@ -55,7 +57,7 @@ func TestFakeVenafiSecretsConfigurations(t *testing.T) {
 	t.Run("delete venafi secret", integrationTestEnv.DeleteVenafi)
 }
 
-//Testing all endpoints with fake vcert CA
+// Testing all endpoints with fake vcert CA
 func TestFakeEndpoints(t *testing.T) {
 	integrationTestEnv, err := NewIntegrationTestEnv()
 	if err != nil {
@@ -75,7 +77,7 @@ func TestFakeEndpoints(t *testing.T) {
 
 }
 
-//testing store_by no_store and deprecated store_by_cn and store_by_serial options
+// testing store_by no_store and deprecated store_by_cn and store_by_serial options
 func TestFakeStoreByOptions(t *testing.T) {
 	integrationTestEnv, err := NewIntegrationTestEnv()
 	if err != nil {

plugin/pki/e2e/path_venafi_cert_e2e.go

@@ -9,7 +9,7 @@ import (
 
 	"github.com/Venafi/vault-pki-backend-venafi/plugin/pki"
 	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
-	"github.com/Venafi/vcert/v4/test"
+	"github.com/Venafi/vcert/v5/test"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 )

plugin/pki/path_roles.go

@@ -3,11 +3,12 @@ package pki
 import (
 	"context"
 	"fmt"
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 	"time"
 
 	"github.com/hashicorp/vault/sdk/framework"
 	"github.com/hashicorp/vault/sdk/logical"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func pathListRoles(b *backend) *framework.Path {

plugin/pki/path_roles_test.go

@@ -2,8 +2,9 @@ package pki
 
 import (
 	"fmt"
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 	"testing"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func TestRoleValidate(t *testing.T) {

plugin/pki/path_venafi_cert_enroll.go

@@ -9,24 +9,25 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
-	"github.com/Venafi/vcert/v4"
 	"net"
 	"regexp"
+	"sort"
 	"strings"
+	"sync"
 	"time"
 
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/pki/vpkierror"
-	"github.com/Venafi/vcert/v4/pkg/certificate"
-	"github.com/Venafi/vcert/v4/pkg/endpoint"
-	vcertutil "github.com/Venafi/vcert/v4/pkg/util"
-	"github.com/Venafi/vcert/v4/pkg/verror"
+	"github.com/Venafi/vcert/v5"
+	"github.com/Venafi/vcert/v5/pkg/certificate"
+	"github.com/Venafi/vcert/v5/pkg/endpoint"
+	vcertutil "github.com/Venafi/vcert/v5/pkg/util"
+	"github.com/Venafi/vcert/v5/pkg/verror"
 	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/sdk/framework"
 	"github.com/hashicorp/vault/sdk/helper/consts"
 	"github.com/hashicorp/vault/sdk/logical"
-	"sort"
-	"sync"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/pki/vpkierror"
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 type SyncedResponse struct {
@@ -936,9 +937,9 @@ func formRequest(reqData requestData, role *roleEntry, cl *endpoint.Connector, s
 	return certReq, nil
 }
 
-func getIssuerHint(is string) string {
+func getIssuerHint(is string) vcertutil.IssuerHint {
 
-	issuerHint := ""
+	var issuerHint vcertutil.IssuerHint
 
 	if is != "" {
 

plugin/pki/path_venafi_cert_enroll_test.go

@@ -1,9 +1,11 @@
 package pki
 
 import (
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
-	"github.com/Venafi/vcert/v4"
 	"testing"
+
+	"github.com/Venafi/vcert/v5"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func TestOriginInRequest(t *testing.T) {

plugin/pki/path_venafi_cert_read.go

@@ -2,9 +2,11 @@ package pki
 
 import (
 	"context"
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
+
 	"github.com/hashicorp/vault/sdk/framework"
 	"github.com/hashicorp/vault/sdk/logical"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func pathVenafiCertRead(b *backend) *framework.Path {

plugin/pki/path_venafi_cert_revoke.go

@@ -3,14 +3,16 @@ package pki
 import (
 	"context"
 	"fmt"
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
-	"github.com/Venafi/vcert/v4/pkg/certificate"
-	"github.com/Venafi/vcert/v4/pkg/endpoint"
-	"github.com/Venafi/vcert/v4/pkg/policy"
-	vcertutil "github.com/Venafi/vcert/v4/pkg/util"
+	"strings"
+
+	"github.com/Venafi/vcert/v5/pkg/certificate"
+	"github.com/Venafi/vcert/v5/pkg/endpoint"
+	"github.com/Venafi/vcert/v5/pkg/policy"
+	vcertutil "github.com/Venafi/vcert/v5/pkg/util"
 	"github.com/hashicorp/vault/sdk/framework"
 	"github.com/hashicorp/vault/sdk/logical"
-	"strings"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func pathVenafiCertRevoke(b *backend) *framework.Path {
@@ -70,6 +72,7 @@ func (b *backend) venafiCertRevoke(ctx context.Context, req *logical.Request, d
 	}
 
 	b.Logger().Debug("Creating Venafi client:")
+
 	cl, cfg, err := b.ClientVenafi(ctx, req, role)
 
 	if err != nil {

plugin/pki/path_venafi_secrets.go

@@ -5,11 +5,11 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
-	"github.com/hashicorp/vault/sdk/helper/consts"
-
 	"github.com/hashicorp/vault/sdk/framework"
+	"github.com/hashicorp/vault/sdk/helper/consts"
 	"github.com/hashicorp/vault/sdk/logical"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func pathCredentialsList(b *backend) *framework.Path {

plugin/pki/path_venafi_secrets_test.go

@@ -1,8 +1,9 @@
 package pki
 
 import (
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 	"testing"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func TestVenafiSecretValidate(t *testing.T) {

plugin/pki/test_env.go

@@ -18,10 +18,11 @@ import (
 	"testing"
 	"time"
 
+	vcertutil "github.com/Venafi/vcert/v5/pkg/util"
+	"github.com/hashicorp/vault/sdk/logical"
+
 	"github.com/Venafi/vault-pki-backend-venafi/plugin/pki/vpkierror"
 	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
-	vcertutil "github.com/Venafi/vcert/v4/pkg/util"
-	"github.com/hashicorp/vault/sdk/logical"
 )
 
 type venafiConfigString string
@@ -279,7 +280,8 @@ func (e *testEnv) writeRoleToBackend(t *testing.T, configString venafiConfigStri
 
 	ttl := strconv.Itoa(util.Role_ttl_test_property) + "h"
 	roleData["ttl"] = ttl
-	roleData["issuer_hint"] = vcertutil.IssuerHintMicrosoft
+	issuerHint := vcertutil.IssuerHintMicrosoft
+	roleData["issuer_hint"] = issuerHint.String()
 
 	resp, err := e.Backend.HandleRequest(e.Context, &logical.Request{
 		Operation: logical.UpdateOperation,
@@ -314,7 +316,8 @@ func (e *testEnv) writeRoleToBackendWithData(t *testing.T, configString venafiCo
 		ttl = data.ttl.String()
 	}
 	roleData["ttl"] = ttl
-	roleData["issuer_hint"] = vcertutil.IssuerHintMicrosoft
+	issuerHint := vcertutil.IssuerHintMicrosoft
+	roleData["issuer_hint"] = issuerHint.String()
 	if data.storeBy != "" {
 		roleData["store_by"] = data.storeBy
 	}

plugin/pki/util.go

@@ -2,9 +2,6 @@ package pki
 
 import (
 	"context"
-
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
-
 	"crypto/tls"
 	"crypto/x509"
 	"fmt"
@@ -15,11 +12,13 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/pki/vpkierror"
-	"github.com/Venafi/vcert/v4"
-	"github.com/Venafi/vcert/v4/pkg/endpoint"
-	"github.com/Venafi/vcert/v4/pkg/venafi/tpp"
+	"github.com/Venafi/vcert/v5"
+	"github.com/Venafi/vcert/v5/pkg/endpoint"
+	"github.com/Venafi/vcert/v5/pkg/venafi/tpp"
 	"github.com/hashicorp/vault/sdk/logical"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/pki/vpkierror"
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 const (

plugin/pki/util_test.go

@@ -1,8 +1,9 @@
 package pki
 
 import (
-	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 	"testing"
+
+	"github.com/Venafi/vault-pki-backend-venafi/plugin/util"
 )
 
 func TestSHA1SUM(t *testing.T) {

plugin/pki/vcert.go

@@ -3,14 +3,15 @@ package pki
 import (
 	"context"
 	"fmt"
-	"io/ioutil"
+	"os"
 
-	"github.com/Venafi/vcert/v4"
-	"github.com/Venafi/vcert/v4/pkg/endpoint"
+	"github.com/Venafi/vcert/v5"
+	"github.com/Venafi/vcert/v5/pkg/endpoint"
 	"github.com/hashicorp/vault/sdk/logical"
 )
 
 func (b *backend) ClientVenafi(ctx context.Context, req *logical.Request, role *roleEntry) (
+
 	endpoint.Connector, *vcert.Config, error) {
 
 	cfg, err := b.getConfig(ctx, req, role, false)
@@ -41,7 +42,8 @@ func (b *backend) getConfig(ctx context.Context, req *logical.Request, role *rol
 	var trustBundlePEM string
 	if venafiSecret.TrustBundleFile != "" {
 		b.Logger().Debug(fmt.Sprintf("Reading trust bundle from file: " + venafiSecret.TrustBundleFile))
-		trustBundle, err := ioutil.ReadFile(venafiSecret.TrustBundleFile)
+
+		trustBundle, err := os.ReadFile(venafiSecret.TrustBundleFile)
 		if err != nil {
 			return cfg, err
 		}

plugin/pki/vcert_test.go

@@ -7,13 +7,14 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
-	"github.com/Venafi/vcert/v4"
-	"github.com/Venafi/vcert/v4/pkg/certificate"
-	"github.com/Venafi/vcert/v4/pkg/endpoint"
-	"github.com/hashicorp/vault/sdk/logical"
 	"log"
 	"strings"
 	"testing"
+
+	"github.com/Venafi/vcert/v5"
+	"github.com/Venafi/vcert/v5/pkg/certificate"
+	"github.com/Venafi/vcert/v5/pkg/endpoint"
+	"github.com/hashicorp/vault/sdk/logical"
 )
 
 func TestPKIVcertIsWorking(t *testing.T) {

plugin/util/utils.go

@@ -7,14 +7,15 @@ import (
 	"encoding/hex"
 	"encoding/pem"
 	"fmt"
-	"github.com/Venafi/vcert/v4/pkg/util"
-	"github.com/youmark/pkcs8"
 	mathrand "math/rand"
 	"net"
 	"sort"
 	"strconv"
 	"strings"
 	"time"
+
+	"github.com/Venafi/vcert/v5/pkg/util"
+	"github.com/youmark/pkcs8"
 )
 
 func SliceContains(slice []string, item string) bool {