diff --git a/config/interpolate_funcs.go b/config/interpolate_funcs.go index 85e69e14c..f682f46e9 100644 --- a/config/interpolate_funcs.go +++ b/config/interpolate_funcs.go @@ -23,6 +23,7 @@ import ( // Funcs is the mapping of built-in functions for configuration. func Funcs() map[string]ast.Function { return map[string]ast.Function{ + "base64sha256": interpolationFuncBase64Sha256(), "cidrhost": interpolationFuncCidrHost(), "cidrnetmask": interpolationFuncCidrNetmask(), "cidrsubnet": interpolationFuncCidrSubnet(), @@ -605,6 +606,7 @@ func interpolationFuncSha1() ast.Function { } } +// hexadecimal representation of sha256 sum func interpolationFuncSha256() ast.Function { return ast.Function{ ArgTypes: []ast.Type{ast.TypeString}, @@ -629,3 +631,18 @@ func interpolationFuncTrimSpace() ast.Function { }, } } + +func interpolationFuncBase64Sha256() ast.Function { + return ast.Function{ + ArgTypes: []ast.Type{ast.TypeString}, + ReturnType: ast.TypeString, + Callback: func(args []interface{}) (interface{}, error) { + s := args[0].(string) + h := sha256.New() + h.Write([]byte(s)) + shaSum := h.Sum(nil) + encoded := base64.StdEncoding.EncodeToString(shaSum[:]) + return encoded, nil + }, + } +} diff --git a/config/interpolate_funcs_test.go b/config/interpolate_funcs_test.go index a2c2a0fdd..08db08f44 100644 --- a/config/interpolate_funcs_test.go +++ b/config/interpolate_funcs_test.go @@ -849,7 +849,7 @@ func TestInterpolateFuncSha1(t *testing.T) { func TestInterpolateFuncSha256(t *testing.T) { testFunction(t, testFunctionConfig{ Cases: []testFunctionCase{ - { + { // hexadecimal representation of sha256 sum `${sha256("test")}`, "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08", false, @@ -870,6 +870,23 @@ func TestInterpolateFuncTrimSpace(t *testing.T) { }) } +func TestInterpolateFuncBase64Sha256(t *testing.T) { + testFunction(t, testFunctionConfig{ + Cases: []testFunctionCase{ + { + `${base64sha256("test")}`, + "n4bQgYhMfWWaL+qgxVrQFaO/TxsrC4Is0V1sFbDwCgg=", + false, + }, + { // This will differ because we're base64-encoding hex represantiation, not raw bytes + `${base64encode(sha256("test"))}`, + "OWY4NmQwODE4ODRjN2Q2NTlhMmZlYWEwYzU1YWQwMTVhM2JmNGYxYjJiMGI4MjJjZDE1ZDZjMTViMGYwMGEwOA==", + false, + }, + }, + }) +} + type testFunctionConfig struct { Cases []testFunctionCase Vars map[string]ast.Variable