rename AES256-cfb/SHA256 to AES256-CFB/SHA256 for consistency - hashi…

…corp#9556
StephanHCB · Aug 24, 2021 · e400b74 · e400b74
1 parent 09df752
commit e400b74
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 14 deletions.
diff --git a/internal/states/statecrypto/cryptoconfig/cryptoconfig.go b/internal/states/statecrypto/cryptoconfig/cryptoconfig.go
@@ -7,14 +7,14 @@ import (
 	"os"
 )
 
-const ClientSide_Aes256cfb_Sha256 = "client-side/AES256-cfb/SHA256"
+const ClientSide_Aes256cfb_Sha256 = "client-side/AES256-CFB/SHA256"
 
 // StateCryptoConfig holds the configuration for transparent client-side remote state encryption
 type StateCryptoConfig struct {
 	// Implementation selects the implementation to use
 	//
 	// supported values are
-	//   "client-side/AES256-cfb/SHA256"
+	//   "client-side/AES256-CFB/SHA256"
 	//   "" (means not encrypted, the default)
 	//
 	// supplying an unsupported value raises an error

diff --git a/internal/states/statecrypto/implementations/aes256state/aes256state_test.go b/internal/states/statecrypto/implementations/aes256state/aes256state_test.go
@@ -63,7 +63,7 @@ func compareErrors(got error, expected string) string {
 
 func conf(key string) cryptoconfig.StateCryptoConfig {
 	return cryptoconfig.StateCryptoConfig{
-		Implementation: "client-side/AES256-cfb/SHA256",
+		Implementation: "client-side/AES256-CFB/SHA256",
 		Parameters: map[string]string{
 			"key": key,
 		},

diff --git a/internal/states/statecrypto/implementations/aes256state/instance.go b/internal/states/statecrypto/implementations/aes256state/instance.go
@@ -2,7 +2,7 @@ package aes256state
 
 import "github.com/hashicorp/terraform/internal/states/statecrypto/cryptoconfig"
 
-// New creates a new client-side/AES256-cfb/SHA256 state encryption wrapper.
+// New creates a new client-side/AES256-CFB/SHA256 state encryption wrapper.
 func New(configuration cryptoconfig.StateCryptoConfig) (*AES256StateWrapper, error) {
 	instance := &AES256StateWrapper{}
 	err := instance.parseKeyFromConfiguration(configuration)

diff --git a/internal/states/statecrypto/statecrypto_test.go b/internal/states/statecrypto/statecrypto_test.go
@@ -55,7 +55,7 @@ func creationErrorCase(t *testing.T, jsonConfig string, expectedError string) {
 }
 
 const invalidConfigUnknownImpl = `{"implementation":"something-unknown","parameters":{"key":"a0a1a2a3a4a5a6a7a8a9b0b1b2b3b4b5b6b7b8b9c0c1c2c3c4c5c6c7c8c9d0d1"}}`
-const invalidConfigNoKey = `{"implementation":"client-side/AES256-cfb/SHA256","parameters":{}}`
+const invalidConfigNoKey = `{"implementation":"client-side/AES256-CFB/SHA256","parameters":{}}`
 
 func TestCreation_invalidConfigUnknownImpl(t *testing.T) {
 	creationErrorCase(t, invalidConfigUnknownImpl, "[ERROR] failed to configure remote state encryption: unsupported implementation 'something-unknown'")
@@ -67,9 +67,9 @@ func TestCreation_invalidConfigNoKey(t *testing.T) {
 
 // business scenarios
 
-const validConfigWithKey1 = `{"implementation":"client-side/AES256-cfb/SHA256","parameters":{"key":"a0a1a2a3a4a5a6a7a8a9b0b1b2b3b4b5b6b7b8b9c0c1c2c3c4c5c6c7c8c9d0d1"}}`
-const validConfigWithKey2 = `{"implementation":"client-side/AES256-cfb/SHA256","parameters":{"key":"89346775897897a35892735ffd34723489734ee238748293741abcdef0123456"}}`
-const validConfigWithKey3 = `{"implementation":"client-side/AES256-cfb/SHA256","parameters":{"key":"33336775897897a35892735ffd34723489734ee238748293741abcdef0123456"}}`
+const validConfigWithKey1 = `{"implementation":"client-side/AES256-CFB/SHA256","parameters":{"key":"a0a1a2a3a4a5a6a7a8a9b0b1b2b3b4b5b6b7b8b9c0c1c2c3c4c5c6c7c8c9d0d1"}}`
+const validConfigWithKey2 = `{"implementation":"client-side/AES256-CFB/SHA256","parameters":{"key":"89346775897897a35892735ffd34723489734ee238748293741abcdef0123456"}}`
+const validConfigWithKey3 = `{"implementation":"client-side/AES256-CFB/SHA256","parameters":{"key":"33336775897897a35892735ffd34723489734ee238748293741abcdef0123456"}}`
 
 const validPlaintext = `{"animals":[{"species":"cheetah","genus":"acinonyx"}]}`
 const validEncryptedKey1 = `{"crypted":"e93e3e7ad3434055251f695865a13c11744b97e54cb7dee8f8fb40d1fb096b728f2a00606e7109f0720aacb15008b410cf2f92dd7989c2ff10b9712b6ef7d69ecdad1dccd2f1bddd127f0f0d87c79c3c062e03c2297614e2effa2fb1f4072d86df0dda4fc061"}`

diff --git a/website/docs/cli/config/environment-variables.html.md b/website/docs/cli/config/environment-variables.html.md
@@ -173,7 +173,7 @@ Set `TF_REMOTE_STATE_ENCRYPTION` to a valid json document with two fields
 to enable client-side remote state encryption.
 
 ```shell
-export TF_REMOTE_STATE_ENCRYPTION='{"implementation":"client-side/AES256-cfb/SHA256","parameters":{"key":"a0a1a2a3a4a5a6a7a8a9b0b1b2b3b4b5b6b7b8b9c0c1c2c3c4c5c6c7c8c9d0d1"}}'
+export TF_REMOTE_STATE_ENCRYPTION='{"implementation":"client-side/AES256-CFB/SHA256","parameters":{"key":"a0a1a2a3a4a5a6a7a8a9b0b1b2b3b4b5b6b7b8b9c0c1c2c3c4c5c6c7c8c9d0d1"}}'
 ```
 
 Not setting this environment variable (or leaving it empty) disables this feature, that is Terraform sends 

diff --git a/website/docs/language/state/encryption.html.md b/website/docs/language/state/encryption.html.md
@@ -47,25 +47,25 @@ You set each of these to a json document with two fields
 
 to enable client-side remote state encryption. To disable, either do not set the variable at all or set it to a blank value.
 
-Right now, there is only one value for `implementation`: `client-side/AES256-cfb/SHA256`. 
+Right now, there is only one value for `implementation`: `client-side/AES256-CFB/SHA256`. 
 
 In the future, more state encryption providers may be added, such as:
 
 - asymmetric encryption with RSA public key cryptography
 - key retrieval from [Vault](https://www.vaultproject.io/)
 - ...
 
-### client-side/AES256-cfb/SHA256
+### client-side/AES256-CFB/SHA256
 
 This state crypto provider offers pure client-side symmetric encryption. 
 
 The key is not transferred to any third party. Note that this places the burden of key management on you
 and you alone.
 
-Encryption is performed with AES256-cfb, using a fresh random initialization vector every time. Payload integrity
+Encryption is performed with AES256-CFB, using a fresh random initialization vector every time. Payload integrity
 is verified using a SHA256 hash over the plaintext, which is encrypted with the plaintext.
 
-_Implementation Name:_ `client-side/AES256-cfb/SHA256`
+_Implementation Name:_ `client-side/AES256-CFB/SHA256`
 
 _Parameters:_
 
@@ -74,7 +74,7 @@ _Parameters:_
 Example:
 
 ```shell
-export TF_REMOTE_STATE_ENCRYPTION='{"implementation":"client-side/AES256-cfb/SHA256","parameters":{"key":"a0a1a2a3a4a5a6a7a8a9b0b1b2b3b4b5b6b7b8b9c0c1c2c3c4c5c6c7c8c9d0d1"}}'
+export TF_REMOTE_STATE_ENCRYPTION='{"implementation":"client-side/AES256-CFB/SHA256","parameters":{"key":"a0a1a2a3a4a5a6a7a8a9b0b1b2b3b4b5b6b7b8b9c0c1c2c3c4c5c6c7c8c9d0d1"}}'
 ```
 
 ## State Encryption Lifecycle