Skip to content

Commit bb85f62

Browse files
alexellisalexellis
committed
Switch secret generate output from hex to base64 encoding
This output is now more comparable to the output from openssl which we used to recommend previously. Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
1 parent 0e3bfce commit bb85f62

File tree

2 files changed

+9
-9
lines changed

2 files changed

+9
-9
lines changed

commands/secret_generate.go

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ package commands
22

33
import (
44
"crypto/rand"
5-
"encoding/hex"
5+
"encoding/base64"
66
"fmt"
77
"os"
88
"path/filepath"
@@ -19,20 +19,20 @@ var secretGenerateCmd = &cobra.Command{
1919
Use: "generate",
2020
Short: "Generate a random secret value",
2121
Long: "Generate a cryptographically random secret suitable for HMAC payload signing or other shared secrets",
22-
Example: ` # Print a 32-byte hex-encoded secret to stdout
22+
Example: ` # Print a 32-byte base64-encoded secret to stdout
2323
faas-cli secret generate
2424
2525
# Write to a file
2626
faas-cli secret generate -o payload.txt
2727
28-
# Custom length (in bytes, output is hex-encoded)
28+
# Custom length in bytes
2929
faas-cli secret generate --length 64
3030
`,
3131
RunE: runSecretGenerate,
3232
}
3333

3434
func init() {
35-
secretGenerateCmd.Flags().IntVar(&generateLength, "length", 32, "Number of random bytes (output is hex-encoded, so 32 bytes = 64 hex chars)")
35+
secretGenerateCmd.Flags().IntVar(&generateLength, "length", 32, "Number of random bytes")
3636
secretGenerateCmd.Flags().StringVarP(&generateOutput, "output", "o", "", "Write to file instead of stdout")
3737

3838
secretCmd.AddCommand(secretGenerateCmd)
@@ -44,7 +44,7 @@ func runSecretGenerate(cmd *cobra.Command, args []string) error {
4444
return fmt.Errorf("generating random bytes: %w", err)
4545
}
4646

47-
secret := hex.EncodeToString(buf)
47+
secret := base64.StdEncoding.EncodeToString(buf)
4848

4949
if generateOutput != "" {
5050
dir := filepath.Dir(generateOutput)
@@ -57,7 +57,7 @@ func runSecretGenerate(cmd *cobra.Command, args []string) error {
5757
if err := os.WriteFile(generateOutput, []byte(secret), 0600); err != nil {
5858
return fmt.Errorf("writing secret: %w", err)
5959
}
60-
fmt.Printf("Wrote %d-byte secret (hex) to %s\n", generateLength, generateOutput)
60+
fmt.Printf("Wrote %d-byte secret to %s\n", generateLength, generateOutput)
6161
} else {
6262
fmt.Println(secret)
6363
}

commands/secret_generate_test.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -32,9 +32,9 @@ func TestSecretGenerateToFile(t *testing.T) {
3232
t.Fatalf("ReadFile: %v", err)
3333
}
3434

35-
// 32 bytes hex-encoded = 64 chars
36-
if len(data) != 64 {
37-
t.Fatalf("want 64 hex chars, got %d", len(data))
35+
// 32 bytes base64-encoded = 44 chars
36+
if len(data) != 44 {
37+
t.Fatalf("want 44 base64 chars, got %d", len(data))
3838
}
3939

4040
info, _ := os.Stat(outPath)

0 commit comments

Comments
 (0)