From 3dc796ecb831f7fe82457e8cb2740021d792235b Mon Sep 17 00:00:00 2001
From: Inverse Integral <inverseintegral42@gmail.com>
Date: Thu, 22 Aug 2024 21:59:34 +0200
Subject: [PATCH] Rename transit key type constants (#5058)

---
 .../keymanager/hashicorpvault/hashicorp_vault.go       |  8 ++++----
 .../plugin/keymanager/hashicorpvault/vault_client.go   | 10 +++++-----
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/pkg/server/plugin/keymanager/hashicorpvault/hashicorp_vault.go b/pkg/server/plugin/keymanager/hashicorpvault/hashicorp_vault.go
index a8dc39a9d7..fd82921010 100644
--- a/pkg/server/plugin/keymanager/hashicorpvault/hashicorp_vault.go
+++ b/pkg/server/plugin/keymanager/hashicorpvault/hashicorp_vault.go
@@ -362,13 +362,13 @@ func (p *Plugin) createKey(ctx context.Context, spireKeyID string, keyType keyma
 func convertToTransitKeyType(keyType keymanagerv1.KeyType) (*TransitKeyType, error) {
 	switch keyType {
 	case keymanagerv1.KeyType_EC_P256:
-		return to.Ptr(TransitKeyType_ECDSA_P256), nil
+		return to.Ptr(TransitKeyTypeECDSAP256), nil
 	case keymanagerv1.KeyType_EC_P384:
-		return to.Ptr(TransitKeyType_ECDSA_P384), nil
+		return to.Ptr(TransitKeyTypeECDSAP384), nil
 	case keymanagerv1.KeyType_RSA_2048:
-		return to.Ptr(TransitKeyType_RSA_2048), nil
+		return to.Ptr(TransitKeyTypeRSA2048), nil
 	case keymanagerv1.KeyType_RSA_4096:
-		return to.Ptr(TransitKeyType_RSA_4096), nil
+		return to.Ptr(TransitKeyTypeRSA4096), nil
 	default:
 		return nil, status.Errorf(codes.Internal, "unsupported key type: %v", keyType)
 	}
diff --git a/pkg/server/plugin/keymanager/hashicorpvault/vault_client.go b/pkg/server/plugin/keymanager/hashicorpvault/vault_client.go
index cfb9422259..6345fa9aa8 100644
--- a/pkg/server/plugin/keymanager/hashicorpvault/vault_client.go
+++ b/pkg/server/plugin/keymanager/hashicorpvault/vault_client.go
@@ -347,10 +347,10 @@ func (c *Client) LookupSelf(token string) (*vapi.Secret, error) {
 type TransitKeyType string
 
 const (
-	TransitKeyType_RSA_2048   TransitKeyType = "rsa-2048"
-	TransitKeyType_RSA_4096   TransitKeyType = "rsa-4096"
-	TransitKeyType_ECDSA_P256 TransitKeyType = "ecdsa-p256"
-	TransitKeyType_ECDSA_P384 TransitKeyType = "ecdsa-p384"
+	TransitKeyTypeRSA2048   TransitKeyType = "rsa-2048"
+	TransitKeyTypeRSA4096   TransitKeyType = "rsa-4096"
+	TransitKeyTypeECDSAP256 TransitKeyType = "ecdsa-p256"
+	TransitKeyTypeECDSAP384 TransitKeyType = "ecdsa-p384"
 )
 
 type TransitHashAlgorithm string
@@ -390,7 +390,7 @@ func (c *Client) GetKey(ctx context.Context, spireKeyID string) (*vapi.Secret, e
 
 func (c *Client) SignData(ctx context.Context, spireKeyID string, data string, hashAlgo TransitHashAlgorithm, signatureAlgo TransitSignatureAlgorithm) (*vapi.Secret, error) {
 	body := map[string]interface{}{
-		"key_version":           "0",
+		"key_version":           "0", // always use tha latest version
 		"input":                 data,
 		"signature_algorithm":   signatureAlgo,
 		"marshalling_algorithm": "asn1",