Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 84 for kms (0.03 sec)

  1. internal/kms/kms.go

    	conn conn // Connection to the KMS
    
    	// Metrics
    	reqOK, reqErr, reqFail atomic.Uint64
    	latencyBuckets         []time.Duration // expected to be sorted
    	latency                []atomic.Uint64
    }
    
    // Version returns version information about the KMS.
    //
    // TODO(aead): refactor this API call since it does not account
    // for multiple KMS/KES servers.
    func (k *KMS) Version(ctx context.Context) (string, error) {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 11.5K bytes
    - Viewed (0)
  2. internal/crypto/sse-kms.go

    // on success. If the metadata contains both, a KMS master key ID and a sealed
    // KMS data key it returns both. If the metadata does not contain neither a
    // KMS master key ID nor a sealed KMS data key it returns an empty keyID and
    // KMS data key. Otherwise, it returns an error.
    func (ssekms) ParseMetadata(metadata map[string]string) (keyID string, kmsKey []byte, sealedKey SealedKey, ctx kms.Context, err error) {
    	// Extract all required values from object metadata
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 8.5K bytes
    - Viewed (0)
  3. cmd/kms-router.go

    	"github.com/minio/minio/internal/logger"
    	"github.com/minio/mux"
    )
    
    const (
    	kmsPathPrefix       = minioReservedBucketPath + "/kms"
    	kmsAPIVersion       = "v1"
    	kmsAPIVersionPrefix = SlashSeparator + kmsAPIVersion
    )
    
    type kmsAPIHandlers struct{}
    
    // registerKMSRouter - Registers KMS APIs
    func registerKMSRouter(router *mux.Router) {
    	kmsAPI := kmsAPIHandlers{}
    	kmsRouter := router.PathPrefix(kmsPathPrefix).Subrouter()
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 2.7K bytes
    - Viewed (0)
  4. cmd/kms-handlers_test.go

    	kmsKeyStatusPath = kmsURL + "/key/status"
    
    	// Admin API paths
    	// For example: /minio/admin/v3/kms/status
    	adminURL              = adminPathPrefix + adminAPIVersionPrefix
    	kmsAdminStatusPath    = adminURL + "/kms/status"
    	kmsAdminKeyStatusPath = adminURL + "/kms/key/status"
    	kmsAdminKeyCreate     = adminURL + "/kms/key/create"
    )
    
    const (
    	userAccessKey = "miniofakeuseraccesskey"
    	userSecretKey = "miniofakeusersecret"
    )
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 22.3K bytes
    - Viewed (0)
  5. cmd/kms-handlers.go

    		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAccessDenied), r.URL)
    		return
    	}
    
    	kmsContext := kms.Context{"MinIO admin API": "KMSKeyStatusHandler"} // Context for a test key operation
    	// 1. Generate a new key using the KMS.
    	key, err := GlobalKMS.GenerateKey(ctx, &kms.GenerateKeyRequest{Name: keyID, AssociatedData: kmsContext})
    	if err != nil {
    		response.EncryptionErr = err.Error()
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 10.1K bytes
    - Viewed (0)
  6. docs/site-replication/run-sse-kms-object-replication.sh

    # sleep for replication to complete
    sleep 30
    
    # Create bucket in source cluster
    echo "Create bucket in source MinIO instance"
    ./mc mb minio1/test-bucket --insecure
    
    # Enable SSE KMS for the bucket
    ./mc encrypt set sse-kms minio-default-key minio1/test-bucket --insecure
    
    # Load objects to source site
    echo "Loading objects to source MinIO instance"
    ./mc cp /tmp/data/encrypted minio1/test-bucket --insecure
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Oct 10 06:49:55 UTC 2024
    - 11.5K bytes
    - Viewed (0)
  7. docs/iam/policies/deny-non-sse-kms-objects.json

             "Principal":"*",
             "Action":"s3:PutObject",
             "Resource":"arn:aws:s3:::multi-key-poc/*",
             "Condition":{
                "Null":{
                   "s3:x-amz-server-side-encryption-aws-kms-key-id":"true"
                }
             }
          }
       ]
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 14 15:43:07 UTC 2024
    - 413 bytes
    - Viewed (0)
  8. docs/iam/policies/deny-objects-with-invalid-sse-kms-key-id.json

             "Principal":"*",
             "Action":"s3:PutObject",
             "Resource":"arn:aws:s3:::multi-key-poc/*",
             "Condition":{
                "StringNotEquals":{
                   "s3:x-amz-server-side-encryption-aws-kms-key-id":"minio-default-key"
                }
             }
          }
       ]
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 14 15:43:07 UTC 2024
    - 439 bytes
    - Viewed (0)
  9. internal/config/crypto.go

    	"github.com/minio/minio/internal/kms"
    	"github.com/secure-io/sio-go"
    	"github.com/secure-io/sio-go/sioutil"
    )
    
    // EncryptBytes encrypts the plaintext with a key managed by KMS.
    // The context is bound to the returned ciphertext.
    //
    // The same context must be provided when decrypting the
    // ciphertext.
    func EncryptBytes(k *kms.KMS, plaintext []byte, context kms.Context) ([]byte, error) {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 5K bytes
    - Viewed (0)
  10. internal/kms/secret-key.go

    )
    
    // ParseSecretKey parses s as <key-id>:<base64> and returns a
    // KMS that uses s as builtin single key as KMS implementation.
    func ParseSecretKey(s string) (*KMS, error) {
    	v := strings.SplitN(s, ":", 2)
    	if len(v) != 2 {
    		return nil, errors.New("kms: invalid secret key format")
    	}
    
    	keyID, b64Key := v[0], v[1]
    	key, err := base64.StdEncoding.DecodeString(b64Key)
    	if err != nil {
    		return nil, err
    	}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 8.3K bytes
    - Viewed (0)
Back to top