- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 19 for Unseal (0.05 sec)
-
internal/crypto/key_test.go
} func TestSealUnsealKey(t *testing.T) { for i, test := range sealUnsealKeyTests { key := GenerateKey(test.SealExtKey[:], rand.Reader) sealedKey := key.Seal(test.SealExtKey[:], test.SealIV, test.SealDomain, test.SealBucket, test.SealObject) if err := key.Unseal(test.UnsealExtKey[:], sealedKey, test.UnsealDomain, test.UnsealBucket, test.UnsealObject); err == nil && !test.ShouldPass { t.Errorf("Test %d should fail but passed successfully", i)
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Jul 12 20:51:54 UTC 2024 - 6.7K bytes - Viewed (0) -
internal/crypto/key.go
} copy(sealedKey.Key[:], encryptedKey.Bytes()) return sealedKey } // Unseal decrypts a sealed key using the 256 bit external key. Since the sealed key // may be cryptographically bound to the object's path the same bucket/object as during sealing // must be provided. On success the ObjectKey contains the decrypted sealed key. func (key *ObjectKey) Unseal(extKey []byte, sealedKey SealedKey, domain, bucket, object string) error {
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Mar 19 20:28:10 UTC 2024 - 6.4K bytes - Viewed (0) -
internal/crypto/sse-s3.go
Name: keyID, Ciphertext: kmsKey, AssociatedData: kms.Context{bucket: path.Join(bucket, object)}, }) if err != nil { return key, err } err = key.Unseal(unsealKey, sealedKey, s3.String(), bucket, object) return key, err } // UnsealObjectsKeys extracts and decrypts all sealed object keys // from the metadata using the KMS and returns the decrypted object // keys. //
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue May 07 23:55:37 UTC 2024 - 7.6K bytes - Viewed (0) -
internal/crypto/sse-kms.go
} unsealKey, err := k.Decrypt(context.TODO(), &kms.DecryptRequest{ Name: keyID, Ciphertext: kmsKey, AssociatedData: ctx, }) if err != nil { return key, err } err = key.Unseal(unsealKey, sealedKey, s3.String(), bucket, object) return key, err } // CreateMetadata encodes the sealed object key into the metadata and returns
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue May 07 23:55:37 UTC 2024 - 8.5K bytes - Viewed (0) -
cmd/encryption-v1.go
if err = objectKey.Unseal(oldKey, sealedKey, crypto.S3.String(), bucket, object); err != nil { return err } newKey, err := GlobalKMS.GenerateKey(ctx, &kms.GenerateKeyRequest{ Name: GlobalKMS.DefaultKey, AssociatedData: kms.Context{bucket: path.Join(bucket, object)}, }) if err != nil { return err }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Sun Oct 13 13:06:08 UTC 2024 - 37.2K bytes - Viewed (0) -
cmd/bucket-metadata.go
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Wed Aug 28 15:32:18 UTC 2024 - 18.2K bytes - Viewed (0) -
internal/crypto/error.go
errMissingInternalSealAlgorithm = Errorf("The object metadata is missing the internal seal algorithm") errInvalidInternalIV = Errorf("The internal encryption IV is malformed") errInvalidInternalSealAlgorithm = Errorf("The internal seal algorithm is invalid and not supported") ) // errOutOfEntropy indicates that the a source of randomness (PRNG) wasn't able
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Thu Mar 28 17:44:56 UTC 2024 - 4.4K bytes - Viewed (0) -
cmd/handler-utils.go
var validSSEReplicationHeaders = map[string]string{ "X-Minio-Internal-Server-Side-Encryption-Sealed-Key": "X-Minio-Replication-Server-Side-Encryption-Sealed-Key", "X-Minio-Internal-Server-Side-Encryption-Seal-Algorithm": "X-Minio-Replication-Server-Side-Encryption-Seal-Algorithm", "X-Minio-Internal-Server-Side-Encryption-Iv": "X-Minio-Replication-Server-Side-Encryption-Iv",
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Mon Jun 10 15:31:51 UTC 2024 - 15.5K bytes - Viewed (0) -
internal/crypto/metadata_test.go
t.Errorf("Test %d: sealed KMS data mismatch: got '%v' - want '%v'", i, kmsKey, test.SealedDataKey) } if sealedKey.Algorithm != test.SealedKey.Algorithm { t.Errorf("Test %d: seal algorithm mismatch: got '%s' - want '%s'", i, sealedKey.Algorithm, test.SealedKey.Algorithm) } if !bytes.Equal(sealedKey.IV[:], test.SealedKey.IV[:]) {
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Jul 12 20:51:54 UTC 2024 - 18.7K bytes - Viewed (0) -
internal/crypto/sse-c.go
// metadata map if metadata is nil. func (ssec) CreateMetadata(metadata map[string]string, sealedKey SealedKey) map[string]string { if sealedKey.Algorithm != SealAlgorithm { logger.CriticalIf(context.Background(), Errorf("The seal algorithm '%s' is invalid for SSE-C", sealedKey.Algorithm)) } if metadata == nil { metadata = make(map[string]string, 3) } metadata[MetaAlgorithm] = SealAlgorithm
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Thu Jan 18 07:03:17 UTC 2024 - 5.2K bytes - Viewed (0)