Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 40 for keyId (0.03 sec)

  1. internal/kms/secret-key.go

    	}
    	return &KMS{
    		Type:       Builtin,
    		DefaultKey: keyID,
    		conn: secretKey{
    			keyID: keyID,
    			key:   key,
    		},
    		latencyBuckets: defaultLatencyBuckets,
    		latency:        make([]atomic.Uint64, len(defaultLatencyBuckets)),
    	}, nil
    }
    
    // secretKey is a KMS implementation that derives new DEKs
    // from a single key.
    type secretKey struct {
    	keyID string
    	key   []byte
    }
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 8.3K bytes
    - Viewed (0)
  2. internal/crypto/sse-s3.go

    // KMS master key ID nor a sealed KMS data key it returns an empty keyID and
    // KMS data key. Otherwise, it returns an error.
    func (sses3) ParseMetadata(metadata map[string]string) (keyID string, kmsKey []byte, sealedKey SealedKey, err error) {
    	// Extract all required values from object metadata
    	b64IV, ok := metadata[MetaIV]
    	if !ok {
    		return keyID, kmsKey, sealedKey, errMissingInternalIV
    	}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 7.6K bytes
    - Viewed (0)
  3. internal/crypto/sse-kms.go

    		if err := json.Unmarshal(b, &ctx); err != nil {
    			return "", nil, err
    		}
    	}
    
    	keyID := h.Get(xhttp.AmzServerSideEncryptionKmsID)
    	spaces := strings.HasPrefix(keyID, " ") || strings.HasSuffix(keyID, " ")
    	if spaces {
    		return "", nil, ErrInvalidEncryptionKeyID
    	}
    	return strings.TrimPrefix(keyID, ARNPrefix), ctx, nil
    }
    
    // IsEncrypted returns true if the object metadata indicates
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 8.5K bytes
    - Viewed (0)
  4. cmd/kms-handlers.go

    		return
    	}
    
    	if GlobalKMS == nil {
    		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrKMSNotConfigured), r.URL)
    		return
    	}
    
    	keyID := r.Form.Get("key-id")
    	if keyID == "" {
    		keyID = GlobalKMS.DefaultKey
    	}
    	response := madmin.KMSKeyStatus{
    		KeyID: keyID,
    	}
    
    	// Ensure policy allows the user to get this key's status
    	cred, owner, s3Err := validateAdminSignature(ctx, r, "")
    	if s3Err != ErrNone {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 10.1K bytes
    - Viewed (0)
  5. internal/crypto/metadata_test.go

    			}
    		}
    		if !bytes.Equal(dataKey, test.DataKey) {
    			t.Errorf("Test %d: got data key '%v' - want data key '%v'", i, dataKey, test.DataKey)
    		}
    		if keyID != test.KeyID {
    			t.Errorf("Test %d: got key-ID '%v' - want key-ID '%v'", i, keyID, test.KeyID)
    		}
    		if sealedKey.Algorithm != test.SealedKey.Algorithm {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri Jul 12 20:51:54 UTC 2024
    - 18.7K bytes
    - Viewed (0)
  6. internal/kms/conn.go

    // MarshalText encodes the DEK's key ID and ciphertext
    // as JSON.
    func (d DEK) MarshalText() ([]byte, error) {
    	type JSON struct {
    		KeyID      string `json:"keyid"`
    		Version    uint32 `json:"version,omitempty"`
    		Ciphertext []byte `json:"ciphertext"`
    	}
    	return json.Marshal(JSON{
    		KeyID:      d.KeyID,
    		Version:    uint32(d.Version),
    		Ciphertext: d.Ciphertext,
    	})
    }
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 5K bytes
    - Viewed (0)
  7. internal/kms/secret-key_test.go

    		}
    	}
    }
    
    var decryptKeyTests = []struct {
    	KeyID      string
    	Plaintext  string
    	Ciphertext string
    	Context    Context
    }{
    	{
    		KeyID:      "my-key",
    		Plaintext:  "zmS7NrG765UZ0ZN85oPjybelxqVvpz01vxsSpOISy2M=",
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 2.9K bytes
    - Viewed (0)
  8. internal/kms/kes.go

    		}
    		return DEK{}, errKeyGenerationFailed(err)
    	}
    	return DEK{
    		KeyID:      name,
    		Plaintext:  dek.Plaintext,
    		Ciphertext: dek.Ciphertext,
    	}, nil
    }
    
    // ImportKey imports a cryptographic key into the KMS.
    func (c *kesConn) ImportKey(ctx context.Context, keyID string, bytes []byte) error {
    	return c.client.ImportKey(ctx, keyID, &kes.ImportKeyRequest{
    		Key: bytes,
    	})
    }
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 7.3K bytes
    - Viewed (0)
  9. internal/config/crypto.go

    		Version         = 1
    	)
    	var (
    		header [5]byte
    		buffer bytes.Buffer
    	)
    	json := jsoniter.ConfigCompatibleWithStandardLibrary
    	metadata, err := json.Marshal(encryptedObject{
    		KeyID:     key.KeyID,
    		KMSKey:    key.Ciphertext,
    		Algorithm: algorithm,
    		Nonce:     nonce,
    	})
    	if err != nil {
    		return nil, err
    	}
    	if len(metadata) > MaxMetadataSize {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 5K bytes
    - Viewed (0)
  10. cmd/encryption-v1.go

    	SSEDAREPackageMetaSize = 32 // 32 bytes
    
    )
    
    // KMSKeyID returns in AWS compatible KMS KeyID() format.
    func (o *ObjectInfo) KMSKeyID() string { return kmsKeyIDFromMetadata(o.UserDefined) }
    
    // KMSKeyID returns in AWS compatible KMS KeyID() format.
    func (o *MultipartInfo) KMSKeyID() string { return kmsKeyIDFromMetadata(o.UserDefined) }
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Oct 13 13:06:08 UTC 2024
    - 37.2K bytes
    - Viewed (0)
Back to top