Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 10 for SealedKey (0.09 sec)

  1. internal/crypto/sse-s3.go

    		if err != nil {
    			return keyID, kmsKey, sealedKey, Errorf("The internal sealed KMS data key for SSE-S3 is invalid")
    		}
    	}
    
    	sealedKey.Algorithm = algorithm
    	copy(sealedKey.IV[:], iv)
    	copy(sealedKey.Key[:], encryptedKey)
    	return keyID, kmsKey, sealedKey, nil
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 7.6K bytes
    - Viewed (0)
  2. internal/crypto/sse-c.go

    // metadata map if metadata is nil.
    func (ssec) CreateMetadata(metadata map[string]string, sealedKey SealedKey) map[string]string {
    	if sealedKey.Algorithm != SealAlgorithm {
    		logger.CriticalIf(context.Background(), Errorf("The seal algorithm '%s' is invalid for SSE-C", sealedKey.Algorithm))
    	}
    
    	if metadata == nil {
    		metadata = make(map[string]string, 3)
    	}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Jan 18 07:03:17 UTC 2024
    - 5.2K bytes
    - Viewed (0)
  3. internal/crypto/metadata_test.go

    		if sealedKey.Algorithm != test.SealedKey.Algorithm {
    			t.Errorf("Test %d: seal algorithm mismatch: got '%s' - want '%s'", i, sealedKey.Algorithm, test.SealedKey.Algorithm)
    		}
    		if !bytes.Equal(sealedKey.IV[:], test.SealedKey.IV[:]) {
    			t.Errorf("Test %d: IV mismatch: got '%v' - want '%v'", i, sealedKey.IV, test.SealedKey.IV)
    		}
    		if !bytes.Equal(sealedKey.Key[:], test.SealedKey.Key[:]) {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri Jul 12 20:51:54 UTC 2024
    - 18.7K bytes
    - Viewed (0)
  4. internal/crypto/doc.go

    //     -       SealedKey := DAREv2_Enc(KeyEncKey, ObjectKey)
    //     - enc_object_data := DAREv2_Enc(ObjectKey, object_data)
    //     -        metadata <- IV
    //     -        metadata <- SealedKey
    //     Output: enc_object_data, metadata
    //
    //  2. Decrypt:
    //     Input: ClientKey, bucket, object, metadata, enc_object_data
    //     -          IV <- metadata
    //     -   SealedKey <- metadata
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri Aug 26 19:52:29 UTC 2022
    - 5K bytes
    - Viewed (0)
  5. internal/crypto/sse-kms.go

    		if err = json.Unmarshal(b, &ctx); err != nil {
    			return keyID, kmsKey, sealedKey, ctx, Errorf("The internal sealed KMS context is invalid %w", err)
    		}
    	}
    
    	sealedKey.Algorithm = algorithm
    	copy(sealedKey.IV[:], iv)
    	copy(sealedKey.Key[:], encryptedKey)
    	return keyID, kmsKey, sealedKey, ctx, nil
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 8.5K bytes
    - Viewed (0)
  6. internal/crypto/key_test.go

    	var extKey, iv [32]byte
    	key := GenerateKey(extKey[:], rand.Reader)
    	sealedKey := key.Seal(extKey[:], iv, "SSE-S3", "bucket", "object")
    	sealedKey.Algorithm = InsecureSealAlgorithm
    	if err := key.Unseal(extKey[:], sealedKey, "SSE-S3", "bucket", "object"); err == nil {
    		t.Errorf("'%s' test succeeded but it should fail because the legacy algorithm was used", sealedKey.Algorithm)
    	}
    }
    
    var derivePartKeyTest = []struct {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri Jul 12 20:51:54 UTC 2024
    - 6.7K bytes
    - Viewed (0)
  7. internal/crypto/key.go

    func (key *ObjectKey) Unseal(extKey []byte, sealedKey SealedKey, domain, bucket, object string) error {
    	var unsealConfig sio.Config
    	switch sealedKey.Algorithm {
    	default:
    		return Errorf("The sealing algorithm '%s' is not supported", sealedKey.Algorithm)
    	case SealAlgorithm:
    		mac := hmac.New(sha256.New, extKey)
    		mac.Write(sealedKey.IV[:])
    		mac.Write([]byte(domain))
    		mac.Write([]byte(SealAlgorithm))
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Mar 19 20:28:10 UTC 2024
    - 6.4K bytes
    - Viewed (0)
  8. cmd/encryption-v1.go

    			AssociatedData: kmsCtx,
    		})
    		if err != nil {
    			return err
    		}
    
    		sealedKey := objectKey.Seal(newKey.Plaintext, crypto.GenerateIV(rand.Reader), crypto.S3KMS.String(), bucket, object)
    		crypto.S3KMS.CreateMetadata(metadata, newKey.KeyID, newKey.Ciphertext, sealedKey, cryptoCtx)
    		return nil
    	case crypto.SSEC:
    		sealedKey, err := crypto.SSEC.ParseMetadata(metadata)
    		if err != nil {
    			return err
    		}
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Oct 13 13:06:08 UTC 2024
    - 37.2K bytes
    - Viewed (0)
  9. internal/crypto/sse.go

    // from the metadata using the SSE-C client key.
    func unsealObjectKey(clientKey []byte, metadata map[string]string, bucket, object string) (key ObjectKey, err error) {
    	sealedKey, err := SSEC.ParseMetadata(metadata)
    	if err != nil {
    		return
    	}
    	err = key.Unseal(clientKey, sealedKey, SSEC.String(), bucket, object)
    	return
    }
    
    // EncryptSinglePart encrypts an io.Reader which must be the
    // body of a single-part PUT request.
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Aug 30 15:26:43 UTC 2022
    - 4.4K bytes
    - Viewed (0)
  10. cmd/bucket-metadata.go

    	if err != nil {
    		return
    	}
    
    	outbuf := bytes.NewBuffer(nil)
    	objectKey := crypto.GenerateKey(key.Plaintext, rand.Reader)
    	sealedKey := objectKey.Seal(key.Plaintext, crypto.GenerateIV(rand.Reader), crypto.S3.String(), bucket, "")
    	crypto.S3.CreateMetadata(metadata, key.KeyID, key.Ciphertext, sealedKey)
    	_, err = sio.Encrypt(outbuf, bytes.NewBuffer(input), sio.Config{Key: objectKey[:], MinVersion: sio.Version20, CipherSuites: fips.DARECiphers()})
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Aug 28 15:32:18 UTC 2024
    - 18.2K bytes
    - Viewed (0)
Back to top