- Sort Score
- Result 10 results
- Languages All
Results 1 - 6 of 6 for EncryptedDEKSourceType (0.39 sec)
-
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/v2/api.pb.go
// encryptedDEKSourceType defines the process of using the plaintext of encryptedDEKSource to determine the DEK. EncryptedDEKSourceType EncryptedDEKSourceType `protobuf:"varint,5,opt,name=encryptedDEKSourceType,proto3,enum=v2.EncryptedDEKSourceType" json:"encryptedDEKSourceType,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"`
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Oct 30 18:43:30 UTC 2023 - 8.2K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/v2/api.proto
// 2. The size of annotations keys + values is less than 32 kB. map<string, bytes> annotations = 4; // encryptedDEKSourceType defines the process of using the plaintext of encryptedDEKSource to determine the DEK. EncryptedDEKSourceType encryptedDEKSourceType = 5; } enum EncryptedDEKSourceType { // AES_GCM_KEY means that the plaintext of encryptedDEKSource is the DEK itself, with AES-GCM as the encryption algorithm.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Oct 30 18:43:30 UTC 2023 - 2.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/envelope.go
} if useSeed { o.EncryptedDEKSourceType = kmstypes.EncryptedDEKSourceType_HKDF_SHA256_XNONCE_AES_GCM_SEED } else { o.EncryptedDEKSourceType = kmstypes.EncryptedDEKSourceType_AES_GCM_KEY } if err := ValidateEncryptedObject(o); err != nil { return nil, nil, nil, err } cacheKey, err := generateCacheKey(o.EncryptedDEKSourceType, resp.Ciphertext, resp.KeyID, resp.Annotations)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Oct 27 00:23:50 UTC 2023 - 18.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/envelope_test.go
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Oct 25 16:50:20 UTC 2023 - 47.2K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/config_test.go
if tt.useSeed { validCiphertext = validCiphertext && gotState.EncryptedObject.EncryptedDEKSourceType == kmstypes.EncryptedDEKSourceType_HKDF_SHA256_XNONCE_AES_GCM_SEED } else { validCiphertext = validCiphertext && gotState.EncryptedObject.EncryptedDEKSourceType == kmstypes.EncryptedDEKSourceType_AES_GCM_KEY } if !validCiphertext {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 16 16:56:39 UTC 2024 - 72.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go
// this allows us to easily exercise both modes without restarting the API server // TODO integration test that this dynamically takes effect useSeed := GetKDF() stateUseSeed := state.EncryptedObject.EncryptedDEKSourceType == kmstypes.EncryptedDEKSourceType_HKDF_SHA256_XNONCE_AES_GCM_SEED // state is valid and status keyID is unchanged from when we generated this DEK/seed so there is no need to rotate it
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 16 16:56:39 UTC 2024 - 41.2K bytes - Viewed (0)