Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 19 for GenerateKey (0.26 sec)

  2. github.com/minio/minio

    internal/kms/kes.go 

    	}, nil
}

// GenerateKey generates a new data encryption key using
// the key at the KES server referenced by the key ID.
//
// The default key ID will be used if keyID is empty.
//
// The context is associated and tied to the generated DEK.
// The same context must be provided when the generated
// key should be decrypted.
    Go
    - Registered: Sun Apr 21 19:28:08 GMT 2024
    - Last Modified: Tue Apr 16 15:43:39 GMT 2024
    - 14.9K bytes
    - Viewed (0)
  3. github.com/minio/minio

    internal/crypto/key_test.go 

    	logger.DisableErrorLog = true

	for i, test := range generateKeyTests {
		i, test := i, test
		func() {
			defer recoverTest(i, test.ShouldPass, t)
			key := GenerateKey(test.ExtKey[:], test.Random)
			if [32]byte(key) == [32]byte{} {
				t.Errorf("Test %d: generated key is zero key", i) // check that we generate random and unique key
			}
		}()
	}
}
    Go
    - Registered: Sun Apr 28 19:28:10 GMT 2024
    - Last Modified: Fri Feb 02 00:13:57 GMT 2024
    - 6.8K bytes
    - Viewed (0)
  4. github.com/minio/minio

    cmd/bucket-metadata.go 

    	if GlobalKMS == nil {
		output = input
		return
	}

	metadata := make(map[string]string)
	key, err := GlobalKMS.GenerateKey(ctx, "", kmsContext)
	if err != nil {
		return
	}

	outbuf := bytes.NewBuffer(nil)
	objectKey := crypto.GenerateKey(key.Plaintext, rand.Reader)
	sealedKey := objectKey.Seal(key.Plaintext, crypto.GenerateIV(rand.Reader), crypto.S3.String(), bucket, "")
    Go
    - Registered: Sun Apr 28 19:28:10 GMT 2024
    - Last Modified: Thu Apr 04 12:04:40 GMT 2024
    - 16.5K bytes
    - Viewed (0)
  5. github.com/minio/minio

    cmd/healthcheck-handler.go 

    		}
		return
	}

	// Verify if KMS is reachable if its configured
	if GlobalKMS != nil {
		ctx, cancel := context.WithTimeout(r.Context(), time.Minute)
		defer cancel()

		if _, err := GlobalKMS.GenerateKey(ctx, "", kms.Context{"healthcheck": ""}); err != nil {
			switch r.Method {
			case http.MethodHead:
				apiErr := toAPIError(r.Context(), err)
				writeResponse(w, apiErr.HTTPStatusCode, nil, mimeNone)
    Go
    - Registered: Sun Apr 28 19:28:10 GMT 2024
    - Last Modified: Wed Apr 03 21:13:20 GMT 2024
    - 6.5K bytes
    - Viewed (0)
  6. github.com/minio/minio

    internal/crypto/key.go 

    // ObjectKey is a 256 bit secret key used to encrypt the object.
// It must never be stored in plaintext.
type ObjectKey [32]byte

// GenerateKey generates a unique ObjectKey from a 256 bit external key
// and a source of randomness. If random is nil the default PRNG of the
// system (crypto/rand) is used.
func GenerateKey(extKey []byte, random io.Reader) (key ObjectKey) {
	if random == nil {
		random = rand.Reader
	}
    Go
    - Registered: Sun Apr 28 19:28:10 GMT 2024
    - Last Modified: Tue Mar 19 20:28:10 GMT 2024
    - 6.4K bytes
    - Viewed (0)
  7. github.com/minio/minio

    cmd/admin-handlers.go 

    		KeyID: keyID,
	}

	kmsContext := kms.Context{"MinIO admin API": "KMSKeyStatusHandler"} // Context for a test key operation
	// 1. Generate a new key using the KMS.
	key, err := GlobalKMS.GenerateKey(ctx, keyID, kmsContext)
	if err != nil {
		response.EncryptionErr = err.Error()
		resp, err := json.Marshal(response)
		if err != nil {
    Go
    - Registered: Sun Apr 28 19:28:10 GMT 2024
    - Last Modified: Sun Apr 21 11:43:18 GMT 2024
    - 97.3K bytes
    - Viewed (2)
  8. github.com/minio/minio

    internal/kms/single-key_test.go 

    )

func TestSingleKeyRoundtrip(t *testing.T) {
	KMS, err := Parse("my-key:eEm+JI9/q4JhH8QwKvf3LKo4DEBl6QbfvAl1CAbMIv8=")
	if err != nil {
		t.Fatalf("Failed to initialize KMS: %v", err)
	}

	key, err := KMS.GenerateKey(context.Background(), "my-key", Context{})
	if err != nil {
		t.Fatalf("Failed to generate key: %v", err)
	}
	plaintext, err := KMS.DecryptKey(key.KeyID, key.Ciphertext, Context{})
	if err != nil {
    Go
    - Registered: Sun Apr 21 19:28:08 GMT 2024
    - Last Modified: Tue Jul 19 01:54:27 GMT 2022
    - 3K bytes
    - Viewed (0)
  9. github.com/minio/minio

    docs/security/README.md 

    ### Server-Side Encryption with a KMS

SSE-S3 allows an S3 client to en/decrypt an object at the MinIO server using a KMS. The MinIO
server only assumes that the KMS provides two services:

- `GenerateKey`: Takes a key ID and generates a new data key from a master key referenced by the key ID. It returns the new data key in two different forms: The plain data key and the data key encrypted using the master key.
    Plain Text
    - Registered: Sun Apr 28 19:28:10 GMT 2024
    - Last Modified: Sat Feb 12 00:51:25 GMT 2022
    - 13.8K bytes
    - Viewed (0)
  10. github.com/minio/minio

    cmd/batch-rotate.go 

    			}
		}
		e.kmsContext = kms.Context{}
		for k, v := range ctx {
			e.kmsContext[k] = v
		}
		ctx["MinIO batch API"] = "batchrotate" // Context for a test key operation
		if _, err := GlobalKMS.GenerateKey(GlobalContext, e.Key, ctx); err != nil {
			return err
		}
	}
	return nil
}

// BatchKeyRotateFilter holds all the filters currently supported for batch replication
type BatchKeyRotateFilter struct {
    Go
    - Registered: Sun Apr 28 19:28:10 GMT 2024
    - Last Modified: Thu Apr 04 12:04:40 GMT 2024
    - 14.2K bytes
    - Viewed (0)
  11. github.com/minio/minio

    internal/kms/kms.go 

    	// CreateKey creates a new key at the KMS with the given key ID.
	CreateKey(ctx context.Context, keyID string) error

	// GenerateKey generates a new data encryption key using the
	// key referenced by the key ID.
	//
	// The KMS may use a default key if the key ID is empty.
	// GenerateKey returns an error if the referenced key does
	// not exist.
	//
	// The context is associated and tied to the generated DEK.
    Go
    - Registered: Sun Apr 21 19:28:08 GMT 2024
    - Last Modified: Fri Mar 01 21:09:42 GMT 2024
    - 4.6K bytes
    - Viewed (0)
Back to top