- Sort Score
- Result 10 results
- Languages All
Results 1 - 6 of 6 for NewGCMTransformer (0.4 sec)
-
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/aes/aes_test.go
} ctx := context.Background() tests := []struct { name string t value.Transformer }{ {name: "GCM 16 byte key", t: newGCMTransformer(t, aes16block, nil)}, {name: "GCM 24 byte key", t: newGCMTransformer(t, aes24block, nil)}, {name: "GCM 32 byte key", t: newGCMTransformer(t, aes32block, nil)}, {name: "GCM 16 byte unsafe key", t: newGCMTransformerWithUniqueKeyUnsafeTest(t, aes16block, nil)},
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jul 21 19:25:52 UTC 2023 - 23.2K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/aes/aes_extended_nonce.go
MinSeedSizeExtendedNonceGCM ) // NewHKDFExtendedNonceGCMTransformer is the same as NewGCMTransformer but trades storage, // memory and CPU to work around the limitations of AES-GCM's 12 byte nonce size. The input seed // is assumed to be a cryptographically strong slice of MinSeedSizeExtendedNonceGCM+ random bytes. // Unlike NewGCMTransformer, this function is immune to the birthday attack because a new key is generated
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jul 21 19:25:52 UTC 2023 - 6.8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/aes/aes.go
// Do not change this value. It would be a backward incompatible change. const commonSize = 32 const keySizeCounterNonceGCM = commonSize // NewGCMTransformerWithUniqueKeyUnsafe is the same as NewGCMTransformer but is unsafe for general // use because it makes assumptions about the key underlying the block cipher. Specifically, // it uses a 96-bit nonce where the first 32 bits are random data and the remaining 64 bits are
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jul 21 19:25:52 UTC 2023 - 9.6K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/envelope_test.go
benchmarkRead(b, envelopeTransformer, 1024) } func BenchmarkAESGCMRead(b *testing.B) { block, err := aes.NewCipher(bytes.Repeat([]byte("a"), 32)) if err != nil { b.Fatal(err) } aesGCMTransformer, err := aestransformer.NewGCMTransformer(block) if err != nil { b.Fatal(err) }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Mar 14 14:23:50 UTC 2023 - 10.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go
probe healthChecker used *kmsState ) switch { case provider.AESGCM != nil: transformer, transformerErr = aesPrefixTransformer(provider.AESGCM, aestransformer.NewGCMTransformer, aesGCMTransformerPrefixV1) case provider.AESCBC != nil: cbcTransformer := func(block cipher.Block) (storagevalue.Transformer, error) { return aestransformer.NewCBCTransformer(block), nil }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 16 16:56:39 UTC 2024 - 41.2K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/envelope.go
return nil, err } // this is compatible with NewGCMTransformerWithUniqueKeyUnsafe for decryption // it would use random nonces for encryption but we never do that transformer, err = aestransformer.NewGCMTransformer(block) } if err != nil { return nil, err } t.cache.set(cacheKey, transformer) return transformer, nil } // doEncode encodes the EncryptedObject to a byte array.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Oct 27 00:23:50 UTC 2023 - 18.7K bytes - Viewed (0)