Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 6 of 6 for NewGCMTransformer (0.4 sec)

  2. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/aes/aes_test.go 

    	}

	ctx := context.Background()
	tests := []struct {
		name string
		t    value.Transformer
	}{
		{name: "GCM 16 byte key", t: newGCMTransformer(t, aes16block, nil)},
		{name: "GCM 24 byte key", t: newGCMTransformer(t, aes24block, nil)},
		{name: "GCM 32 byte key", t: newGCMTransformer(t, aes32block, nil)},
		{name: "GCM 16 byte unsafe key", t: newGCMTransformerWithUniqueKeyUnsafeTest(t, aes16block, nil)},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jul 21 19:25:52 UTC 2023
    - 23.2K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/aes/aes_extended_nonce.go 

    	MinSeedSizeExtendedNonceGCM
)

// NewHKDFExtendedNonceGCMTransformer is the same as NewGCMTransformer but trades storage,
// memory and CPU to work around the limitations of AES-GCM's 12 byte nonce size.  The input seed
// is assumed to be a cryptographically strong slice of MinSeedSizeExtendedNonceGCM+ random bytes.
// Unlike NewGCMTransformer, this function is immune to the birthday attack because a new key is generated
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jul 21 19:25:52 UTC 2023
    - 6.8K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/aes/aes.go 

    // Do not change this value.  It would be a backward incompatible change.
const commonSize = 32

const keySizeCounterNonceGCM = commonSize

// NewGCMTransformerWithUniqueKeyUnsafe is the same as NewGCMTransformer but is unsafe for general
// use because it makes assumptions about the key underlying the block cipher.  Specifically,
// it uses a 96-bit nonce where the first 32 bits are random data and the remaining 64 bits are
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jul 21 19:25:52 UTC 2023
    - 9.6K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/envelope_test.go 

    	benchmarkRead(b, envelopeTransformer, 1024)
}

func BenchmarkAESGCMRead(b *testing.B) {
	block, err := aes.NewCipher(bytes.Repeat([]byte("a"), 32))
	if err != nil {
		b.Fatal(err)
	}

	aesGCMTransformer, err := aestransformer.NewGCMTransformer(block)
	if err != nil {
		b.Fatal(err)
	}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Mar 14 14:23:50 UTC 2023
    - 10.1K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go 

    			probe          healthChecker
			used           *kmsState
		)

		switch {
		case provider.AESGCM != nil:
			transformer, transformerErr = aesPrefixTransformer(provider.AESGCM, aestransformer.NewGCMTransformer, aesGCMTransformerPrefixV1)

		case provider.AESCBC != nil:
			cbcTransformer := func(block cipher.Block) (storagevalue.Transformer, error) {
				return aestransformer.NewCBCTransformer(block), nil
			}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu May 16 16:56:39 UTC 2024
    - 41.2K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/envelope.go 

    			return nil, err
		}
		// this is compatible with NewGCMTransformerWithUniqueKeyUnsafe for decryption
		// it would use random nonces for encryption but we never do that
		transformer, err = aestransformer.NewGCMTransformer(block)
	}
	if err != nil {
		return nil, err
	}
	t.cache.set(cacheKey, transformer)
	return transformer, nil
}

// doEncode encodes the EncryptedObject to a byte array.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Oct 27 00:23:50 UTC 2023
    - 18.7K bytes
    - Viewed (0)
Back to top