Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 10 for SealedKey (0.29 sec)

  2. github.com/minio/minio

    internal/crypto/metadata_test.go 

    		}
		if sealedKey.Algorithm != test.SealedKey.Algorithm {
			t.Errorf("Test %d: seal algorithm mismatch: got '%s' - want '%s'", i, sealedKey.Algorithm, test.SealedKey.Algorithm)
		}
		if !bytes.Equal(sealedKey.IV[:], test.SealedKey.IV[:]) {
			t.Errorf("Test %d: IV mismatch: got '%v' - want '%v'", i, sealedKey.IV, test.SealedKey.IV)
		}
		if !bytes.Equal(sealedKey.Key[:], test.SealedKey.Key[:]) {
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Fri Feb 02 00:13:57 GMT 2024
    - 18.7K bytes
    - Viewed (0)
  3. github.com/minio/minio

    internal/crypto/key.go 

    func (key *ObjectKey) Unseal(extKey []byte, sealedKey SealedKey, domain, bucket, object string) error {
	var unsealConfig sio.Config
	switch sealedKey.Algorithm {
	default:
		return Errorf("The sealing algorithm '%s' is not supported", sealedKey.Algorithm)
	case SealAlgorithm:
		mac := hmac.New(sha256.New, extKey)
		mac.Write(sealedKey.IV[:])
		mac.Write([]byte(domain))
		mac.Write([]byte(SealAlgorithm))
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Tue Mar 19 20:28:10 GMT 2024
    - 6.4K bytes
    - Viewed (0)
  4. github.com/minio/minio

    internal/crypto/doc.go 

    //     -       SealedKey := DAREv2_Enc(KeyEncKey, ObjectKey)
//     - enc_object_data := DAREv2_Enc(ObjectKey, object_data)
//     -        metadata <- IV
//     -        metadata <- SealedKey
//     Output: enc_object_data, metadata
//
//  2. Decrypt:
//     Input: ClientKey, bucket, object, metadata, enc_object_data
//     -          IV <- metadata
//     -   SealedKey <- metadata
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Fri Aug 26 19:52:29 GMT 2022
    - 5K bytes
    - Viewed (0)
  5. github.com/minio/minio

    internal/crypto/sse-s3.go 

    		if err != nil {
			return keyID, kmsKey, sealedKey, Errorf("The internal sealed KMS data key for SSE-S3 is invalid")
		}
	}

	sealedKey.Algorithm = algorithm
	copy(sealedKey.IV[:], iv)
	copy(sealedKey.Key[:], encryptedKey)
	return keyID, kmsKey, sealedKey, nil
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Jan 18 07:03:17 GMT 2024
    - 8.5K bytes
    - Viewed (0)
  6. github.com/minio/minio

    internal/crypto/sse-c.go 

    // metadata map if metadata is nil.
func (ssec) CreateMetadata(metadata map[string]string, sealedKey SealedKey) map[string]string {
	if sealedKey.Algorithm != SealAlgorithm {
		logger.CriticalIf(context.Background(), Errorf("The seal algorithm '%s' is invalid for SSE-C", sealedKey.Algorithm))
	}

	if metadata == nil {
		metadata = make(map[string]string, 3)
	}
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Jan 18 07:03:17 GMT 2024
    - 5.2K bytes
    - Viewed (0)
  7. github.com/minio/minio

    internal/crypto/sse-kms.go 

    		if err = json.Unmarshal(b, &ctx); err != nil {
			return keyID, kmsKey, sealedKey, ctx, Errorf("The internal sealed KMS context is invalid %w", err)
		}
	}

	sealedKey.Algorithm = algorithm
	copy(sealedKey.IV[:], iv)
	copy(sealedKey.Key[:], encryptedKey)
	return keyID, kmsKey, sealedKey, ctx, nil
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Jan 18 07:03:17 GMT 2024
    - 8.4K bytes
    - Viewed (0)
  8. github.com/minio/minio

    internal/crypto/key_test.go 

    	var extKey, iv [32]byte
	key := GenerateKey(extKey[:], rand.Reader)
	sealedKey := key.Seal(extKey[:], iv, "SSE-S3", "bucket", "object")
	sealedKey.Algorithm = InsecureSealAlgorithm
	if err := key.Unseal(extKey[:], sealedKey, "SSE-S3", "bucket", "object"); err == nil {
		t.Errorf("'%s' test succeeded but it should fail because the legacy algorithm was used", sealedKey.Algorithm)
	}
}

var derivePartKeyTest = []struct {
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Fri Feb 02 00:13:57 GMT 2024
    - 6.8K bytes
    - Viewed (0)
  9. github.com/minio/minio

    cmd/encryption-v1.go 

    		if err != nil {
			return err
		}

		sealedKey := objectKey.Seal(newKey.Plaintext, crypto.GenerateIV(rand.Reader), crypto.S3KMS.String(), bucket, object)
		crypto.S3KMS.CreateMetadata(metadata, newKey.KeyID, newKey.Ciphertext, sealedKey, cryptoCtx)
		return nil
	case crypto.SSEC:
		sealedKey, err := crypto.SSEC.ParseMetadata(metadata)
		if err != nil {
			return err
		}
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Apr 04 12:04:40 GMT 2024
    - 36.5K bytes
    - Viewed (0)
  10. github.com/minio/minio

    cmd/bucket-metadata.go 

    	if err != nil {
		return
	}

	outbuf := bytes.NewBuffer(nil)
	objectKey := crypto.GenerateKey(key.Plaintext, rand.Reader)
	sealedKey := objectKey.Seal(key.Plaintext, crypto.GenerateIV(rand.Reader), crypto.S3.String(), bucket, "")
	crypto.S3.CreateMetadata(metadata, key.KeyID, key.Ciphertext, sealedKey)
	_, err = sio.Encrypt(outbuf, bytes.NewBuffer(input), sio.Config{Key: objectKey[:], MinVersion: sio.Version20, CipherSuites: fips.DARECiphers()})
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Apr 04 12:04:40 GMT 2024
    - 16.5K bytes
    - Viewed (0)
  11. github.com/minio/minio

    internal/crypto/sse.go 

    // from the metadata using the SSE-C client key.
func unsealObjectKey(clientKey []byte, metadata map[string]string, bucket, object string) (key ObjectKey, err error) {
	sealedKey, err := SSEC.ParseMetadata(metadata)
	if err != nil {
		return
	}
	err = key.Unseal(clientKey, sealedKey, SSEC.String(), bucket, object)
	return
}

// EncryptSinglePart encrypts an io.Reader which must be the
// body of a single-part PUT request.
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Tue Aug 30 15:26:43 GMT 2022
    - 4.4K bytes
    - Viewed (0)
Back to top