clientKey - Code Search

internal/crypto/header.go

		return key, ErrMissingCustomerKeyMD5
	}

	clientKey, err := base64.StdEncoding.DecodeString(h.Get(xhttp.AmzServerSideEncryptionCopyCustomerKey))
	if err != nil || len(clientKey) != 32 { // The client key must be 256 bits long
		return key, ErrInvalidCustomerKey
	}
	keyMD5, err := base64.StdEncoding.DecodeString(h.Get(xhttp.AmzServerSideEncryptionCopyCustomerKeyMD5))
	if md5Sum := md5.Sum(clientKey); err != nil || !bytes.Equal(md5Sum[:], keyMD5) {

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Thu Feb 22 06:26:06 GMT 2024

- 2.9K bytes

- Click Count (0)

github.com/minio/minio

internal/logger/config.go

		if err != nil {
			return cfg, err
		}
		clientCert := getCfgVal(EnvLoggerWebhookClientCert, k, kv.Get(ClientCert))
		clientKey := getCfgVal(EnvLoggerWebhookClientKey, k, kv.Get(ClientKey))
		err = config.EnsureCertAndKey(clientCert, clientKey)
		if err != nil {
			return cfg, err
		}
		queueSizeCfgVal := getCfgVal(EnvLoggerWebhookQueueSize, k, kv.Get(QueueSize))

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Fri Aug 29 02:39:48 GMT 2025

- 18.7K bytes

- Click Count (0)

github.com/minio/minio

internal/crypto/sse-c.go

		return key, ErrMissingCustomerKeyMD5
	}

	clientKey, err := base64.StdEncoding.DecodeString(h.Get(xhttp.AmzServerSideEncryptionCustomerKey))
	if err != nil || len(clientKey) != 32 { // The client key must be 256 bits long
		return key, ErrInvalidCustomerKey
	}
	keyMD5, err := base64.StdEncoding.DecodeString(h.Get(xhttp.AmzServerSideEncryptionCustomerKeyMD5))
	if md5Sum := md5.Sum(clientKey); err != nil || !bytes.Equal(md5Sum[:], keyMD5) {

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Sun Sep 28 20:59:21 GMT 2025

- 5.2K bytes

- Click Count (0)

github.com/minio/minio

internal/crypto/doc.go

// initialization vector (IV) and the bucket/object path.
//
//  1. Encrypt:
//     Input: ClientKey, bucket, object, metadata, object_data
//     -              IV := Random({0,1}²⁵⁶)
//     -       ObjectKey := SHA256(ClientKey || Random({0,1}²⁵⁶))
//     -       KeyEncKey := HMAC-SHA256(ClientKey, IV || 'SSE-C' || 'DAREv2-HMAC-SHA256' || bucket || '/' || object)
//     -       SealedKey := DAREv2_Enc(KeyEncKey, ObjectKey)

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Fri Aug 26 19:52:29 GMT 2022

- 5K bytes

- Click Count (0)

github.com/minio/minio

internal/config/certs.go

	}
	return cert, nil
}

// EnsureCertAndKey checks if both client certificate and key paths are provided
func EnsureCertAndKey(clientCert, clientKey string) error {
	if (clientCert != "" && clientKey == "") ||
		(clientCert == "" && clientKey != "") {
		return errors.New("cert and key must be specified as a pair")
	}
	return nil

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Wed Aug 14 17:11:51 GMT 2024

- 3.8K bytes

- Click Count (0)

github.com/minio/minio

internal/crypto/sse.go

	clientKey, err := sse.ParseHTTP(h)
	if err != nil {
		return key, err
	}
	return unsealObjectKey(clientKey[:], metadata, bucket, object)
}

// unsealObjectKey decrypts and returns the sealed object key
// from the metadata using the SSE-C client key.
func unsealObjectKey(clientKey []byte, metadata map[string]string, bucket, object string) (key ObjectKey, err error) {

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Sun Sep 28 20:59:21 GMT 2025

- 4.3K bytes

- Click Count (0)

github.com/minio/minio

internal/event/target/webhook.go

	Transport  *http.Transport `json:"-"`
	QueueDir   string          `json:"queueDir"`
	QueueLimit uint64          `json:"queueLimit"`
	ClientCert string          `json:"clientCert"`
	ClientKey  string          `json:"clientKey"`
}

// Validate WebhookArgs fields
func (w WebhookArgs) Validate() error {
	if !w.Enable {
		return nil
	}
	if w.Endpoint.IsEmpty() {
		return errors.New("endpoint empty")
	}

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Fri Sep 06 23:06:30 GMT 2024

- 8.8K bytes

- Click Count (0)

github.com/elastic/elasticsearch

build-tools-internal/src/main/java/org/elasticsearch/gradle/internal/test/TestWithSslPlugin.java

                    c.extraConfigFile(nodeKey.getName(), nodeKey);
                    c.extraConfigFile(nodeCertificate.getName(), nodeCertificate);
                    c.extraConfigFile(clientKey.getName(), clientKey);
                    c.extraConfigFile(clientCertificate.getName(), clientCertificate);
                } else {
                    // ceremony to set up ssl

Created: Wed Apr 08 16:19:15 GMT 2026

- Last Modified: Tue Jun 01 09:19:30 GMT 2021

- 6.1K bytes

- Click Count (0)

github.com/minio/minio

internal/http/transports.go

// communicating with client cert authentication.
func (s ConnSettings) NewHTTPTransportWithClientCerts(ctx context.Context, clientCert, clientKey string) (*http.Transport, error) {
	transport := s.NewHTTPTransportWithTimeout(1 * time.Minute)
	if clientCert != "" && clientKey != "" {
		c, err := certs.NewManager(ctx, clientCert, clientKey, tls.LoadX509KeyPair)
		if err != nil {
			return nil, err
		}
		if c != nil {

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Fri Aug 08 17:51:53 GMT 2025

- 6.5K bytes

- Click Count (0)

github.com/minio/minio

internal/config/lambda/target/webhook.go

	ClientCert string          `json:"clientCert"`
	ClientKey  string          `json:"clientKey"`
}

// Validate WebhookArgs fields
func (w WebhookArgs) Validate() error {
	if !w.Enable {
		return nil
	}
	if w.Endpoint.IsEmpty() {
		return errors.New("endpoint empty")
	}
	if w.ClientCert != "" && w.ClientKey == "" || w.ClientCert == "" && w.ClientKey != "" {
		return errors.New("cert and key must be specified as a pair")

Created: Sun Apr 05 19:28:12 GMT 2026

- Last Modified: Mon Jul 08 21:39:49 GMT 2024

- 6.7K bytes

- Click Count (0)

Search Options