- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 34 for cipherText (0.29 sec)
-
internal/kms/kes.go
} if errors.Is(err, kes.ErrNotAllowed) { return DEK{}, ErrPermission } return DEK{}, errKeyGenerationFailed(err) } return DEK{ KeyID: name, Plaintext: dek.Plaintext, Ciphertext: dek.Ciphertext, }, nil } // ImportKey imports a cryptographic key into the KMS. func (c *kesConn) ImportKey(ctx context.Context, keyID string, bytes []byte) error {
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Tue May 07 23:55:37 UTC 2024 - 7.1K bytes - Viewed (0) -
src/crypto/cipher/cbc.go
return } // For each block, we need to xor the decrypted data with the previous block's ciphertext (the iv). // To avoid making a copy each time, we loop over the blocks BACKWARDS. end := len(src) start := end - x.blockSize prev := start - x.blockSize // Copy the last block of ciphertext in preparation as the new iv. copy(x.tmp, src[start:end]) // Loop over all but the first block.
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Wed Sep 28 03:55:33 UTC 2022 - 5.4K bytes - Viewed (0) -
src/crypto/x509/pem_decrypt.go
// IsEncryptedPEMBlock returns whether the PEM block is password encrypted // according to RFC 1423. // // Deprecated: Legacy PEM encryption as specified in RFC 1423 is insecure by // design. Since it does not authenticate the ciphertext, it is vulnerable to // padding oracle attacks that can let an attacker recover the plaintext. func IsEncryptedPEMBlock(b *pem.Block) bool { _, ok := b.Headers["DEK-Info"] return ok }
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Fri Oct 13 17:09:47 UTC 2023 - 7.2K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/secretbox/secretbox_test.go
} original := append([]byte{}, data...) ciphertext, err := tt.t.TransformToStorage(ctx, data, dataCtx) if err != nil { t.Errorf("TransformToStorage error = %v", err) continue } result, stale, err := tt.t.TransformFromStorage(ctx, ciphertext, dataCtx) if err != nil { t.Errorf("TransformFromStorage error = %v", err) continue
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Feb 17 16:31:31 UTC 2022 - 6.8K bytes - Viewed (0) -
src/crypto/internal/hpke/hpke.go
panic("message limit reached") } s.seqNum = s.seqNum.addOne() return nonce } func (s *Sender) Seal(aad, plaintext []byte) ([]byte, error) { ciphertext := s.aead.Seal(nil, s.nextNonce(), plaintext, aad) return ciphertext, nil } func SuiteID(kemID, kdfID, aeadID uint16) []byte { suiteID := make([]byte, 0, 4+2+2+2) suiteID = append(suiteID, []byte("HPKE")...)
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Wed May 22 22:33:33 UTC 2024 - 7K bytes - Viewed (0) -
cmd/kms-handlers.go
return } // 2. Verify that we can indeed decrypt the (encrypted) key decryptedKey, err := GlobalKMS.Decrypt(ctx, &kms.DecryptRequest{ Name: key.KeyID, Ciphertext: key.Ciphertext, AssociatedData: kmsContext, }) if err != nil { response.DecryptionErr = err.Error() resp, err := json.Marshal(response) if err != nil {
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 8.2K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/v2/api.proto
// keyID must satisfy the following constraints: // 1. The keyID is not empty. // 2. The size of keyID is less than 1 kB. string keyID = 2; // EncryptedDEKSource is the ciphertext of the source of the DEK used to encrypt the data stored in encryptedData. // encryptedDEKSourceType defines the process of using the plaintext of this field to determine the aforementioned DEK.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Oct 30 18:43:30 UTC 2023 - 2.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/aes/aes.go
if err := t.nonceFunc(result[:nonceSize]); err != nil { return nil, fmt.Errorf("failed to write nonce for AES-GCM: %w", err) } cipherText := t.aead.Seal(result[nonceSize:nonceSize], result[:nonceSize], data, dataCtx.AuthenticatedData()) return result[:nonceSize+len(cipherText)], nil } // cbc implements encryption at rest of the provided values given a cipher.Block algorithm. type cbc struct { block cipher.Block }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jul 21 19:25:52 UTC 2023 - 9.6K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go
response, err := g.kmsClient.Decrypt(ctx, request) if err != nil { return nil, err } return response.Plain, nil } // Encrypt bytes to a string ciphertext. func (g *gRPCService) Encrypt(plain []byte) ([]byte, error) { ctx, cancel := context.WithTimeout(context.Background(), g.callTimeout) defer cancel()
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Feb 27 00:47:46 UTC 2023 - 4.4K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/envelope.go
type Service interface { // Decrypt a given bytearray to obtain the original data as bytes. Decrypt(data []byte) ([]byte, error) // Encrypt bytes to a ciphertext. Encrypt(data []byte) ([]byte, error) } type envelopeTransformer struct { envelopeService Service // transformers is a thread-safe LRU cache which caches decrypted DEKs indexed by their encrypted form.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Mar 14 14:23:50 UTC 2023 - 6.2K bytes - Viewed (0)