Search Options

Results per page
Sort
Preferred Languages
Advance

Results 21 - 30 of 298 for ssec (0.06 sec)

  1. docs/security/README.md

    MinIO supports two different types of server-side encryption ([SSE](#sse)):
    
    - **SSE-C**: The MinIO server en/decrypts an object with a secret key provided by the S3 client as part of the HTTP request headers. Therefore, [SSE-C](#ssec) requires TLS/HTTPS.
    - **SSE-S3**: The MinIO server en/decrypts an object with a secret key managed by a KMS. Therefore, MinIO requires a valid KMS configuration for [SSE-S3](#sses3).
    
    ### Server-Side Encryption - Preliminaries
    
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Sat Feb 12 00:51:25 UTC 2022
    - 13.8K bytes
    - Viewed (0)
  2. docs/site-replication/run-sse-kms-object-replication.sh

    # sleep for replication to complete
    sleep 30
    
    # Create bucket in source cluster
    echo "Create bucket in source MinIO instance"
    ./mc mb minio1/test-bucket --insecure
    
    # Enable SSE KMS for the bucket
    ./mc encrypt set sse-kms minio-default-key minio1/test-bucket --insecure
    
    # Load objects to source site
    echo "Loading objects to source MinIO instance"
    ./mc cp /tmp/data/encrypted minio1/test-bucket --insecure
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Thu Oct 10 06:49:55 UTC 2024
    - 11.5K bytes
    - Viewed (0)
  3. internal/http/headers.go

    	AmzMetaUnencryptedContentLength = "X-Amz-Meta-X-Amz-Unencrypted-Content-Length"
    	AmzMetaUnencryptedContentMD5    = "X-Amz-Meta-X-Amz-Unencrypted-Content-Md5"
    
    	// AWS server-side encryption headers for SSE-S3, SSE-KMS and SSE-C.
    	AmzServerSideEncryption                      = "X-Amz-Server-Side-Encryption"
    	AmzServerSideEncryptionKmsID                 = AmzServerSideEncryption + "-Aws-Kms-Key-Id"
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Wed Aug 28 15:31:56 UTC 2024
    - 10.4K bytes
    - Viewed (0)
  4. cmd/bucket-handlers.go

    		return
    	}
    
    	var forceMD5 []byte
    	// Optimization: If SSE-KMS and SSE-C did not request Content-Md5. Use uuid as etag. Optionally enable this also
    	// for server that is started with `--no-compat`.
    	kind, _ := crypto.IsRequested(formValues)
    	if !etag.ContentMD5Requested(formValues) && (kind == crypto.SSEC || kind == crypto.S3KMS || !globalServerCtxt.StrictS3Compat) {
    		forceMD5 = mustGetUUIDBytes()
    	}
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Thu Sep 12 12:24:04 UTC 2024
    - 63.4K bytes
    - Viewed (0)
  5. cmd/object-api-datatypes_gen.go

    			z.UserTags, bts, err = msgp.ReadStringBytes(bts)
    			if err != nil {
    				err = msgp.WrapError(err, "UserTags")
    				return
    			}
    		case "SSEC":
    			z.SSEC, bts, err = msgp.ReadBoolBytes(bts)
    			if err != nil {
    				err = msgp.WrapError(err, "SSEC")
    				return
    			}
    		case "ReplicationStatus":
    			bts, err = z.ReplicationStatus.UnmarshalMsg(bts)
    			if err != nil {
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Mon Jun 10 15:31:51 UTC 2024
    - 70.1K bytes
    - Viewed (0)
  6. cmd/object-api-datatypes.go

    	VersionID                  string
    	ETag                       string
    	Size                       int64
    	ActualSize                 int64
    	ModTime                    time.Time
    	UserTags                   string
    	SSEC                       bool
    	ReplicationStatus          replication.StatusType
    	ReplicationStatusInternal  string
    	VersionPurgeStatusInternal string
    	VersionPurgeStatus         VersionPurgeStatusType
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Mon Jun 10 15:31:51 UTC 2024
    - 20.9K bytes
    - Viewed (0)
  7. cmd/generic-handlers.go

    				writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrInvalidBucketName), r.URL)
    				return
    			}
    		}
    		// Deny SSE-C requests if not made over TLS
    		if !globalIsTLS && (crypto.SSEC.IsRequested(r.Header) || crypto.SSECopy.IsRequested(r.Header)) {
    			if r.Method == http.MethodHead {
    				if ok {
    					tc.FuncName = "handler.ValidRequest"
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Mon Jul 29 18:10:04 UTC 2024
    - 20.5K bytes
    - Viewed (0)
  8. cmd/erasure-multipart.go

    	// Therefore, we adjust all ETags sent by the client to match what is stored
    	// on the backend.
    	kind, _ := crypto.IsEncrypted(fi.Metadata)
    
    	var objectEncryptionKey []byte
    	switch kind {
    	case crypto.SSEC:
    		if checksumType.IsSet() {
    			if opts.EncryptFn == nil {
    				return oi, crypto.ErrMissingCustomerKey
    			}
    			baseKey := opts.EncryptFn("", nil)
    			if len(baseKey) != 32 {
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Sun Sep 29 22:40:36 UTC 2024
    - 44.7K bytes
    - Viewed (0)
  9. cmd/erasure-object.go

    		return &GetObjectReader{
    			ObjInfo: objInfo,
    		}, toObjectErr(errMethodNotAllowed, bucket, object)
    	}
    
    	// Set NoDecryption for SSE-C objects and if replication request
    	if crypto.SSEC.IsEncrypted(objInfo.UserDefined) && opts.ReplicationRequest {
    		opts.NoDecryption = true
    	}
    
    	if objInfo.Size == 0 {
    		if _, _, err := rs.GetOffsetLength(objInfo.Size); err != nil {
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Tue Oct 22 21:10:34 UTC 2024
    - 78.5K bytes
    - Viewed (0)
  10. internal/crypto/sse-kms.go

    type ssekms struct{}
    
    var (
    	// S3KMS represents AWS SSE-KMS. It provides functionality to
    	// handle SSE-KMS requests.
    	S3KMS = ssekms{}
    
    	_ Type = S3KMS
    )
    
    // String returns the SSE domain as string. For SSE-KMS the
    // domain is "SSE-KMS".
    func (ssekms) String() string { return "SSE-KMS" }
    
    // IsRequested returns true if the HTTP headers contains
    // at least one SSE-KMS header.
    func (ssekms) IsRequested(h http.Header) bool {
    Registered: Sun Oct 27 19:28:09 UTC 2024
    - Last Modified: Tue May 07 23:55:37 UTC 2024
    - 8.5K bytes
    - Viewed (0)
Back to top