- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 33 for ecryptfs (0.19 sec)
-
docs/security/README.md
## Server-Side Encryption MinIO supports two different types of server-side encryption ([SSE](#sse)): - **SSE-C**: The MinIO server en/decrypts an object with a secret key provided by the S3 client as part of the HTTP request headers. Therefore, [SSE-C](#ssec) requires TLS/HTTPS. - **SSE-S3**: The MinIO server en/decrypts an object with a secret key managed by a KMS. Therefore, MinIO requires a valid KMS configuration for [SSE-S3](#sses3).
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Sat Feb 12 00:51:25 GMT 2022 - 13.8K bytes - Viewed (0) -
internal/crypto/sse-s3.go
func (sses3) IsEncrypted(metadata map[string]string) bool { if _, ok := metadata[MetaSealedKeyS3]; ok { return true } return false } // UnsealObjectKey extracts and decrypts the sealed object key // from the metadata using KMS and returns the decrypted object // key. func (s3 sses3) UnsealObjectKey(k kms.KMS, metadata map[string]string, bucket, object string) (key ObjectKey, err error) {
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Jan 18 07:03:17 GMT 2024 - 8.5K bytes - Viewed (0) -
internal/kms/key-manager.go
ListKeys(ctx context.Context) (*kes.ListIter[string], error) // ImportKey imports a cryptographic key into the KMS. ImportKey(ctx context.Context, keyID string, bytes []byte) error // EncryptKey Encrypts and authenticates a (small) plaintext with the cryptographic key // The plaintext must not exceed 1 MB EncryptKey(keyID string, plaintext []byte, context Context) ([]byte, error)
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Fri Mar 01 21:09:42 GMT 2024 - 1.9K bytes - Viewed (0) -
cmd/s3-zip-handlers.go
} files.OptimizeSize() zipInfo, err := files.Serialize() if err != nil { return nil, err } at := archiveType zipInfoStr := string(zipInfo) if opts.EncryptFn != nil { at = archiveTypeEnc zipInfoStr = string(opts.EncryptFn(archiveTypeEnc, zipInfo)) } srcInfo.UserDefined[archiveTypeMetadataKey] = at popts := ObjectOptions{ MTime: srcInfo.ModTime, VersionID: srcInfo.VersionID,
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Tue Apr 09 10:41:25 GMT 2024 - 15.8K bytes - Viewed (0) -
internal/kms/kms.go
GenerateKey(ctx context.Context, keyID string, context Context) (DEK, error) // DecryptKey decrypts the ciphertext with the key referenced // by the key ID. The context must match the context value // used to generate the ciphertext. DecryptKey(keyID string, ciphertext []byte, context Context) ([]byte, error) // DecryptAll decrypts all ciphertexts with the key referenced // by the key ID. The contexts must match the context value
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Fri Mar 01 21:09:42 GMT 2024 - 4.6K bytes - Viewed (0) -
docs/kms/IAM.md
## FAQ > Why is this change needed? Before, there were two separate mechanisms - S3 objects got encrypted using a KMS, if present, and the IAM / configuration data got encrypted with the root credentials. Now, MinIO encrypts IAM / configuration and S3 objects with a KMS, if present. This change unified the key-management aspect within MinIO. The unified KMS-based approach has several advantages:
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Jan 18 07:03:17 GMT 2024 - 5.3K bytes - Viewed (0) -
cmd/object-api-options.go
opts.UserDefined[ReservedMetadataPrefix+"Actual-Object-Size"] = r.Header.Get(xhttp.MinIOReplicationActualObjectSize) // Transfer SSEC key in opts.EncryptFn if crypto.SSEC.IsRequested(r.Header) { key, err := ParseSSECustomerRequest(r) if err == nil { // Set EncryptFn to return SSEC key opts.EncryptFn = func(baseKey string, data []byte) []byte { return key } } }
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Sat Apr 20 09:05:54 GMT 2024 - 14.2K bytes - Viewed (0) -
cmd/erasure-multipart.go
kind, _ := crypto.IsEncrypted(fi.Metadata) var objectEncryptionKey []byte switch kind { case crypto.SSEC: if checksumType.IsSet() { if opts.EncryptFn == nil { return oi, crypto.ErrMissingCustomerKey } baseKey := opts.EncryptFn("", nil) if len(baseKey) != 32 { return oi, crypto.ErrInvalidCustomerKey }
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Sun Apr 28 17:53:50 GMT 2024 - 43K bytes - Viewed (0) -
internal/crypto/sse-c.go
if md5Sum := md5.Sum(clientKey); err != nil || !bytes.Equal(md5Sum[:], keyMD5) { return key, ErrCustomerKeyMD5Mismatch } copy(key[:], clientKey) return key, nil } // UnsealObjectKey extracts and decrypts the sealed object key // from the metadata using the SSE-C client key of the HTTP headers // and returns the decrypted object key.
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Jan 18 07:03:17 GMT 2024 - 5.2K bytes - Viewed (0) -
src/main/java/jcifs/smb/NtlmPasswordAuthentication.java
*/ package jcifs.smb; import java.security.GeneralSecurityException; import java.util.Arrays; import jcifs.CIFSContext; /** * This class stores and encrypts NTLM user credentials. The default * credentials are retrieved from the <tt>jcifs.smb.client.domain</tt>, * <tt>jcifs.smb.client.username</tt>, and <tt>jcifs.smb.client.password</tt> * properties. * <p>
Java - Registered: Sun May 05 00:10:10 GMT 2024 - Last Modified: Tue Jul 07 10:50:16 GMT 2020 - 8.5K bytes - Viewed (0)