- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 298 for ssec (0.05 sec)
-
docs/security/README.md
MinIO supports two different types of server-side encryption ([SSE](#sse)): - **SSE-C**: The MinIO server en/decrypts an object with a secret key provided by the S3 client as part of the HTTP request headers. Therefore, [SSE-C](#ssec) requires TLS/HTTPS. - **SSE-S3**: The MinIO server en/decrypts an object with a secret key managed by a KMS. Therefore, MinIO requires a valid KMS configuration for [SSE-S3](#sses3). ### Server-Side Encryption - Preliminaries
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Sat Feb 12 00:51:25 UTC 2022 - 13.8K bytes - Viewed (0) -
docs/site-replication/run-sse-kms-object-replication.sh
# sleep for replication to complete sleep 30 # Create bucket in source cluster echo "Create bucket in source MinIO instance" ./mc mb minio1/test-bucket --insecure # Enable SSE KMS for the bucket ./mc encrypt set sse-kms minio-default-key minio1/test-bucket --insecure # Load objects to source site echo "Loading objects to source MinIO instance" ./mc cp /tmp/data/encrypted minio1/test-bucket --insecure
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Thu Oct 10 06:49:55 UTC 2024 - 11.5K bytes - Viewed (0) -
internal/http/headers.go
AmzMetaUnencryptedContentLength = "X-Amz-Meta-X-Amz-Unencrypted-Content-Length" AmzMetaUnencryptedContentMD5 = "X-Amz-Meta-X-Amz-Unencrypted-Content-Md5" // AWS server-side encryption headers for SSE-S3, SSE-KMS and SSE-C. AmzServerSideEncryption = "X-Amz-Server-Side-Encryption" AmzServerSideEncryptionKmsID = AmzServerSideEncryption + "-Aws-Kms-Key-Id"
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Wed Aug 28 15:31:56 UTC 2024 - 10.4K bytes - Viewed (0) -
cmd/bucket-handlers.go
return } var forceMD5 []byte // Optimization: If SSE-KMS and SSE-C did not request Content-Md5. Use uuid as etag. Optionally enable this also // for server that is started with `--no-compat`. kind, _ := crypto.IsRequested(formValues) if !etag.ContentMD5Requested(formValues) && (kind == crypto.SSEC || kind == crypto.S3KMS || !globalServerCtxt.StrictS3Compat) { forceMD5 = mustGetUUIDBytes() }
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Thu Sep 12 12:24:04 UTC 2024 - 63.4K bytes - Viewed (0) -
cmd/object-api-datatypes_gen.go
z.UserTags, bts, err = msgp.ReadStringBytes(bts) if err != nil { err = msgp.WrapError(err, "UserTags") return } case "SSEC": z.SSEC, bts, err = msgp.ReadBoolBytes(bts) if err != nil { err = msgp.WrapError(err, "SSEC") return } case "ReplicationStatus": bts, err = z.ReplicationStatus.UnmarshalMsg(bts) if err != nil {
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Mon Jun 10 15:31:51 UTC 2024 - 70.1K bytes - Viewed (0) -
cmd/object-api-datatypes.go
VersionID string ETag string Size int64 ActualSize int64 ModTime time.Time UserTags string SSEC bool ReplicationStatus replication.StatusType ReplicationStatusInternal string VersionPurgeStatusInternal string VersionPurgeStatus VersionPurgeStatusType
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Mon Jun 10 15:31:51 UTC 2024 - 20.9K bytes - Viewed (0) -
cmd/generic-handlers.go
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrInvalidBucketName), r.URL) return } } // Deny SSE-C requests if not made over TLS if !globalIsTLS && (crypto.SSEC.IsRequested(r.Header) || crypto.SSECopy.IsRequested(r.Header)) { if r.Method == http.MethodHead { if ok { tc.FuncName = "handler.ValidRequest"
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Mon Jul 29 18:10:04 UTC 2024 - 20.5K bytes - Viewed (0) -
cmd/erasure-multipart.go
// Therefore, we adjust all ETags sent by the client to match what is stored // on the backend. kind, _ := crypto.IsEncrypted(fi.Metadata) var objectEncryptionKey []byte switch kind { case crypto.SSEC: if checksumType.IsSet() { if opts.EncryptFn == nil { return oi, crypto.ErrMissingCustomerKey } baseKey := opts.EncryptFn("", nil) if len(baseKey) != 32 {
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Sun Sep 29 22:40:36 UTC 2024 - 44.7K bytes - Viewed (0) -
cmd/erasure-object.go
return &GetObjectReader{ ObjInfo: objInfo, }, toObjectErr(errMethodNotAllowed, bucket, object) } // Set NoDecryption for SSE-C objects and if replication request if crypto.SSEC.IsEncrypted(objInfo.UserDefined) && opts.ReplicationRequest { opts.NoDecryption = true } if objInfo.Size == 0 { if _, _, err := rs.GetOffsetLength(objInfo.Size); err != nil {
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Tue Oct 22 21:10:34 UTC 2024 - 78.5K bytes - Viewed (0) -
internal/crypto/sse-kms.go
type ssekms struct{} var ( // S3KMS represents AWS SSE-KMS. It provides functionality to // handle SSE-KMS requests. S3KMS = ssekms{} _ Type = S3KMS ) // String returns the SSE domain as string. For SSE-KMS the // domain is "SSE-KMS". func (ssekms) String() string { return "SSE-KMS" } // IsRequested returns true if the HTTP headers contains // at least one SSE-KMS header. func (ssekms) IsRequested(h http.Header) bool {
Registered: Sun Oct 27 19:28:09 UTC 2024 - Last Modified: Tue May 07 23:55:37 UTC 2024 - 8.5K bytes - Viewed (0)