mirror of
https://github.com/minio/minio.git
synced 2026-06-10 01:10:50 -04:00
01cb705c36
This commit adds support for KMS master key versions. Now, MinIO stores any key version information returned by the KMS as part of the object metadata. The key version identifies a particular master key within a master key ring. When encrypting/ generating a DEK, MinIO has to remember the key version - similar to the key name. When decrypting a DEK, MinIO sends the key version to the KMS such that the KMS can identify the exact key version that should be used to decrypt the object. Existing objects don't have a key version. Hence, this field will be empty. Signed-off-by: Andreas Auernhammer <github@aead.dev> |
||
|---|---|---|
| .. | ||
| auto-encryption.go | ||
| doc.go | ||
| error.go | ||
| header.go | ||
| header_test.go | ||
| key.go | ||
| key_test.go | ||
| metadata.go | ||
| metadata_test.go | ||
| sse-c.go | ||
| sse-kms.go | ||
| sse-s3.go | ||
| sse.go | ||
| sse_test.go | ||