upstream/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2026-06-10 09:21:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
minio/internal/kms
History
Andreas Auernhammer 01cb705c36 crypto: add support for KMS key versions 
This commit adds support for KMS master key versions.
Now, MinIO stores any key version information returned by the
KMS as part of the object metadata. The key version identifies
a particular master key within a master key ring. When encrypting/
generating a DEK, MinIO has to remember the key version - similar to
the key name. When decrypting a DEK, MinIO sends the key version to
the KMS such that the KMS can identify the exact key version that
should be used to decrypt the object.

Existing objects don't have a key version. Hence, this field will
be empty.

Signed-off-by: Andreas Auernhammer <github@aead.dev>
2025-05-05 22:35:43 +02:00
..
config.go update minio/kms-go/kms SDK (#21233) 2025-04-24 08:33:57 -07:00
config_test.go tests: Do not allow forced type asserts (#20905) 2025-02-18 08:25:55 -08:00
conn.go crypto: add support for KMS key versions 2025-05-05 22:35:43 +02:00
context.go run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
errors.go Allow a KMS Action to specify keys in the Resources of a policy (#20079) 2024-07-16 07:03:03 -07:00
kes.go crypto: add support for KMS key versions 2025-05-05 22:35:43 +02:00
kms.go crypto: add support for KMS key versions 2025-05-05 22:35:43 +02:00
secret-key.go crypto: add support for KMS key versions 2025-05-05 22:35:43 +02:00
secret-key_test.go move to go1.24 (#21114) 2025-04-09 07:28:39 -07:00
stub.go crypto: add support for KMS key versions 2025-05-05 22:35:43 +02:00