open-vault

Commit Graph

Author	SHA1	Message	Date
Jeff Mitchell	a0694943cc	Migrate built in auto seal to go-kms-wrapping (#8118 )	2020-01-10 20:39:52 -05:00
Michael Gaffney	6b1e1909e9	core: re-encrypt barrier and recovery keys if the unseal key is updated (#7493 ) Seal keys can be rotated. When this happens, the barrier and recovery keys should be re-encrypted with the new seal key. This change automatically re-encrypts the barrier and recovery keys with the latest seal key on the active node during the 'postUnseal' phase.	2019-10-03 16:40:18 -04:00

Author

SHA1

Message

Date

Jeff Mitchell

a0694943cc

Migrate built in auto seal to go-kms-wrapping (#8118 )

2020-01-10 20:39:52 -05:00

Michael Gaffney

6b1e1909e9

core: re-encrypt barrier and recovery keys if the unseal key is updated (#7493 )

Seal keys can be rotated. When this happens, the barrier and recovery
keys should be re-encrypted with the new seal key. This change
automatically re-encrypts the barrier and recovery keys with the latest
seal key on the active node during the 'postUnseal' phase.

2019-10-03 16:40:18 -04:00

2 Commits