606ba64e23
Remove context-as-nonce, add docs, and properly support datakey
2016-08-07 15:53:40 -04:00
8b1d47037e
Refactor convergent encryption to make specifying a nonce in addition to context possible
2016-08-05 17:52:44 -04:00
cff7aada7a
Fix invalid input getting marked as internal error
2016-07-28 16:23:11 -04:00
7e1bdbe924
Massively simplify lock handling based on feedback
2016-05-02 23:47:18 -04:00
3e5391aa9c
Switch to lockManager
2016-05-02 22:36:44 -04:00
fe1f56de40
Make a non-caching but still locking variant of transit for when caches are disabled
2016-05-02 22:36:44 -04:00
3396b42c6c
Address final review feedback
2016-01-29 14:33:51 -05:00
48c9f79896
Implement locking in the transit backend.
...
This ensures that we can safely rotate and modify configuration
parameters with multiple requests in flight.
As a side effect we also get a cache, which should provide a nice
speedup since we don't need to decrypt/deserialize constantly, which
would happen even with the physical LRU.
2016-01-27 17:03:21 -05:00
f3ce90164f
WriteOperation -> UpdateOperation
2016-01-08 13:03:03 -05:00
3eb38d19ba
Update transit backend documentation, and also return the min decryption
...
value in a read operation on the key.
2015-09-21 16:13:43 -04:00
01ee6c4fe1
Move no_plaintext to two separate paths for datakey.
2015-09-18 14:41:05 -04:00
448249108c
Add datakey generation to transit.
...
Can specify 128 bits (defaults to 256) and control whether or not
plaintext is returned (default true).
Unit tests for all of the new functionality.
2015-09-18 14:41:05 -04:00
Jeff Mitchell