luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
12201 commits 1 branch 0 tags 214 MiB
Commit graph

23 commits

Author SHA1 Message Date
Alexander Bezobchuk eb0b3ac286
Merge PR #9100: Add key_version to Transit Logical Response 2020-06-01 13:16:01 -04:00
Lexman c86fe212c0
oss changes for entropy augmentation feature (#7670) 
* oss changes for entropy augmentation feature

* fix oss command/server/config tests

* update go.sum

* fix logical_system and http/ tests

* adds vendored files

* removes unused variable
 2019-10-17 10:33:00 -07:00
Jeff Mitchell 9ebc57581d
Switch to go modules (#6585) 
* Switch to go modules

* Make fmt
 2019-04-13 03:44:06 -04:00
Jeff Mitchell 8bcb533a1b
Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
Jeff Mitchell 76b0d11793
Redo transit locking (#4720) 
This massively simplifies transit locking behavior by pushing some
locking down to the Policy level, and embedding either a local or global
lock in the Policy depending on whether caching is enabled or not.
 2018-06-12 12:24:12 -04:00
Brian Kassouf 2f19de0305 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Brian Kassouf 1c190d4bda
Pass context to backends (#3750) 
* Start work on passing context to backends

* More work on passing context

* Unindent logical system

* Unindent token store

* Unindent passthrough

* Unindent cubbyhole

* Fix tests

* use requestContext in rollback and expiration managers
 2018-01-08 10:31:38 -08:00
Jeff Mitchell a7fca34076 Add ability to specify encryption key version in transit (#2821) 2017-06-06 16:02:54 -04:00
Jeff Mitchell 4693881fe9 Update some path-help in datakey 2017-05-23 10:04:32 -04:00
Brian Kassouf 533dbe5d4c Update the error when no key can be found to a more clear error text (#2720) 2017-05-12 14:14:00 -04:00
Jeff Mitchell 7f6c58b807 Address review feedback 2016-08-08 16:30:48 -04:00
Jeff Mitchell 606ba64e23 Remove context-as-nonce, add docs, and properly support datakey 2016-08-07 15:53:40 -04:00
Jeff Mitchell 8b1d47037e Refactor convergent encryption to make specifying a nonce in addition to context possible 2016-08-05 17:52:44 -04:00
vishalnayak cff7aada7a Fix invalid input getting marked as internal error 2016-07-28 16:23:11 -04:00
Jeff Mitchell 7e1bdbe924 Massively simplify lock handling based on feedback 2016-05-02 23:47:18 -04:00
Jeff Mitchell 3e5391aa9c Switch to lockManager 2016-05-02 22:36:44 -04:00
Jeff Mitchell fe1f56de40 Make a non-caching but still locking variant of transit for when caches are disabled 2016-05-02 22:36:44 -04:00
Jeff Mitchell 3396b42c6c Address final review feedback 2016-01-29 14:33:51 -05:00
Jeff Mitchell 48c9f79896 Implement locking in the transit backend. 
This ensures that we can safely rotate and modify configuration
parameters with multiple requests in flight.

As a side effect we also get a cache, which should provide a nice
speedup since we don't need to decrypt/deserialize constantly, which
would happen even with the physical LRU.
 2016-01-27 17:03:21 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell 3eb38d19ba Update transit backend documentation, and also return the min decryption 
value in a read operation on the key.
 2015-09-21 16:13:43 -04:00
Jeff Mitchell 01ee6c4fe1 Move no_plaintext to two separate paths for datakey. 2015-09-18 14:41:05 -04:00
Jeff Mitchell 448249108c Add datakey generation to transit. 
Can specify 128 bits (defaults to 256) and control whether or not
plaintext is returned (default true).

Unit tests for all of the new functionality.
 2015-09-18 14:41:05 -04:00