5b79e5c115
Redirect rekey operation from standby to master ( #1868 )
2016-09-13 11:59:12 -04:00
62c69f8e19
Provide base64 keys in addition to hex encoded. ( #1734 )
...
* Provide base64 keys in addition to hex encoded.
Accept these at unseal/rekey time.
Also fix a bug where backup would not be honored when doing a rekey with
no operation currently ongoing.
2016-08-15 16:01:15 -04:00
98d09b0dc6
Add seal tests and update generate-root and others to handle dualseal.
2016-04-25 19:39:04 +00:00
afae46feb7
SealInterface
2016-04-04 10:44:22 -04:00
5f5542cb91
Return status for rekey/root generation at init time. This mitigates a
...
(very unlikely) potential timing attack between init-ing and fetching
status.
Fixes #1054
2016-02-12 14:24:36 -05:00
386aa408b7
Remove need for PUT in rekey. We've decided that POST and PUT are to
...
stay as synonyms for writes, so there's no reason to limit it for this
operation.
2016-01-14 16:52:34 -05:00
a094eedce2
Add rekey nonce/backup.
2016-01-06 09:54:35 -05:00
cc232e6f79
Address comments from review.
2015-08-25 15:33:58 -07:00
c887df93cc
Add support for pgp-keys argument to rekey, as well as tests, plus
...
refactor common bits out of init.
2015-08-25 14:52:13 -07:00
7964fa4d86
http: adding rekey handlers
2015-05-28 14:28:50 -07:00
Jeff Mitchell