kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
apiserver/pkg/server/options/encryptionconfig
History
Anish Ramasekar b21cb57710 [KMSv2] use encDEK, keyID and annotations to generate cache key 
It is possible for a KMSv2 plugin to return a static value as Ciphertext
and store the actual encrypted DEK in the annotations. In this case,
using the encDEK will not work. Instead, we are now using a combination
of the encDEK, keyID and annotations to generate the cache key.

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 8eacf09649ac9042c7e998b5c24ac59d68ae7e6c
 		2023-03-14 19:38:30 +00:00
..
controller encryption-at-rest: clean up context usage and duplicated code 2022-11-09 17:33:38 -05:00
testdata kmsv2: improve test coverage 2023-03-01 19:05:50 -08:00
OWNERS Check in OWNERS modified by update-yamlfmt.sh 2021-12-09 21:31:26 -05:00
config.go [KMSv2] use encDEK, keyID and annotations to generate cache key 2023-03-14 19:38:30 +00:00
config_test.go [KMSv2] use encDEK, keyID and annotations to generate cache key 2023-03-14 19:38:30 +00:00