kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
apiserver/pkg/storage/value/encrypt
History
Anish Ramasekar b21cb57710 [KMSv2] use encDEK, keyID and annotations to generate cache key 
It is possible for a KMSv2 plugin to return a static value as Ciphertext
and store the actual encrypted DEK in the annotations. In this case,
using the encDEK will not work. Instead, we are now using a combination
of the encDEK, keyID and annotations to generate the cache key.

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 8eacf09649ac9042c7e998b5c24ac59d68ae7e6c
 		2023-03-14 19:38:30 +00:00
..
aes kmsv2: re-use DEK while key ID is unchanged 2023-02-24 16:51:08 -05:00
envelope [KMSv2] use encDEK, keyID and annotations to generate cache key 2023-03-14 19:38:30 +00:00
identity Load encryption config once 2022-08-29 17:25:48 -04:00
secretbox storage: transformers: pass a context.Context 2022-02-17 07:29:44 -08:00