63 Commits (c1b88c17cca1d0c049f9aa1a8426c668e567ce57)

Author SHA1 Message Date
Harshavardhana 03ec6adfd0
fix: KES http2.0 communication support (#10341) 4 years ago
kannappanr d15a5ad4cc
S3 Gateway: Check for encryption headers properly (#10309) 4 years ago
Harshavardhana 1d1c4430b2
decrypt ETags in parallel around 500 at a time (#10261) 4 years ago
Klaus Post f8f290e848
security: Remove insecure custom headers (#10244) 4 years ago
Andreas Auernhammer a317a2531c
admin: new API for creating KMS master keys (#9982) 4 years ago
Andreas Auernhammer b1845c6c83
kes: try to auto. create master key if not present (#9790) 5 years ago
kannappanr fade056244
filter all encryption headers in gateway (#9661) 5 years ago
Harshavardhana a2ccba69e5
add kes retries upto two times with jitter backoff (#9527) 5 years ago
Andreas Auernhammer 145f501a21
use HTTP/2 when connecting to KES (#9514) 5 years ago
Harshavardhana abc1c1070a Add custom policy claim name (#8764) 5 years ago
Harshavardhana 933c60bc3a Add crypto context errors (#8740) 5 years ago
Andreas Auernhammer e047ac52b8 remove github.com/minio/kes as a dependency (#8665) 5 years ago
Andreas Auernhammer c3d4c1f584 add minio/keys KMS integration (#8631) 5 years ago
Ashish Kumar Sinha 24fb1bf258 New Admin Info (#8497) 5 years ago
Harshavardhana 476111968a Update help messages with new wording (#8616) 5 years ago
Harshavardhana c9940d8c3f Final changes to config sub-system (#8600) 5 years ago
Harshavardhana 5ac4b517c9
Order all keys in config (#8541) 5 years ago
Harshavardhana 7cdb67680e
Add help with order of keys (#8535) 5 years ago
Harshavardhana 13a3d17321
Do not add comments after migration (#8530) 5 years ago
Harshavardhana 26a866a202
Fix review comments and new changes in config (#8515) 5 years ago
Harshavardhana 822eb5ddc7 Bring in safe mode support (#8478) 5 years ago
Harshavardhana 9e7a3e6adc Extend further validation of config values (#8469) 5 years ago
Harshavardhana 47b13cdb80 Add etcd part of config support, add noColor/json support (#8439) 5 years ago
Harshavardhana ee4a6a823d Migrate config to KV data format (#8392) 5 years ago
Harshavardhana 290ad0996f Move etcd, logger, crypto into their own packages (#8366) 5 years ago
Andreas Auernhammer ffded5a930 make the crypto error type a native go type (#8267) 5 years ago
Andreas Auernhammer 2b51fe9f26 make SSE request header check comprehensive (#8276) 5 years ago
Andreas Auernhammer e34369c860 prepare SSE-S3 metadata parsing for K/V data key store (#8259) 5 years ago
Andreas Auernhammer 35427a017d fix type conversion in `UpdateKey` for Vault (#8058) 5 years ago
Andreas Auernhammer a6f4cf61f2 add `UpdateKey` method to KMS interface (#7974) 5 years ago
Andreas Auernhammer 98d3913a1e enable SSE-KMS pass-through on S3 gateway (#7788) 6 years ago
Andreas Auernhammer 849e06a316 crypto: add unit test for vault config verification (#7413) 6 years ago
kannappanr 5ecac91a55
Replace Minio refs in docs with MinIO and links (#7494) 6 years ago
poornas e098852a80 Revert PR #7241 to fix vault renewal (#7259) 6 years ago
Andreas Auernhammer 6f764a8efd crypto: fix nil pointer dereference of vault secret (#7241) 6 years ago
poornas 3467460456 Fix vault client to autorenew or reauthenticate (#7161) 6 years ago
poornas 5a80cbec2a Add double encryption at S3 gateway. (#6423) 6 years ago
Harshavardhana b5280ba243
Migrate to Go version 1.11.4 (#7026) 6 years ago
Andreas Auernhammer d264d2c899 add auto-encryption feature (#6523) 6 years ago
Andreas Auernhammer 21d8c0fd13 refactor vault configuration and add master-key KMS (#6488) 6 years ago
Andreas Auernhammer 5549a44566 rename vault namespace env variable to be more idiomatic (#6905) 6 years ago
poornas 45bb11e020 Set namespace on vault client if VAULT_NAMESPACE env is set (#6867) 6 years ago
Andreas Auernhammer 8a6c3aa3cd crypto: add RemoveInternalEntries function (#6616) 6 years ago
Andreas Auernhammer baec331e84 crypto: add functions for sealing/unsealing the etag for SSE (#6618) 6 years ago
Andreas Auernhammer 28e25eac78 crypto: add helper functions for unsealing object keys (#6609) 6 years ago
Harshavardhana f163bed40d
Add Vault support for custom CAs directory (#6527) 6 years ago
Anis Elleuch aa4e2b1542 Use GetObjectNInfo in CopyObject and CopyObjectPart (#6489) 6 years ago
Andreas Auernhammer 8cf7b88cc5 add functions to remove confidential information (#6516) 6 years ago
Andreas Auernhammer fd8749f42a return `Access Denied` for invalid SSE keys (#6432) 6 years ago
poornas e71ef905f9 Add support for SSE-S3 server side encryption with vault (#6192) 6 years ago