minio/internal
Andreas Auernhammer e955aa7f2a
kes: add support for encrypted private keys (#14650)
This commit adds support for encrypted KES
client private keys.

Now, it is possible to encrypt the KES client
private key (`MINIO_KMS_KES_KEY_FILE`) with
a password.

For example, KES CLI already supports the
creation of encrypted private keys:
```
kes identity new --encrypt --key client.key --cert client.crt MinIO
```

To decrypt an encrypted private key, the password
needs to be provided:
```
MINIO_KMS_KES_KEY_PASSWORD=<password>
```

Signed-off-by: Andreas Auernhammer <hi@aead.dev>
2022-03-29 09:53:33 -07:00
..
arn run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
auth add gocritic/ruleguard checks back again, cleanup code. (#13665) 2021-11-16 09:28:29 -08:00
bpool run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
bucket Disallow delete replication for tag based rules (#14167) 2022-01-24 15:22:20 -08:00
color rename all remaining packages to internal/ (#12418) 2021-06-01 14:59:40 -07:00
config kes: add support for encrypted private keys (#14650) 2022-03-29 09:53:33 -07:00
crypto do not crash when KMS is not enabled (#14634) 2022-03-27 08:54:01 -07:00
disk run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
dsync tests: Clean up dsync package (#14415) 2022-03-01 11:14:28 -08:00
etag etag: fix incorrect multipart detection (#14631) 2022-03-25 18:21:01 -07:00
event re-use transport for AdminInfo() call (#14571) 2022-03-17 16:20:10 -07:00
fips tls: add TLS 1.3 ciphers to the list of supported ciphers (#13158) 2021-09-07 09:57:32 -07:00
handlers run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
hash fix: enable go1.17 github ci/cd (#12997) 2021-08-18 18:35:22 -07:00
http Send deployment id and minio version in http header (#14378) 2022-02-23 13:36:01 -08:00
init Disable AVX512 on Darwin (#13550) 2021-11-01 08:03:16 -07:00
ioutil Add local disk health checks (#14447) 2022-03-09 11:38:54 -08:00
jwt run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
kernel Add riscv64 support (#14601) 2022-03-22 20:36:59 -07:00
kms add support for SSE-S3 bulk ETag decryption (#14627) 2022-03-25 15:01:41 -07:00
lock run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
logger Fix waitgroup add after wait on config reload (#14584) 2022-03-19 09:15:45 -07:00
lsync run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
mountinfo run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
pubsub rename all remaining packages to internal/ (#12418) 2021-06-01 14:59:40 -07:00
rest cleanup dsync tests and remove net/rpc references (#14118) 2022-01-18 12:44:38 -08:00
s3select fix: free up reader resources in S3Select properly (#14600) 2022-03-23 20:58:53 -07:00
smart run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
sync/errgroup rename all remaining packages to internal/ (#12418) 2021-06-01 14:59:40 -07:00