[Review Only] Autoseal OSS port (#757)

* Port awskms autoseal * Rename files * WIP autoseal * Fix protobuf conflict * Expose some structs to properly allow encrypting stored keys * Update awskms with the latest changes * Add KeyGuard implementation to abstract encryption/decryption of keys * Fully decouple seal.Access implementations from sealwrap structs * Add extra line to proto files, comment update * Update seal_access_entry.go * govendor sync * Add endpoint info to configureAWSKMSSeal * Update comment * Refactor structs * Update make proto * Remove remove KeyGuard, move encrypt/decrypt to autoSeal * Add rest of seals, update VerifyRecoveryKeys, add deps * Fix some merge conflicts via govendor updates * Rename SealWrapEntry to EncryptedBlobInfo * Remove barrier type upgrade check in oss * Add key to EncryptedBlobInfo proto * Update barrierTypeUpgradeCheck signature
2025-11-02 03:27:54 +00:00 · 2018-10-19 14:43:57 -07:00
parent db2bdbbebd
commit 3d1f0d76c0
65 changed files with 29804 additions and 41 deletions
--- a/command/server/config.go
+++ b/command/server/config.go
@@ -735,6 +735,7 @@ func parseSeal(result *Config, list *ast.ObjectList, blockName string) error {
 	// Valid parameter for the Seal types
 	switch key {
 	case "pkcs11":
+	case "alicloudkms":
 	case "awskms":
 	case "gcpckms":
 	case "azurekeyvault":