vault

mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 11:38:02 +00:00

Author	SHA1	Message	Date
Jeff Mitchell	84cd3c20b3	Remove context-as-nonce, add docs, and properly support datakey	2016-08-07 15:53:40 -04:00
Jeff Mitchell	c7bf73f924	Refactor convergent encryption to make specifying a nonce in addition to context possible	2016-08-05 17:52:44 -04:00
vishalnayak	ddb6ae18a0	Fix invalid input getting marked as internal error	2016-07-28 16:23:11 -04:00
vishalnayak	5b458db104	Merge branch 'master-oss' into json-use-number Conflicts: http/handler.go logical/framework/field_data.go logical/framework/wal.go vault/logical_passthrough.go	2016-07-15 19:21:55 -04:00
Jeff Mitchell	7129fd5785	Switch to pester from go-retryablehttp to avoid swallowing 500 error messages	2016-07-11 21:37:46 +00:00
vishalnayak	c99cc155ff	Fix transit tests	2016-07-06 22:04:08 -04:00
vishalnayak	ef97199360	Added JSON Decode and Encode helpers. Changed all the occurances of Unmarshal to use the helpers. Fixed http/ package tests.	2016-07-06 12:25:40 -04:00
Jeff Mitchell	1c15a56726	Add convergent encryption option to transit. Fixes #1537	2016-06-20 13:17:48 -04:00
Jeff Mitchell	c598a12ab9	Switch to lockManager	2016-05-02 22:36:44 -04:00
Jeff Mitchell	32601f4424	Make a non-caching but still locking variant of transit for when caches are disabled	2016-05-02 22:36:44 -04:00
Tom Ritter	ccdbb5d910	Typo in policy.go	2016-02-08 12:00:06 -06:00
Jeff Mitchell	f4df0d828e	Add transit fuzz test	2016-02-03 17:36:15 -05:00
Jeff Mitchell	216fe1b9da	Revert "Re-add upsert into transit. Defaults to off and a new endpoint /config" This reverts commit `dc27d012c0`.	2016-02-02 09:26:25 -05:00
Jeff Mitchell	dc27d012c0	Re-add upsert into transit. Defaults to off and a new endpoint /config can be used to turn it on for a given mount.	2016-02-01 20:13:57 -05:00
Jeff Mitchell	ce44ccf68e	Address final review feedback	2016-01-29 14:33:51 -05:00
Jeff Mitchell	5bfba62a77	Ensure generatePolicy checks disk, not just the cache, now that we aren't eager loading	2016-01-28 13:10:59 -05:00
Jeff Mitchell	65c3bc631b	Remove eager loading	2016-01-28 08:59:05 -05:00
Jeff Mitchell	46514e01fa	Implement locking in the transit backend. This ensures that we can safely rotate and modify configuration parameters with multiple requests in flight. As a side effect we also get a cache, which should provide a nice speedup since we don't need to decrypt/deserialize constantly, which would happen even with the physical LRU.	2016-01-27 17:03:21 -05:00
Jeff Mitchell	e6b2d45c03	Move archive location; also detect first load of a policy after archive is added and cause the keys to be copied to the archive.	2016-01-27 13:41:37 -05:00
Jeff Mitchell	625e8091a5	Address review feedback	2016-01-27 13:41:37 -05:00
Jeff Mitchell	463cdd3d32	Store all keys in archive always	2016-01-27 13:41:37 -05:00
Jeff Mitchell	e729ace3f1	Add unit tests	2016-01-27 13:41:37 -05:00
Jeff Mitchell	8d5a0dbcdc	Force min decrypt version to 1 if it's zero, which allows fixing problematic archiving logic	2016-01-27 13:41:37 -05:00
Jeff Mitchell	9f2310c15c	Fix logic bug when restoring keys	2016-01-27 13:41:37 -05:00
Jeff Mitchell	ea9fb68a34	Fix decrementing instead of incrementing	2016-01-27 13:41:37 -05:00
Jeff Mitchell	ebe319c96b	Initial transit key archiving work	2016-01-27 13:41:37 -05:00
Jeff Mitchell	82d1f28fb6	Remove enable/disable and make deletion_allowed a configurable property. On read, return the version and creation time of each key	2015-09-18 14:41:05 -04:00
Jeff Mitchell	46073e4470	Enhance transit backend: * Remove raw endpoint from transit * Add multi-key structure * Add enable, disable, rewrap, and rotate functionality * Upgrade functionality, and record creation time of keys in metadata. Add flag in config function to control the minimum decryption version, and enforce that in the decrypt function * Unit tests for everything	2015-09-18 14:41:05 -04:00

28 Commits