Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crypto: alter Storage interface to create keys inside key store #3120

Merged
merged 4 commits into from
May 21, 2024
Merged

Crypto: alter Storage interface to create keys inside key store #3120

merged 4 commits into from
May 21, 2024

Conversation

reinkrul
Copy link
Member

Instead of generating one in application space, and then importing it into the key storage. This allows supporting unexportable keys, meaning keys that never leave the key store.

This is a preparation PR for supporting Azure Key Vault directly.

Kept the SavePrivateKey functionality since it's still used for migrating from one store to another.

@reinkrul reinkrul mentioned this pull request May 18, 2024
Merged
gerardsn
gerardsn approved these changes May 21, 2024
View reviewed changes
crypto/storage/spi/interface.go Outdated Show resolved Hide resolved
crypto/test/keys.go Outdated Show resolved Hide resolved
@gerardsn gerardsn mentioned this pull request May 21, 2024
Merged
@reinkrul reinkrul force-pushed the crypto/support-unexportable-keys branch from 9a9df48 to 67a93c3 Compare May 21, 2024 16:32
@reinkrul reinkrul merged commit 464f396 into master May 21, 2024
8 of 9 checks passed
@reinkrul reinkrul deleted the crypto/support-unexportable-keys branch May 21, 2024 16:54
rolandgroen added a commit that referenced this pull request May 23, 2024
@rolandgroen
Merge branch 'refs/heads/master' into fix/internal_external_ports
9b50fd5 
* refs/heads/master: (71 commits)
  Remove nonce from default Request Object params (#3125)
  Burn nonce type SessionStore entries after first use (#3123)
  Crypto: alter Storage interface to create keys inside key store (#3120)
  Crypto: let Exists() return an error if one occurs (#3127)
  Bump github.com/nats-io/nats-server/v2 from 2.10.14 to 2.10.15 (#3121)
  Bump github.com/nats-io/nats.go from 1.34.1 to 1.35.0 (#3122)
  Bump google.golang.org/grpc from 1.63.2 to 1.64.0 (#3119)
  Bump azure/setup-helm from 3.5 to 4 (#3050)
  cleanup oauth constants (#3117)
  prevent panic (#3118)
  Support request_uri_method=post (#3102)
  add GetAndDelete to SessionStore (#3116)
  bugfix: redirect browser instead of returning error when requested scope is unknown (3104) (#3113)
  SQL: Fix SQL Server e2e test connection strings (#3112)
  Docs: updated v6 release notes to include missing stuff (#3108)
  IAM: nil deref when re-using same user session (#3106)
  cleanup metadata (#3103)
  Docs: fixed MySql example DSN (#3110)
  Change tag in discovery service to simple lamport clock value (int) (#3098)
  e2e tests: have Nuts containers wait for DB container healthy (#3109)
  ...

# Conflicts:
#	charts/nuts-node/values.yaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gerardsn gerardsn gerardsn approved these changes

@woutslakhorst woutslakhorst Awaiting requested review from woutslakhorst woutslakhorst is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@reinkrul @gerardsn