Skip to content

Pass a default EncryptionContext on calls to KMS#5

Open
nathan-muir wants to merge 2 commits intomasterfrom
kms-aead
Open

Pass a default EncryptionContext on calls to KMS#5
nathan-muir wants to merge 2 commits intomasterfrom
kms-aead

Conversation

@nathan-muir
Copy link
Copy Markdown

Resolves fugue#134 & fugue#136 by providing the secret name & version number to encryption/decryption operations to be used as additional authenticated data.

@nathan-muir nathan-muir force-pushed the kms-aead branch 3 times, most recently from 5a07fed to 36ccb57 Compare March 23, 2017 03:14
@nathan-muir nathan-muir force-pushed the master branch 2 times, most recently from 78ba2ca to ca49f10 Compare March 13, 2019 05:43
Consolidate api/cli into a single core module.

It's now much easier to load & call credsmash via python.

Core - Perform version/compare before sealing new secret.

DynamoDB - Create separate `get_one` and `get_latest`.

This also removes the `name` & `version` from the ciphertext output,
as it is an implementation detail of how DynamoDB stores data.
Crypto - Support additional authenticated data on key service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant