Skip to content

Instantly share code, notes, and snippets.

Andreas Auernhammer aead

View GitHub Profile
@aead
aead / argon2.patch
Created Mar 13, 2020
Argon2 closure API
View argon2.patch
diff --git a/argon2/argon2.go b/argon2/argon2.go
index b423fea..9535653 100644
--- a/argon2/argon2.go
+++ b/argon2/argon2.go
@@ -99,6 +99,37 @@ func IDKey(password, salt []byte, time, memory uint32, threads uint8, keyLen uin
return deriveKey(argon2id, password, salt, nil, nil, time, memory, threads, keyLen)
}
+func New(time, memory uint32, threads uint8) func([]byte, []byte, uint32) []byte {
+ if time < 1 {
View argon2.patch
diff --git a/argon2/argon2.go b/argon2/argon2.go
index b423fea..4ce5cac 100644
--- a/argon2/argon2.go
+++ b/argon2/argon2.go
@@ -99,6 +99,37 @@ func IDKey(password, salt []byte, time, memory uint32, threads uint8, keyLen uin
return deriveKey(argon2id, password, salt, nil, nil, time, memory, threads, keyLen)
}
+func New(time, memory uint32, threads uint8) func([]byte, []byte, uint32) []byte {
+ if time < 1 {
View KMS-details.md

Client

The S3 client can specify two headers for SSE-KMS:

  • X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id: arn:aws:kms:region:111122223333:key/<32-char keyId>
  • X-Amz-Server-Side-Encryption-Context:
AWS doc Confirmed
key ID is 32 byte string [x]
The encryption context is not stored on S3 [ ]
View mc-sse-cli-interface.md

mc SSE interface

SSE-S3

SSE-S3 requires just setting the header X-Amz-Server-Side-Encryption: AES256. So mc can implement SSE-S3 by just providing a CLI flag: --sse-s3: mc cp your-file S3/bucket/object --sse-s3

SSE-C

SSE-C requires three headers:

@aead
aead / S3-SSE.md
Last active Mar 16, 2018
AWS S3 server side encryption
View S3-SSE.md

Server-Side-Encryption

AWS S3 offers three different types of server-side encryption (SSE):

  • Server-Side-Encryption (at rest) a.k.a SSE-S3
  • Server-Side-Encryption using a KMS a.k.a SSE-KMS
  • Server-Side-Encryption with customer keys a.k.a SSE-C

1. Server-Side-Encryption (SSE-S3)

You can’t perform that action at this time.