Andreas Auernhammer b181a693fb fix object rebinding SSE-C security guarantee violation (#6121) ... This commit fixes a weakness of the key-encryption-key derivation for SSE-C encrypted objects. Before this change the key-encryption-key was not bound to / didn't depend on the object path. This allows an attacker to repalce objects - encrypted with the same client-key - with each other. This change fixes this issue by updating the key-encryption-key derivation to include: - the domain (in this case SSE-C) - a canonical object path representation - the encryption & key derivation algorithm Changing the object path now causes the KDF to derive a different key-encryption-key such that the object-key unsealing fails. Including the domain (SSE-C) and encryption & key derivation algorithm is not directly neccessary for this fix. However, both will be included for the SSE-S3 KDF. So they are included here to avoid updating the KDF again when we add SSE-S3. The leagcy KDF 'DARE-SHA256' is only used for existing objects and never for new objects / key rotation.		2018-07-09 17:18:28 -07:00
..
doc.go	fix object rebinding SSE-C security guarantee violation (#6121)	2018-07-09 17:18:28 -07:00
error.go	new package: cmd/crypto (#6062)	2018-06-28 12:47:42 -07:00
header.go	new package: cmd/crypto (#6062)	2018-06-28 12:47:42 -07:00
header_test.go	new package: cmd/crypto (#6062)	2018-06-28 12:47:42 -07:00
key.go	new package: cmd/crypto (#6062)	2018-06-28 12:47:42 -07:00
key_test.go	new package: cmd/crypto (#6062)	2018-06-28 12:47:42 -07:00
sse.go	new package: cmd/crypto (#6062)	2018-06-28 12:47:42 -07:00