MCPcopy
hub / github.com/seaweedfs/seaweedfs / GenerateDataKeyForBucket

Method GenerateDataKeyForBucket

weed/kms/config.go:400–413  ·  view source on GitHub ↗

GenerateDataKeyForBucket generates a data key using the appropriate KMS provider for a bucket

(ctx context.Context, bucket, keyID string, keySpec KeySpec, encryptionContext map[string]string)

Source from the content-addressed store, hash-verified

398
399// GenerateDataKeyForBucket generates a data key using the appropriate KMS provider for a bucket
400func (km *KMSManager) GenerateDataKeyForBucket(ctx context.Context, bucket, keyID string, keySpec KeySpec, encryptionContext map[string]string) (*GenerateDataKeyResponse, error) {
401 provider, err := km.GetKMSProvider(bucket)
402 if err != nil {
403 return nil, fmt.Errorf("failed to get KMS provider for bucket %s: %w", bucket, err)
404 }
405
406 req := &GenerateDataKeyRequest{
407 KeyID: keyID,
408 KeySpec: keySpec,
409 EncryptionContext: encryptionContext,
410 }
411
412 return provider.GenerateDataKey(ctx, req)
413}
414
415// DecryptForBucket decrypts a data key using the appropriate KMS provider for a bucket
416func (km *KMSManager) DecryptForBucket(ctx context.Context, bucket string, ciphertextBlob []byte, encryptionContext map[string]string) (*DecryptResponse, error) {

Callers 1

Calls 2

GetKMSProviderMethod · 0.95
GenerateDataKeyMethod · 0.65

Tested by 1