Add a wrapping key to encrypt/ decrypt operations
Right now, secrets are passed from clients to the Barbican server encrypted only be SSL. In Common Criteria environments, this is insufficient. Secrets need to be additonally encrypted at the point of origin, and ideally only decrypted where the secret will be stored. In a case where a hardware token is used, this would be on the token, so that even if an attacker gains access to the Barbican server and introspects the process memory, no secrets can be deciphered. This blueprint discusses the changes needed on the server side to implement this feature.
Blueprint information
- Status:
- Complete
- Approver:
- Douglas Mendizábal
- Priority:
- Medium
- Drafter:
- Ade Lee
- Direction:
- Approved
- Assignee:
- Ade Lee
- Definition:
- Approved
- Series goal:
- Accepted for juno
- Implementation:
-
Implemented
- Milestone target:
-
juno-3
- Started by
- Douglas Mendizábal
- Completed by
- Douglas Mendizábal
Related branches
Related bugs
Sprints
Whiteboard
An etherpad has been added for the review of this blueprint:
https:/
Gerrit topic: https:/
Addressed by: https:/
Add TransportKey as a resource
Addressed by: https:/
code to retrieve transport key on metadata request
Addressed by: https:/
Code to pass through transport_key_id when storing secret
Addressed by: https:/
Add code to retrieve secrets metadata and data with transport key
