New code to use AWS KMS for bucket encryption, based on the KMIP implementation.
Add an optional "GenerateDataKey" function on the kms client API, only defined in the AWS KMS client. This new function is used in cloudserver when detected for the creation of a datakey. For others existing KMS implementations (KMIP, file, memory, ...) the behavior is unchanged.
Add AWS KMS client connector
New code to use AWS KMS for bucket encryption, based on the KMIP implementation.
Add an optional "GenerateDataKey" function on the kms client API, only defined in the AWS KMS client. This new function is used in cloudserver when detected for the creation of a datakey. For others existing KMS implementations (KMIP, file, memory, ...) the behavior is unchanged.
The following modifications are made:
Arsenal:
Cloudserver:
GenerateDataKey
function when available.