Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Google Cloud KMS support #1799

Open
RJPercival opened this issue Sep 4, 2019 · 1 comment
Open

Add Google Cloud KMS support #1799

RJPercival opened this issue Sep 4, 2019 · 1 comment
Labels
feature help wanted

Comments

@RJPercival
Copy link
Contributor

A keys.ProtoHandler and associated protobuf message should be defined to support private keys stored in Google Cloud KMS. This would provide more secure storage for tree private keys than storing them in an encrypted file on the server or as plain text in the database. See https://cloud.google.com/kms/docs/create-validate-signatures for information on integrating with Google Cloud KMS.
@pav-kv
Copy link
Contributor

pav-kv commented Sep 11, 2019

@gdbelvin recommends using tink.

@rolandshoemaker rolandshoemaker mentioned this issue Dec 3, 2019
Open
NatalieDoduc added a commit to NatalieDoduc/trillian that referenced this issue Dec 17, 2019
@NatalieDoduc
Add dependency on tink v1.3.0-rc2
e56fdb4 
As pre-amble to Issue google#1799: Add Google Cloud KMS support, for which it
was recommended to use `tink`.

Ran:
`go get github.com/google/tink/go/...@v1.3.0-rc2`
`go mod tidy`
@NatalieDoduc NatalieDoduc mentioned this issue Dec 17, 2019
Closed
2 tasks
@NatalieDoduc NatalieDoduc removed their assignment Mar 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@RJPercival @pav-kv @paulmattei @NatalieDoduc