Roman Loginov
a725c68d06
Salt is used when generating encryption keys for data (tokens) in the access box. Now frostfs-s3-authmate always derivation an encryption key with salt. Signed-off-by: Roman Loginov <r.loginov@yadro.com>
46 lines
No EOL
1.1 KiB
Text
46 lines
No EOL
1.1 KiB
Text
@startuml
|
|
|
|
package AccessBox {
|
|
map Tokens {
|
|
SecretKey => Private key
|
|
BearerToken => Encoded bearer token
|
|
SessionTokens => List of encoded session tokens
|
|
}
|
|
|
|
map Gate {
|
|
GateKey => Encoded public gate key
|
|
Encrypted tokens *--> Tokens
|
|
EncryptionKeySalt => Salt for derivation the encryption key
|
|
}
|
|
|
|
map ContainerPolicy {
|
|
LocationConstraint => Policy name
|
|
PlacementPolicy => Encoded placement policy
|
|
}
|
|
|
|
map Box {
|
|
SeedKey => Encoded public seed key
|
|
List of Gates *--> Gate
|
|
List of container policies *--> ContainerPolicy
|
|
IsCustom => True if SecretKey was imported and must be treated as it is
|
|
}
|
|
|
|
|
|
map ObjectAttributes {
|
|
Timestamp => 1710418478
|
|
_~_SYSTEM_~_EXPIRATION_EPOCH => 10801
|
|
S3-CRDT-Versions-Add => 5ZNvs8WVwy1XTmSEkcVkydPKzCgtmR7U3zyLYTj3Snxf,9bLtL1EsUpuSiqmHnqFf6RuT6x5QMLMNBqx7vCcCcNhy
|
|
S3-Access-Box-CRDT-Name => 2XGRML5EW3LMHdf64W2DkBy1Nkuu4y4wGhUj44QjbXBi05ZNvs8WVwy1XTmSEkcVkydPKzCgtmR7U3zyLYTj3Snxf
|
|
FilePath => 1710418478_access.box
|
|
}
|
|
|
|
map FrostFSObject {
|
|
Header *-> ObjectAttributes
|
|
Payload *--> Box
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
@enduml |