Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Google Cloud KMS support #1799

Open
RJPercival opened this issue Sep 4, 2019 · 1 comment
Open

Add Google Cloud KMS support #1799

RJPercival opened this issue Sep 4, 2019 · 1 comment

Comments

@RJPercival
Copy link
Contributor

A keys.ProtoHandler and associated protobuf message should be defined to support private keys stored in Google Cloud KMS. This would provide more secure storage for tree private keys than storing them in an encrypted file on the server or as plain text in the database. See https://cloud.google.com/kms/docs/create-validate-signatures for information on integrating with Google Cloud KMS.

@RJPercival RJPercival added this to Needs triage in Trillian via automation Sep 4, 2019
@pav-kv pav-kv moved this from Needs triage to Low priority in Trillian Sep 11, 2019
@pav-kv pav-kv moved this from Low priority to High priority in Trillian Sep 11, 2019
@pav-kv
Copy link
Contributor

pav-kv commented Sep 11, 2019

@gdbelvin recommends using tink.

@pav-kv pav-kv moved this from High priority to Low priority in Trillian Sep 11, 2019
@paulmattei paulmattei moved this from Low priority to High priority in Trillian Dec 10, 2019
NatalieDoduc added a commit to NatalieDoduc/trillian that referenced this issue Dec 17, 2019
As pre-amble to Issue google#1799: Add Google Cloud KMS support, for which it
was recommended to use `tink`.

Ran:
`go get github.com/google/tink/go/...@v1.3.0-rc2`
`go mod tidy`
@paulmattei paulmattei moved this from Backlog to Assigned in Trillian Mar 5, 2020
@NatalieDoduc NatalieDoduc removed their assignment Mar 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Trillian
  
Assigned
Development

No branches or pull requests

4 participants