You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
not an issue but thought i'd add it here incase anyone is interested.
a bit ago if fiddled with ocicrypt key providers and came up with basic (alpha quality, charitably) ways to support ocicrypt with KMS (GCP for now) and TPM
allows you to encrypt an image remotely with a TPM's endorsement publicc key (EKPub). image is encrypted in such a way that it can only get decrypted on that tpm that owns the EK. You can also encrypt it remotely such that the target machine is in a specific state (as described by PCR values)
The text was updated successfully, but these errors were encountered:
not an issue but thought i'd add it here incase anyone is interested.
a bit ago if fiddled with ocicrypt key providers and came up with basic (alpha quality, charitably) ways to support ocicrypt with KMS (GCP for now) and TPM
https://github.com/salrashid123/ocicrypt-kms-keyprovider
allows you to encrypt a layer with GCP KMS
https://github.com/salrashid123/ocicrypt-tpm-keyprovider
allows you to encrypt an image remotely with a TPM's endorsement publicc key (EKPub). image is encrypted in such a way that it can only get decrypted on that tpm that owns the EK. You can also encrypt it remotely such that the target machine is in a specific state (as described by PCR values)
The text was updated successfully, but these errors were encountered: