internal: use go-kms-wrapping for KMS backends (#1012)

* Replace external KMS backend logic for AWS, Azure, and GCP with go-kms-wrapping * Move kms client setup config into its own package for easier parsing * Update kms integration flag naming * Error if nil storage is passed to external KMS --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-08-14 09:45:34 -04:00 · 2023-02-08 12:03:54 +01:00 · 2023-02-08 12:03:54 +01:00 · 3a7b829107
commit 3a7b829107
parent 68ce23b909
36 changed files with 1319 additions and 3121 deletions
--- a/internal/kms/kms/cluster/cluster_test.go
+++ b/internal/kms/kms/cluster/cluster_test.go
@ -103,8 +103,7 @@ func TestVectorsHKDF(t *testing.T) {
 				assert.Error(err)
 				return
 			}
-			assert.NoError(err)
-			require.NoError(kms.CreateKEK(context.Background(), "", tc.kek))
+			require.NoError(err)

 			out, err := kms.GetDEK(context.Background(), tc.dekID, int(tc.dekSize))
 			require.NoError(err)