This is an automated email from the ASF dual-hosted git repository. rnewson pushed a commit to branch database_encryption in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 64a8bb3b07c80ad1885af325c4f03762895d02a4 Author: Robert Newson <[email protected]> AuthorDate: Tue May 24 16:06:35 2022 +0100 include filepath in key manager callbacks --- src/aegis/src/aegis_key_manager.erl | 16 ++++++++-------- src/aegis/src/aegis_key_manager_config.erl | 12 +++++++----- src/aegis/src/aegis_key_manager_noop.erl | 8 ++++---- src/couch/src/couch_file.erl | 21 +++++++++++++-------- 4 files changed, 32 insertions(+), 25 deletions(-) diff --git a/src/aegis/src/aegis_key_manager.erl b/src/aegis/src/aegis_key_manager.erl index 353b3cd65..de7bf3808 100644 --- a/src/aegis/src/aegis_key_manager.erl +++ b/src/aegis/src/aegis_key_manager.erl @@ -13,24 +13,24 @@ -module(aegis_key_manager). -export([ - wrap_key/1, - unwrap_key/1 + wrap_key/2, + unwrap_key/2 ]). -type dek() :: binary(). -type wek() :: binary(). --callback wrap_key(DataEncryptionKey :: dek()) -> +-callback wrap_key(Filepath :: binary(), DataEncryptionKey :: dek()) -> {ok, WrappedKey :: wek()} | dont_encrypt | {error, Reason :: term()}. --callback unwrap_key(WrappedKey :: wek()) -> +-callback unwrap_key(Filepath :: binary(), WrappedKey :: wek()) -> {ok, DataEncryptionKey :: dek()} | {error, Reason :: term()}. -wrap_key(DataEncryptionKey) -> - ?AEGIS_KEY_MANAGER:wrap_key(DataEncryptionKey). +wrap_key(Filepath, DataEncryptionKey) -> + ?AEGIS_KEY_MANAGER:wrap_key(Filepath, DataEncryptionKey). -unwrap_key(WrappedKey) -> - ?AEGIS_KEY_MANAGER:unwrap_key(WrappedKey). +unwrap_key(Filepath, WrappedKey) -> + ?AEGIS_KEY_MANAGER:unwrap_key(Filepath, WrappedKey). diff --git a/src/aegis/src/aegis_key_manager_config.erl b/src/aegis/src/aegis_key_manager_config.erl index a52de335a..a1c8cefbf 100644 --- a/src/aegis/src/aegis_key_manager_config.erl +++ b/src/aegis/src/aegis_key_manager_config.erl @@ -14,16 +14,18 @@ -behaviour(aegis_key_manager). -export([ - wrap_key/1, - unwrap_key/1 + wrap_key/2, + unwrap_key/2 ]). -wrap_key(DataEncryptionKey) when is_binary(DataEncryptionKey) -> +wrap_key(_Filepath, DataEncryptionKey) when is_binary(DataEncryptionKey) -> {ok, WrappingKeyId, WrappingKey} = current_wrapping_key(), WrappedKey = aegis:wrap_key(WrappingKey, [WrappingKeyId], DataEncryptionKey), {ok, <<(byte_size(WrappingKeyId)):8, WrappingKeyId/binary, WrappedKey/binary>>}. -unwrap_key(<<WrappingKeyIdLen:8, WrappingKeyId:WrappingKeyIdLen/binary, WrappedKey/binary>>) -> +unwrap_key( + _Filepath, <<WrappingKeyIdLen:8, WrappingKeyId:WrappingKeyIdLen/binary, WrappedKey/binary>> +) -> case wrapping_key(WrappingKeyId) of {ok, WrappingKeyId, WrappingKey} -> case aegis:unwrap_key(WrappingKey, [WrappingKeyId], WrappedKey) of @@ -35,7 +37,7 @@ unwrap_key(<<WrappingKeyIdLen:8, WrappingKeyId:WrappingKeyIdLen/binary, WrappedK {error, Reason} -> {error, Reason} end; -unwrap_key(_) -> +unwrap_key(_, _) -> {error, invalid_key}. current_wrapping_key() -> diff --git a/src/aegis/src/aegis_key_manager_noop.erl b/src/aegis/src/aegis_key_manager_noop.erl index 757dfd183..8e1a3f540 100644 --- a/src/aegis/src/aegis_key_manager_noop.erl +++ b/src/aegis/src/aegis_key_manager_noop.erl @@ -14,12 +14,12 @@ -behaviour(aegis_key_manager). -export([ - wrap_key/1, - unwrap_key/1 + wrap_key/2, + unwrap_key/2 ]). -wrap_key(_DataEncryptionKey) -> +wrap_key(_Filepath, _DataEncryptionKey) -> dont_encrypt. -unwrap_key(_DataEncryptionKey) -> +unwrap_key(_Filepath, _DataEncryptionKey) -> {error, encryption_not_supported}. diff --git a/src/couch/src/couch_file.erl b/src/couch/src/couch_file.erl index 888c665ea..153dbd422 100644 --- a/src/couch/src/couch_file.erl +++ b/src/couch/src/couch_file.erl @@ -469,7 +469,9 @@ init({Filepath, Options, ReturnPid, Ref}) -> ok = file:sync(Fd), maybe_track_open_os_files(Options), erlang:send_after(?INITIAL_WAIT, self(), maybe_close), - init_crypto(#file{fd = Fd, is_sys = IsSys, pread_limit = Limit}); + init_crypto(Filepath, #file{ + fd = Fd, is_sys = IsSys, pread_limit = Limit + }); false -> ok = file:close(Fd), init_status_error(ReturnPid, Ref, {error, eexist}) @@ -477,7 +479,9 @@ init({Filepath, Options, ReturnPid, Ref}) -> false -> maybe_track_open_os_files(Options), erlang:send_after(?INITIAL_WAIT, self(), maybe_close), - init_crypto(#file{fd = Fd, is_sys = IsSys, pread_limit = Limit}) + init_crypto(Filepath, #file{ + fd = Fd, is_sys = IsSys, pread_limit = Limit + }) end; Error -> init_status_error(ReturnPid, Ref, Error) @@ -494,7 +498,7 @@ init({Filepath, Options, ReturnPid, Ref}) -> maybe_track_open_os_files(Options), {ok, Eof} = file:position(Fd, eof), erlang:send_after(?INITIAL_WAIT, self(), maybe_close), - init_crypto(#file{ + init_crypto(Filepath, #file{ fd = Fd, eof = Eof, is_sys = IsSys, pread_limit = Limit }); Error -> @@ -599,7 +603,8 @@ handle_call({truncate, Pos}, _From, #file{fd = Fd} = File) -> {ok, Pos} = file:position(Fd, Pos), case file:truncate(Fd) of ok -> - case init_crypto(File#file{eof = Pos}) of + {_Fd, Filepath} = get(couch_file_fd), + case init_crypto(Filepath, File#file{eof = Pos}) of {ok, File1} -> {reply, ok, File1}; {error, Reason} -> @@ -943,10 +948,10 @@ reset_eof(#file{} = File) -> File#file{eof = Eof}. %% new file or we've wiped all the data, including the wrapped key, so we need a new one. -init_crypto(#file{eof = 0} = File0) -> +init_crypto(Filepath, #file{eof = 0} = File0) -> DataEncryptionKey = crypto:strong_rand_bytes(32), IV = crypto:strong_rand_bytes(16), - case aegis_key_manager:wrap_key(DataEncryptionKey) of + case aegis_key_manager:wrap_key(Filepath, DataEncryptionKey) of {ok, WrappedKey} -> case write_encryption_header(File0, WrappedKey, IV) of {ok, File1} -> @@ -961,10 +966,10 @@ init_crypto(#file{eof = 0} = File0) -> {error, Reason} end; %% we're opening an existing file and need to unwrap the key if file is encrypted. -init_crypto(#file{eof = Pos, key = undefined} = File) when Pos > 0 -> +init_crypto(Filepath, #file{eof = Pos, key = undefined} = File) when Pos > 0 -> case read_encryption_header(File) of {ok, WrappedKey, IV} -> - case aegis_key_manager:unwrap_key(WrappedKey) of + case aegis_key_manager:unwrap_key(Filepath, WrappedKey) of {ok, DataEncryptionKey} -> {ok, init_crypto(File, DataEncryptionKey, IV)}; {error, Reason} ->
