openstack/swift
Code Issues Proposed changes

Add encrypter and decrypter links to middleware.rst

Browse Source 
Drive-by fix for crypto filter_factory test.

Add note to encryption doc to highlight that root secret
should not be changed (follow up on earlier review comment).

Co-Authored-By: Tim Burke <tim.burke@gmail.com>

Change-Id: I9776cddd4d045408325342983e285a00c992bfae
This commit is contained in:
Alistair Coles 2016-07-01 14:39:35 +01:00
parent 9045f33869
commit ffaef489c6
4 changed files with 70 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
doc/source/middleware.rst
View File

@ -101,10 +101,21 @@ the DLO docs for :ref:`dlo-doc` further details.
Encryption Encryption
========== ==========
Encryption middleware should be deployed in conjunction with the
:ref:`keymaster` middleware.
.. automodule:: swift.common.middleware.crypto .. automodule:: swift.common.middleware.crypto
:members: :members:
:show-inheritance: :show-inheritance:
.. automodule:: swift.common.middleware.crypto.encrypter
:members:
:show-inheritance:
.. automodule:: swift.common.middleware.crypto.decrypter
:members:
:show-inheritance:
.. _formpost: .. _formpost:
FormPost FormPost
@ -132,9 +143,14 @@ Healthcheck
:members: :members:
:show-inheritance: :show-inheritance:
.. _keymaster:
Keymaster Keymaster
========= =========
Keymaster middleware should be deployed in conjunction with the
:ref:`encryption` middleware.
.. automodule:: swift.common.middleware.crypto.keymaster .. automodule:: swift.common.middleware.crypto.keymaster
:members: :members:
:show-inheritance: :show-inheritance:

5
doc/source/overview_encryption.rst
View File

@ -102,6 +102,11 @@ been chosen because it is the length of a base-64 encoded 32 byte value.
should not be stored on any disk that is in any account, container or should not be stored on any disk that is in any account, container or
object ring. object ring.
The ``encryption_root_secret`` value should not be changed once deployed.
Doing so would prevent Swift from properly decrypting data that was
encrypted using the former value, and would therefore result in the loss of
that data.
One method for generating a suitable value for ``encryption_root_secret`` is to One method for generating a suitable value for ``encryption_root_secret`` is to
use the ``openssl`` command line tool:: use the ``openssl`` command line tool::

3
swift/common/middleware/crypto/__init__.py
View File

@ -14,7 +14,8 @@
# limitations under the License. # limitations under the License.
""" """
Implements middleware for object encryption which comprises an instance of a Implements middleware for object encryption which comprises an instance of a
Decrypter combined with an instance of an Encrypter. :class:`~swift.common.middleware.crypto.decrypter.Decrypter` combined with an
instance of an :class:`~swift.common.middleware.crypto.encrypter.Encrypter`.
""" """
from swift.common.middleware.crypto.decrypter import Decrypter from swift.common.middleware.crypto.decrypter import Decrypter
from swift.common.middleware.crypto.encrypter import Encrypter from swift.common.middleware.crypto.encrypter import Encrypter

63
test/unit/common/middleware/crypto/test_crypto.py
View File

@ -13,6 +13,7 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
import unittest import unittest
import mock
from swift.common import utils from swift.common import utils
from swift.common.middleware import crypto from swift.common.middleware import crypto
@ -20,20 +21,50 @@ from swift.common.middleware import crypto
class TestCrypto(unittest.TestCase): class TestCrypto(unittest.TestCase):
def test_filter_factory(self): def test_filter_factory(self):
factory = crypto.filter_factory({}) def do_test(conf, expect_enabled):
self.assertTrue(callable(factory)) fake_app = object()
self.assertIsInstance(factory({}), crypto.decrypter.Decrypter)
self.assertIsInstance(factory({}).app, crypto.encrypter.Encrypter)
self.assertIn('encryption', utils._swift_admin_info)
self.assertDictEqual(
{'enabled': True}, utils._swift_admin_info['encryption'])
self.assertNotIn('encryption', utils._swift_info)
factory = crypto.filter_factory({'disable_encryption': True}) with mock.patch.dict('swift.common.utils._swift_admin_info',
self.assertTrue(callable(factory)) clear=True):
self.assertIsInstance(factory({}), crypto.decrypter.Decrypter) # we're not expecting utils._swift_info to be modified but mock
self.assertIsInstance(factory({}).app, crypto.encrypter.Encrypter) # it anyway just in case it is
self.assertIn('encryption', utils._swift_admin_info) with mock.patch.dict('swift.common.utils._swift_info',
self.assertDictEqual( clear=True):
{'enabled': False}, utils._swift_admin_info['encryption']) # Sanity checks...
self.assertNotIn('encryption', utils._swift_info) self.assertNotIn('encryption', utils._swift_admin_info)
self.assertNotIn('encryption',
utils.get_swift_info(admin=True))
self.assertNotIn('encryption',
utils.get_swift_info(admin=True)['admin'])
factory = crypto.filter_factory(conf)
self.assertTrue(callable(factory))
filtered_app = factory(fake_app)
self.assertNotIn('encryption', utils._swift_info)
self.assertNotIn('encryption', utils.get_swift_info())
self.assertNotIn('encryption',
utils.get_swift_info(admin=True))
self.assertIn('encryption', utils._swift_admin_info)
self.assertDictEqual({'enabled': expect_enabled},
utils._swift_admin_info['encryption'])
self.assertIn('encryption',
utils.get_swift_info(admin=True)['admin'])
self.assertDictEqual(
{'enabled': expect_enabled},
utils.get_swift_info(
admin=True)['admin']['encryption'])
self.assertIsInstance(filtered_app, crypto.decrypter.Decrypter)
self.assertIsInstance(filtered_app.app, crypto.encrypter.Encrypter)
self.assertIs(filtered_app.app.app, fake_app)
# default enabled
do_test({}, True)
# explicitly enabled
do_test({'disable_encryption': False}, True)
# explicitly disabled
do_test({'disable_encryption': True}, False)