Use one set of encryption keys on all shards for match key encryption #1474
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This almost completes the setup for TLS/encryption infrastructure with one major exception - match key encryption keys are not re-used across shards. I have a PR almost ready, but decided to split that functionality to make PR somewhat revieweable
This takes the simplest approach of overwriting the key files after creating them. Unfortunately there is no easy way to test this without writing a new protocol, so we'll wait until Hybrid comes into play. In the meantime I tested it manually to make sure files get overwritten ```bash running 1 test generating configuration for 3 shards in /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb ... ❯ cmp /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard0/h1_mk.key /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard1/h1_mk.key ❯ cmp /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard0/h1_mk.key /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard1/h2_mk.key /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard0/h1_mk.key /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard1/h2_mk.key differ: char 1, line 1 ❯ cmp /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard0/h1_mk.key /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard2/h1_mk.key ❯ cmp /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard0/h2_mk.key /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard2/h2_mk.key cmp /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard0/h3_mk.pub /var/folders/n2/wgkrrbd57173j9dvy8bdjcvw0000gn/T/.tmpCMhgQb/shard2/h3_mk.pub ```
akoshelev
changed the title
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #1474 +/- ##
==========================================
- Coverage 93.86% 93.85% -0.01%
==========================================
Files 235 235
Lines 42451 42453 +2
==========================================
Hits 39845 39845
- Misses 2606 2608 +2 ☔ View full report in Codecov by Sentry. |
eriktaubeneck
approved these changes
Dec 4, 2024
cberkhoff
approved these changes
Dec 4, 2024
| for dest_shard in 1..args.shard_count() { | ||
| let dest_shard_dir = args.output_dir.join(shard_conf_folder(dest_shard)); | ||
| for helper_id in 1..=3 { | ||
| fs::copy( |
There was a problem hiding this comment.
the previous version of this code just referred to the leader shards conf. We need to have an actual copy of the files?
There was a problem hiding this comment.
I think the previous version didn't really work because it hasn't created the appropriate files for all shards to be initialized correctly. The structure was something like this
shard0/
h1.pem
shard1/
h2.pem
...instead of
shard0/
h1.pem,
h2.pem,
h3.pem
...as each shard needs its own configuration to be complete, they need to have access to encryption keys in their folder
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This builds on top #1473 and only adds this commit
This takes the simplest approach of overwriting the key files after
creating them. Unfortunately there is no easy way to test this without
writing a new protocol, so we'll wait until Hybrid comes into play.
In the meantime I tested it manually to make sure files get overwritten