You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openwhisk.apache.org by dan McWeeney <mc...@adobe.com.INVALID> on 2019/11/26 21:41:20 UTC
Parameter Encryption
We have had some questions from users around how default parameters (action and package) are or are not encrypted at rest and as they move through the system. Today they are obviously not being encrypted and that has been an impediment to adoption for certain use cases ( especially web actions ).
I’ve gone ahead and taken a first shot at automatically encrypting parameters as they are updated / created in the system[0]. The PR change slightly how the parameters are stored in the DB to allow each parameter to be marked if it was encrypted and with what algorithm. This enables the system to handle existing unencrypted parameters but slowly “migrate” data to the new storage format. The parameters move over kafaka encrypted as well and aren’t decrypted until just before being sent to the action[1].
The code that handles the unpacking on the other side of kafka is a bit rough[2] due to how the action is serialized before being placed into kafka. Any thoughts on improving that would be appreciated, I didn’t want to go as far as changing the Kafka serialization if others weren’t interested in this kind of improvement.
The PR is still a bit of WIP as I sort out the packaging of the larger key sizes in java crypto, we wanted to use AES256 which I can’t seem to coax into the jar.
For those of you in the US, Happy Thanksgiving!
-d
[0] - https://github.com/apache/openwhisk/pull/4756
[1] - https://github.com/apache/openwhisk/pull/4756/files#diff-170ae706abad4ff6500ae12be05d0cbbR560
[2] - https://github.com/apache/openwhisk/pull/4756/files#diff-8f30685839e1972730a0ad128c316de0R268
Re: Parameter Encryption
Posted by Rodric Rabbah <ro...@gmail.com>.
Hi Dan. Are you creating a signing key per namespace and storing it with the identity record or using a global key? I haven’t looked at the PR yet.
-r
> On Nov 26, 2019, at 4:41 PM, dan McWeeney <mc...@adobe.com.invalid> wrote:
>
> We have had some questions from users around how default parameters (action and package) are or are not encrypted at rest and as they move through the system. Today they are obviously not being encrypted and that has been an impediment to adoption for certain use cases ( especially web actions ).
>
> I’ve gone ahead and taken a first shot at automatically encrypting parameters as they are updated / created in the system[0]. The PR change slightly how the parameters are stored in the DB to allow each parameter to be marked if it was encrypted and with what algorithm. This enables the system to handle existing unencrypted parameters but slowly “migrate” data to the new storage format. The parameters move over kafaka encrypted as well and aren’t decrypted until just before being sent to the action[1].
>
> The code that handles the unpacking on the other side of kafka is a bit rough[2] due to how the action is serialized before being placed into kafka. Any thoughts on improving that would be appreciated, I didn’t want to go as far as changing the Kafka serialization if others weren’t interested in this kind of improvement.
>
> The PR is still a bit of WIP as I sort out the packaging of the larger key sizes in java crypto, we wanted to use AES256 which I can’t seem to coax into the jar.
>
> For those of you in the US, Happy Thanksgiving!
>
> -d
>
> [0] - https://github.com/apache/openwhisk/pull/4756
> [1] - https://github.com/apache/openwhisk/pull/4756/files#diff-170ae706abad4ff6500ae12be05d0cbbR560
> [2] - https://github.com/apache/openwhisk/pull/4756/files#diff-8f30685839e1972730a0ad128c316de0R268
>