You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2021/02/05 15:44:36 UTC

[GitHub] [pulsar] weibetter opened a new issue #9495: [pulsar-client-cpp] ProducerConfiguration's addEncryptionKey really not adding encryption.

weibetter opened a new issue #9495:
URL: https://github.com/apache/pulsar/issues/9495


   #### Expected behavior
   
   Tell us what should happen:
   While waiting for the DefaultCryptoKeyReader, I follow the https://pulsar.apache.org/docs/en/security-encryption/ page by implementing the RawFileKeyReader in cpp. By including the setCryptoKeyReader and addEncryptionKey, the producerconfiguration.isEncryptedEnabled returns True. Then calling the client.createProducer(topic, config, producer), the Pulsar Serve should allow the creation of Producer.
   
   #### Actual behavior
   
   INFORM----PULSARMain.cc:0234:05/02/21 10:28:13 > Encryption is enabled
   
   Tell us what happens instead:
   2021-02-05 10:28:13.714 WARN  [] ClientConnection:960 | [] Received error response from server: BrokerMetadataError -- req_id: 0
   
   10:28:13.713 [bookkeeper-ml-workers-OrderedExecutor-0-0] WARN  org.apache.pulsar.broker.service.ServerCnx - [] Encryption is required in persistent://public/default/testing_topic
   
   
   #### Steps to reproduce
   
   How can we reproduce the issue:
   
   `class RawFileKeyReader : public CryptoKeyReader {
         private:
             std::string msPublicKeyFile = "";
             std::string msPrivateKeyFile = "";
   
       public:
           RawFileKeyReader(std::string pubKeyFile, std::string privKeyFile);
           ~RawFileKeyReader();
           Result getPublicKey(const std::string& keyName, std::map<std::string, std::string>& keyMeta, EncryptionKeyInfo& encKeyInfo) const;
           Result getPrivateKey(const std::string& keyName, std::map<std::string, std::string>& keyMeta, EncryptionKeyInfo& encKeyInfo) const;
           
           void readFile(std::string fileName, std::string& fileContents) const;
       };
   
   RawFileKeyReader::RawFileKeyReader(std::string pubKeyFile, std::string privKeyFile) {
           msPrivateKeyFile = privKeyFile;
           msPublicKeyFile = pubKeyFile;
       }
   
       RawFileKeyReader::~RawFileKeyReader() {
   
       }
   
       Result RawFileKeyReader::getPublicKey(const std::string& keyName, std::map<std::string, std::string>& keyMeta, EncryptionKeyInfo& encKeyInfo) const {
           std::string keyContents;
           readFile(msPublicKeyFile, keyContents);
           encKeyInfo.setKey(keyContents);
           return ResultOk;
       }
   
       Result RawFileKeyReader::getPrivateKey(const std::string& keyName, std::map<std::string, std::string>& keyMeta, EncryptionKeyInfo& encKeyInfo) const {
           std::string keyContents;
           readFile(msPrivateKeyFile, keyContents);
           encKeyInfo.setKey(keyContents);
           return ResultOk;
       }
   
       void RawFileKeyReader::readFile(std::string fileName, std::string& fileContents) const {
           std::ifstream ifs(fileName);
           std::stringstream fileStream;
           fileStream << ifs.rdbuf();
           fileContents = fileStream.str();
       }
   
   
       // Local instance
       std::string hostname = "localhost";
   
       // Without SSL
       std::string port = "6650";
   
       // Topic
       std::string topic = "testing_topic";
   
       ClientConfiguration cconfig;
   
       // Create a client - add +ssl after pulsar to enable SSL
       Client client("pulsar://" + hostname + ":" + port + "/", cconfig);
       
       // Create ProducerConfiguration
       ProducerConfiguration pcconfig;
       int iCurrentSendTimeout = pcconfig.getSendTimeout();
       int iMaxPendingMessages = pcconfig.getMaxPendingMessages();
       unsigned int iMaxBatchingMessages = pcconfig.getBatchingMaxMessages();
       bool bIsBatchingEnabled = pcconfig.getBatchingEnabled();
       std::string sboolIsBatchingEnabled = "False";
       if (bIsBatchingEnabled) {
           sboolIsBatchingEnabled = "True";
       } else {
           sboolIsBatchingEnabled = "False";
       }
   
       // Change configuration
       pcconfig.setMaxPendingMessages(5000);
       iMaxPendingMessages = pcconfig.getMaxPendingMessages();
   
       pcconfig.setBatchingMaxMessages(5000);
       iMaxBatchingMessages = pcconfig.getBatchingMaxMessages();
   
       int iBatchingMaxPublishDelayMs = pcconfig.getBatchingMaxPublishDelayMs();
       
       pcconfig.setBatchingEnabled(true);
       pcconfig.setBatchingMaxPublishDelayMs(50000);
       pcconfig.setPartitionsRoutingMode(pcconfig.RoundRobinDistribution);
   
       pcconfig.setCompressionType(CompressionLZ4);
   
       // From github pulsar -- Seems to work and not longer fail to load the public key
       std::string privateKeyFile = "./private-key.client-rsa.pem";
       std::string publicKeyFile = "./public-key.client-rsa.pem";
   
       
       CryptoKeyReaderPtr sp(new RawFileKeyReader(publicKeyFile, privateKeyFile));
       pcconfig.addEncryptionKey("client-rsa.pem");
       pcconfig.setCryptoKeyReader(sp);
   
   
       // Create producer
       Producer producer;
       Result result = client.createProducer(topic, pcconfig, producer);
       
   
       // Getting the sample json data with 50 events as usage array of objects
       char data[10000];
   
       ifstream infile;
       infile.open("./json.txt", ios::in);
       std::string tp;
   
       while (getline(infile, tp)) {
           Message msg = MessageBuilder().setContent(tp + to_string(count)).build();
   
           Result res = producer.send(msg);
           if (res == ResultOk) {
               count = count + 1;
           } else if (res != ResultOk) {
           }
       }
   
       infile.close();
       producer.flush();
       client.close();
   '
   
   #### System configuration
   **Pulsar version**: 2.70 Prebuilt Linux.rpm
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] BewareMyPower commented on issue #9495: [pulsar-client-cpp] ProducerConfiguration's addEncryptionKey really not adding encryption.

Posted by GitBox <gi...@apache.org>.

BewareMyPower commented on issue #9495:
URL: https://github.com/apache/pulsar/issues/9495#issuecomment-775831192


   Could you follow the [tests](https://github.com/apache/pulsar/pull/9074/files#diff-4864d6f442c0448dfa305af4f15c52d5f6f008f4779c535a5953b8a411c104f4) and try the `DefaultCryptoKeyReader`?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] sijie closed issue #9495: [pulsar-client-cpp] ProducerConfiguration's addEncryptionKey really not adding encryption.

Posted by GitBox <gi...@apache.org>.

sijie closed issue #9495:
URL: https://github.com/apache/pulsar/issues/9495


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org