You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2021/04/02 01:34:33 UTC
[james-project] 06/08: JAMES-3524 Document blobStore encryption
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 8ead5fcf073a8bb426dc3e4a66431e32a7045dc6
Author: Benoit Tellier <bt...@linagora.com>
AuthorDate: Fri Mar 26 15:25:19 2021 +0700
JAMES-3524 Document blobStore encryption
---
.../pages/distributed/configure/blobstore.adoc | 27 ++++++++++++++++
src/site/xdoc/server/config-blobstore.xml | 36 +++++++++++++++++++++-
2 files changed, 62 insertions(+), 1 deletion(-)
diff --git a/docs/modules/servers/pages/distributed/configure/blobstore.adoc b/docs/modules/servers/pages/distributed/configure/blobstore.adoc
index 139c961..c256b13 100644
--- a/docs/modules/servers/pages/distributed/configure/blobstore.adoc
+++ b/docs/modules/servers/pages/distributed/configure/blobstore.adoc
@@ -35,6 +35,33 @@ Consequently, all the requested deletions will not be performed, meaning that bl
NOTE: If you are upgrading from James 3.5 or older, the deduplication was enabled.
+=== Encryption choice
+
+Data can be optionally encrypted with a symmetric key using AES before being stored in the blobStore. As many user relies
+on third party for object storage, a compromised third party will not escalate to a data disclosure. Of course, a
+performance price have to be paid, as encryption takes resources.
+
+*encryption.aes.enable* : Optional boolean, defaults to false.
+
+If AES encryption is enabled, then the following properties MUST be present:
+
+ - *encryption.aes.password* : String
+ - *encryption.aes.salt* : Hexadecimal string
+
+WARNING: Once chosen this choice can not be reverted, all the data is either clear or encrypted. Mixed encryption
+is not supported.
+
+Here is an example of how you can generate the above values (be mindful to customize the byte lengths in order to add
+enough entropy.
+
+....
+# Password generation
+openssl rand -base64 64
+
+# Salt generation
+generate salt with : openssl rand -hex 16
+....
+
=== Cassandra BlobStore Cache
A Cassandra cache can be enabled to reduce latency when reading small blobs frequently.
diff --git a/src/site/xdoc/server/config-blobstore.xml b/src/site/xdoc/server/config-blobstore.xml
index 92de092..15ae7b2 100644
--- a/src/site/xdoc/server/config-blobstore.xml
+++ b/src/site/xdoc/server/config-blobstore.xml
@@ -85,7 +85,41 @@
Maximum size of stored objects expressed in bytes.</dd>
</dl>
</subsection>
-
+ <subsection name="Encryption choice">
+ <p>
+ Data can be optionally encrypted with a symmetric key using AES before being stored in the blobStore. As many user relies
+ on third party for object storage, a compromised third party will not escalate to a data disclosure. Of course, a
+ performance price have to be paid, as encryption takes resources.
+ </p>
+ <dl>
+ <dt><strong>encryption.aes.enable</strong></dt>
+ <dd>Optional boolean, defaults to false</dd>
+ </dl>
+ <p>If AES encryption is enabled, then the following properties MUST be present:</p>
+ <dl>
+ <dt><strong>encryption.aes.password</strong></dt>
+ <dd>String</dd>
+ </dl>
+ <dl>
+ <dt><strong>encryption.aes.salt</strong></dt>
+ <dd>Hexadecimal string.</dd>
+ </dl>
+ <p><b>WARNING:</b> Once chosen this choice can not be reverted, all the data is either clear or encrypted. Mixed encryption
+ is not supported.</p>
+ <p>
+ Here is an example of how you can generate the above values (be mindful to customize the byte lengths in order to add
+ enough entropy.
+ </p>
+ <pre>
+ <code>
+# Password generation
+openssl rand -base64 64
+
+# Salt generation
+generate salt with : openssl rand -hex 16
+ </code>
+ </pre>
+ </subsection>
<subsection name="ObjectStorage BlobStore Buckets Configuration">
<dl>
<dt><strong>objectstorage.bucketPrefix</strong></dt>
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org