revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-25 08:12:40 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/files/management
History
epriestley 67084a6953 Support AES256 at-rest encryption in Files 
Summary:
Ref T11140. This makes encryption actually work:

  - Provide a new configuation option, `keyring`, for specifying encryption keys.
  - One key may be marked as `default`. This activates AES256 encryption for Files.
  - Add `bin/files generate-key`. This is helps when generating valid encryption keys.
  - Add `bin/files encode`. This changes the storage encoding of a file, and helps test encodings and migrate existing data.
  - Add `bin/files cycle`. This re-encodes the block key with a new master key, if your master key leaks or you're just paraonid.
  - Document all these options and behaviors.

Test Plan:
  - Configured a bad `keyring`, hit a bunch of different errors.
  - Used `bin/files generate-key` to try to generate bad keys, got appropriate errors ("raw doesn't support keys", etc).
  - Used `bin/files generate-key` to generate an AES256 key.
  - Put the new AES256 key into the `keyring`, without `default`.
  - Uploaded a new file, verified it still uploaded as raw data (no `default` key yet).
  - Used `bin/files encode` to change a file to ROT13 and back to raw. Verified old data got deleted and new data got stored properly.
  - Used `bin/files encode --key ...` to explicitly convert a file to AES256 with my non-default key.
  - Forced a re-encode of an AES256 file, verified the old data was deleted and a new key and IV were generated.
  - Used `bin/files cycle` to try to cycle raw/rot13 files, got errors.
  - Used `bin/files cycle` to cycle AES256 files. Verified metadata changed but file data did not. Verified file data was still decryptable with metadata.
  - Ran `bin/files cycle --all`.
  - Ran `encode` and `cycle` on chunked files, saw commands fail properly. These commands operate on the underlying data blocks, not the chunk metadata.
  - Set key to `default`, uploaded a file, saw it stored as AES256.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11140

Differential Revision: https://secure.phabricator.com/D16127
2016-06-16 08:08:56 -07:00
..
PhabricatorFilesManagementCatWorkflow.php phtize all the things 2015-05-22 21:16:39 +10:00
PhabricatorFilesManagementCompactWorkflow.php phtize all the things 2015-05-22 21:16:39 +10:00
PhabricatorFilesManagementCycleWorkflow.php Support AES256 at-rest encryption in Files 2016-06-16 08:08:56 -07:00
PhabricatorFilesManagementEncodeWorkflow.php Support AES256 at-rest encryption in Files 2016-06-16 08:08:56 -07:00
PhabricatorFilesManagementEnginesWorkflow.php phtize all the things 2015-05-22 21:16:39 +10:00
PhabricatorFilesManagementGenerateKeyWorkflow.php Support AES256 at-rest encryption in Files 2016-06-16 08:08:56 -07:00
PhabricatorFilesManagementMigrateWorkflow.php Swap S3 to first-party client 2016-01-10 07:55:27 -08:00
PhabricatorFilesManagementPurgeWorkflow.php phtize all the things 2015-05-22 21:16:39 +10:00
PhabricatorFilesManagementRebuildWorkflow.php phtize all the things 2015-05-22 21:16:39 +10:00
PhabricatorFilesManagementWorkflow.php phtize all the things 2015-05-22 21:16:39 +10:00