Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement DARE 2.0 #20

Merged
merged 9 commits into from Mar 1, 2018
Merged

Implement DARE 2.0 #20

merged 9 commits into from Mar 1, 2018

Conversation

aead
Copy link
Member

@aead aead commented Feb 24, 2018
edited by harshavardhana

This change adds a DARE 2.0 implementation for en/decrypting io.Reader and io.Writer. Further it adds a generic decrypted reader/writer to handle 1.0/2.0 compatibility.

  • The default for encrypting io.Reader/io.Writer is DARE 2.0
  • The default for decrypting io.Reader/io.Writer is DARE 1.0 and 2.0. (backward compatible)

This change also separates the DARE implementations from the io.Reader/io.Writer
implementations to make reasoning about the code easier. As part of this separation
this change adds new test vectors for DARE 1.0 and 2.0.

Fixes #16

Andreas Auernhammer added 5 commits February 24, 2018 17:06
[WIP] add 1.1 io.Writer implementation
5dd3837
move AES-NI code to internal package
a085f08 
This change moves the platform specific code for AES hardware
support detection to a separate internal package.
refactor v1.0 implementation
e6a2a40 
This change refactors the v1.0 implementation by separating
the Sealing/Opening functionallity from the reading/writing.

This makes reasoning about / reviewing the code simpler.
add DARE 2.0 implementation
adf4011 
This change adds a DARE 2.0 implementation for en/decrypting
io.Reader and io.Writer. Further it adds a generic decrypted
reader/writer to handle 1.0/2.0 compatability.
The default for encrypting io.Reader/io.Writer is DARE 2.0
The default for decrypting io.Reader/io.Writer is DARE 1.0 and 2.0. (backward compatible)

This change also separates the DARE implementations from the io.Reader/io.Writer
implementations to make reasoning about the code easier. As part of this separation
this change adds new test vectors for DARE 1.0 and 2.0.

Fixes #16
upgrade CI go versions
742ed57
@aead aead self-assigned this Feb 24, 2018
@harshavardhana
Copy link
Member

Will test this today @aead with the new encryption support in server. Is there anything specific that needs to be done or should this be just a drop in replacement?

harshavardhana
harshavardhana requested changes Feb 27, 2018
View reviewed changes
Copy link
Member

@harshavardhana harshavardhana left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Few questions i have are this

  • Should we still allow users to specify the version such that they can use Dare 1.0 ? if yes then why? - IMO we shouldn't allow them to create encrypted streams with 1.0 anymore.
  • Can more comments be added in decrypter/reader implementation, helps in the review process.

writer-v2.go Show resolved Hide resolved
sio.go Outdated Show resolved Hide resolved
@aead
Copy link
Member Author

aead commented Feb 27, 2018
edited

Is there anything specific that needs to be done or should this be just a drop in replacement?

Nothing to do - it's full backward compatible and can be used as drop-in replacement. sio will automatically adapt. Updating the vendor'd package at minio/minio should be all we have to do.

@aead
Copy link
Member Author

aead commented Feb 27, 2018

Should we still allow users to specify the version such that they can use Dare 1.0 ? if yes then why? - IMO we shouldn't allow them to create encrypted streams with 1.0 anymore.

This would be not strictly backward compatible. First DARE 2.0 will be automatically selected except the user specifies: Config{MaxVersion: Version10}. So a user must explicitly request for 1.0 to encrypt a steam using DARE 1.0. However we can disallow 1.0 if we are willing to break existing code eventually.

Can more comments be added in decrypter/reader implementation, helps in the review process.

Yes, I will add some comments.

@donatello
Copy link
Member

@aead Where is the spec for 2.0? It does not seem to be present in the DARE.md file in the 2.0 branch.

Andreas Auernhammer added 2 commits February 27, 2018 19:41
add io.Reader/io.Writer implementation comments
a6bb2fa 
This change adds comments to the io.Reader/io.Writer implementations
to make understanding the code easier.
make key size a constant
abf0408 
This commit changes the expected key size (256 bits) from a code literal
to a constant.
@aead
Copy link
Member Author

aead commented Feb 27, 2018
edited

@donatello Yes, the spec is not finalized yet (it's missing some performance numbers a.s.o)
Since we need 2.0 for SSE-C multipart I was trying get the implementation done. I'll amend it as soon as finished. I can send you the .tex file and the pdf.

@harshavardhana
Copy link
Member

This would be not strictly backward compatible. First DARE 2.0 will be automatically selected except the user specifies: Config{MaxVersion: Version10}. So a user must explicitly request for 1.0 to encrypt a steam using DARE 1.0. However we can disallow 1.0 if we are willing to break existing code eventually.

No basically my point was on encryption we will disallow 1.0 but for decryption we allow.

@aead
Copy link
Member Author

aead commented Feb 27, 2018
edited

No basically my point was on encryption we will disallow 1.0 but for decryption we allow.

Yes, but imagine code using a config like: sio.Config{MaxVersion: Version10} for encryption right now would break. Of course I see that it would imply that the user would not use the more secure scheme. If we can pay the cost of breaking backward-compatible here(?) - I'm okay with disallowing 1.0 for encryption...

@harshavardhana
Copy link
Member

Yes, but imagine code using a config like: sio.Config{MaxVersion: Version10} for encryption right now would break. Of course I see that it would imply that the user would not use the more secure scheme. If we can pay the cost of breaking backward-compatible here(?) - I'm okay with disallowing 1.0 for encryption...

We should disallow in my opinion and there is no need to override. Since decryption is backward compatible it shouldn't be a big problem.

@harshavardhana
Copy link
Member

We should disallow in my opinion and there is no need to override. Since decryption is backward compatible it shouldn't be a big problem.

@abperiasamy suggested that we can be bit lenient here since sio is a separate package but we will default to 2.0 in Minio server.

harshavardhana
harshavardhana requested changes Feb 28, 2018
View reviewed changes
dare.go Outdated Show resolved Hide resolved
generic.go Outdated Show resolved Hide resolved
reader-v2.go Outdated Show resolved Hide resolved
reader-v2.go Show resolved Hide resolved
Andreas Auernhammer added 2 commits March 1, 2018 14:40
handle DARE 2.0 final sealing correctly.
6a73d7d 
This change adds a check to detected whether Seal/SealFinal is called
after a SealFinal call happened.
review: add some function comments
313f8b4
harshavardhana
harshavardhana approved these changes Mar 1, 2018
View reviewed changes
Copy link
Member

@harshavardhana harshavardhana left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@harshavardhana harshavardhana changed the title integrate DARE 2.0 Implement DARE 2.0 Mar 1, 2018
@harshavardhana harshavardhana merged commit 83dd737 into master Mar 1, 2018
@harshavardhana harshavardhana deleted the version-2.0 branch March 1, 2018 21:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@donatello donatello donatello approved these changes

@harshavardhana harshavardhana harshavardhana approved these changes

Assignees

@aead aead

Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@aead @harshavardhana @donatello