Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Doc encryption with symmetric key #2731

Merged
Merged
Changes from 1 commit
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
e58f2d6
Add encryption package
islamaliev Jun 12, 2024
107a7f3
Pass enc key upon doc creation
islamaliev Jun 13, 2024
3bc618b
Add license
islamaliev Jun 14, 2024
09c538e
Slight restructure
islamaliev Jun 14, 2024
9c8b79e
Add Encstore to Rootstore
islamaliev Jun 14, 2024
5d64820
Pass store to encryptor
islamaliev Jun 16, 2024
579920b
Store encKey and read from storage
islamaliev Jun 17, 2024
5498a64
Add p2p test
islamaliev Jun 17, 2024
5396df7
Lint
islamaliev Jun 17, 2024
e36664c
Make defra generate doc encryption key
islamaliev Jun 18, 2024
fc4664d
Remove unused code
islamaliev Jun 18, 2024
fe7c5c2
Store enc flat in a block. On update read the flat from a prev block
islamaliev Jun 20, 2024
0f27447
Fix p2p side
islamaliev Jun 21, 2024
e321f84
Upon peer sync update only heads
islamaliev Jun 24, 2024
2f83d92
Follow up
islamaliev Jun 24, 2024
13c9e9c
Polish
islamaliev Jun 24, 2024
e326c59
Add tests for encryptor
islamaliev Jun 24, 2024
c86dc60
Polish
islamaliev Jun 25, 2024
dfc104b
Encrypt counter CRDT fields
islamaliev Jun 25, 2024
35fa1fa
Fix lint
islamaliev Jun 25, 2024
3ed6435
Update docs
islamaliev Jun 25, 2024
e3135f2
CreateMany tests action
islamaliev Jun 26, 2024
662e8e1
Enable CreateMany in integration tests
islamaliev Jun 26, 2024
bb3c506
Adjust CLI client
islamaliev Jun 26, 2024
8cdc986
Roll back some prev change
islamaliev Jun 26, 2024
bb9ce22
Set Block.IsEncrypted only if true
islamaliev Jun 26, 2024
1fc60f7
Polish
islamaliev Jun 27, 2024
6d90c1f
Fix CreateMany for QGL mutation type
islamaliev Jun 27, 2024
0ba0a96
Fix GQL mutation
islamaliev Jun 27, 2024
bfffa98
Update docs
islamaliev Jun 27, 2024
ca1bda7
Add encConf context upon http CreateMany
islamaliev Jun 27, 2024
485f5fc
Add separate regular CreateMany test
islamaliev Jun 27, 2024
b812dc8
Make create mutation accept array of docs
islamaliev Jun 28, 2024
e90a959
Add encrypt param to create gql mutation
islamaliev Jun 28, 2024
487a48c
Polish
islamaliev Jun 28, 2024
f252cdd
Remove superfluous qql schema type records
islamaliev Jun 30, 2024
1cbab95
Polish docs
islamaliev Jul 1, 2024
225eedf
Remove unnecessary cli flag
islamaliev Jul 1, 2024
592dfdb
Fix cli handling of CreateMany
islamaliev Jul 1, 2024
87574dc
Set query param instead of header
islamaliev Jul 2, 2024
9a99d3f
Use regexp to determine if json bytes is array
islamaliev Jul 3, 2024
8bc56c7
Code review fixups
islamaliev Jul 3, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Polish
islamaliev committed Jul 2, 2024
commit 487a48c78b6e217cb4f1d5641ae12632feef99b7
5 changes: 5 additions & 0 deletions internal/request/graphql/schema/descriptions.go
Original file line number Diff line number Diff line change
@@ -155,5 +155,10 @@ Indicates as to whether or not this document has been deleted.
`
versionFieldDescription string = `
Returns the head commit for this document.
`

encryptArgDescription string = `
Encrypt flag specified if the input document(s) needs to be encrypted. If set, DefraDB will generate a
symmetric key for encryption using AES-GCM.
`
)
10 changes: 2 additions & 8 deletions internal/request/graphql/schema/generate.go
Original file line number Diff line number Diff line change
@@ -1039,7 +1039,6 @@ func (g *Generator) GenerateMutationInputForGQLType(obj *gql.Object) ([]*gql.Fie

filterInputName := genTypeName(obj, filterInputNameSuffix)
mutationInputName := genTypeName(obj, mutationInputNameSuffix)
mutationInputsName := genTypeName(obj, mutationInputsNameSuffix)

filterInput, ok := g.manager.schema.TypeMap()[filterInputName].(*gql.InputObject)
if !ok {
@@ -1051,19 +1050,14 @@ func (g *Generator) GenerateMutationInputForGQLType(obj *gql.Object) ([]*gql.Fie
return nil, NewErrTypeNotFound(mutationInputName)
}

mutationInputs, ok := g.manager.schema.TypeMap()[mutationInputsName]
if !ok {
return nil, NewErrTypeNotFound(mutationInputsName)
}

create := &gql.Field{
Name: "create_" + obj.Name(),
Description: createDocumentDescription,
Type: obj,
Args: gql.FieldConfigArgument{
"input": schemaTypes.NewArgConfig(mutationInput, "Create field values"),
"inputs": schemaTypes.NewArgConfig(mutationInputs, "Create field values"),
"encrypt": schemaTypes.NewArgConfig(gql.Boolean, "Encrypt input document(s)"),
"inputs": schemaTypes.NewArgConfig(gql.NewList(mutationInput), "Create field values"),
"encrypt": schemaTypes.NewArgConfig(gql.Boolean, encryptArgDescription),
},
}

8 changes: 4 additions & 4 deletions tests/integration/utils2.go
Original file line number Diff line number Diff line change
@@ -1318,8 +1318,6 @@ func createDocViaGQL(
}
require.NoError(s.t, err)

var docs []*client.Document

params := paramName + ": " + input

if action.IsEncrypted {
@@ -1353,15 +1351,17 @@ func createDocViaGQL(
return nil, nil
}

for _, docMap := range resultantDocs {
docs := make([]*client.Document, len(resultantDocs))

for i, docMap := range resultantDocs {
docIDString := docMap["_docID"].(string)
islamaliev marked this conversation as resolved.
Show resolved Hide resolved
docID, err := client.NewDocIDFromString(docIDString)
require.NoError(s.t, err)

doc, err := collection.Get(ctx, docID, false)
require.NoError(s.t, err)

docs = append(docs, doc)
docs[i] = doc
}

return docs, nil