apple/foundationdb
1
0
Fork 0
mirror of https://github.com/apple/foundationdb.git synced 2025-05-14 09:58:50 +08:00
Code Issues Packages Projects Releases Wiki Activity
foundationdb/fdbserver
History
Ata E Husain Bohra 81c7834d06
Encryption header authentication tokens (#6750) 
* Encryption header authentication tokens

Description

  diff-1: Allow NONE AuthTokenMode operations
          Address review comments

Major changes proposed are:
1.Encryption header support two modes of generation 'authentication tokens':
  a) SingleAuthTokenMode: the scheme generates single crypto-secure auth
     token to protect {cipherText + header} payload. Scheme is geared towards
     optimizing cost due to crypto-secure auth-token generation, however,
     on decryption client needs to be read 'header' + 'encrypted-buffer'
     to validate the 'auth-token'. The scheme is ideal for usecases where
     payload represented by the encryptionHeader is not large and it is
     desirable to minimize CPU/latency penalty due to crypto-secure ops,
     such as: CommitProxies encrypted inline transactions,
     StorageServer encrypting pages etc.
  b) MultiAuthTokenMode: Scheme generates separate authTokens for
     'encrypted buffer' & 'encryption-header'. The scheme is ideal where
     payload represented by encryptionHeader is large enough such that it
     is desirable to optimize cost of upfront reading full 'encrypted buffer',
     compared to reading only encryptionHeader and ensuring its sanity;
     for instance: backup-files
2. Leverage full crypto-secure digest as 'authentication token'

Testing

Update EncryptionOps simulation test
Update BlobCipher unit test
20220408-182229-ahusain-foundationdb-7fd2e4b19328cd44
20220408-175754-ahusain-foundationdb-5352e37e1dcabfc8
2022-04-08 11:32:05 -07:00
..
sqlite
fix typo
2021-06-28 11:14:55 +08:00
workloads
Encryption header authentication tokens (#6750)
2022-04-08 11:32:05 -07:00
ApplyMetadataMutation.cpp
Retract changes to apply-metadata-mutations; the change to the storagecache in commit proxy data is not required unless the get request path is to be made sensitive to the SSI state
2022-03-25 13:39:08 -07:00
ApplyMetadataMutation.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
art_impl.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
art.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
ArtMutationBuffer.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
BackupInterface.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
BackupProgress.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
BackupProgress.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
BackupWorker.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
BlobGranuleServerCommon.actor.cpp
Future-proof blob granules with full file size
2022-03-29 08:06:07 -05:00
BlobGranuleServerCommon.actor.h
Future-proof blob granules with full file size
2022-03-29 08:06:07 -05:00
BlobGranuleValidation.actor.cpp
Added basic blob granule consistency check
2022-04-04 11:38:42 -05:00
BlobGranuleValidation.actor.h
Added basic blob granule consistency check
2022-04-04 11:38:42 -05:00
BlobManager.actor.cpp
misc bg operational fixes and improvements
2022-04-05 12:26:00 -05:00
BlobManagerInterface.h
Merge branch 'main' into blob_integration
2022-03-22 11:41:58 -05:00
BlobWorker.actor.cpp
misc bg operational fixes and improvements
2022-04-05 12:26:00 -05:00
ClusterController.actor.cpp
grey failure detection account for the case where the connection between primary and satellite DC becomes bad.
2022-04-07 17:34:13 -07:00
ClusterController.actor.h
address comments
2022-04-07 17:34:13 -07:00
ClusterRecovery.actor.cpp
only add mutations can change configuration (#6760)
2022-04-05 17:05:51 -07:00
ClusterRecovery.actor.h
Move resolutionBalancing() back to master
2022-03-23 09:57:31 -07:00
CMakeLists.txt
Added basic blob granule consistency check
2022-04-04 11:38:42 -05:00
CommitProxyServer.actor.cpp
Add option to limit resident memory and remove default memory limit (#6719)
2022-04-06 20:06:24 -07:00
CompactMap.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
ConfigBroadcaster.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
ConfigBroadcaster.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
ConfigBroadcastInterface.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
ConfigDatabaseUnitTests.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
ConfigFollowerInterface.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
ConfigFollowerInterface.h
Add tryGetReplyFromHostname() and retryGetReplyFromHostname(). (#6761)
2022-04-06 10:47:00 -07:00
ConfigNode.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
ConfigNode.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
ConflictSet.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
CoordinatedState.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
CoordinatedState.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
Coordination.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
CoordinationInterface.h
Add tryGetReplyFromHostname() and retryGetReplyFromHostname(). (#6761)
2022-04-06 10:47:00 -07:00
CoroFlow.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
CoroFlow.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
CoroFlowCoro.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
DataDistribution.actor.cpp
Change timestamps used in storage server metadata and perpetual wiggle metrics to epoch seconds, stored as doubles, and stringified as either floating point epoch seconds or timestamp strings of the form "2013-04-28 20:57:01.000 +0000".
2022-03-30 18:57:06 -07:00
DataDistribution.actor.h
Change timestamps used in storage server metadata and perpetual wiggle metrics to epoch seconds, stored as doubles, and stringified as either floating point epoch seconds or timestamp strings of the form "2013-04-28 20:57:01.000 +0000".
2022-03-30 18:57:06 -07:00
DataDistributionQueue.actor.cpp
fix destination limiting and cancelling logic in move_to_removed_server case
2022-03-31 14:05:15 -05:00
DataDistributionTracker.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
DataDistributorInterface.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
DBCoreState.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
DDTeamCollection.actor.cpp
Fix aggressive storage migration mode to behave as documented and migrates all storages at once.
2022-03-28 09:22:24 -07:00
DDTeamCollection.h
Merge remote-tracking branch 'origin/main' into ddteamcollection-boolean-param
2022-03-16 13:38:28 -07:00
DeltaTree.h
Clear unused memory regions for structures written to disk.
2022-04-07 23:02:33 -07:00
DiskQueue.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
EncryptKeyProxy.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
EncryptKeyProxyInterface.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
FDBExecHelper.actor.cpp
Remote ikvs debugging (#6465)
2022-03-31 17:08:59 -07:00
FDBExecHelper.actor.h
Remote ikvs debugging (#6465)
2022-03-31 17:08:59 -07:00
fdbserver.actor.cpp
Add option to limit resident memory and remove default memory limit (#6719)
2022-04-06 20:06:24 -07:00
GrvProxyServer.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
IConfigConsumer.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
IConfigConsumer.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
IDiskQueue.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
IKeyValueContainer.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
IKeyValueStore.h
Remote ikvs debugging (#6465)
2022-03-31 17:08:59 -07:00
IPager.h
Updated BTree write-only forensic fields for last known logical page ID and last known logical parent page ID.
2022-04-08 01:17:50 -07:00
KeyValueStoreCompressTestData.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
KeyValueStoreMemory.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
KeyValueStoreRocksDB.actor.cpp
Fix data race issue when multithreaded RocksDB store using histogram (#6766)
2022-04-07 00:31:36 -04:00
KeyValueStoreSQLite.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
KnobProtectiveGroups.cpp
fixup! Let invalid knob in toml not raising ASSERT but a TraceEvent
2022-03-17 16:53:10 -07:00
KnobProtectiveGroups.h
fixup! clang-format
2022-03-17 16:53:10 -07:00
Knobs.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
LatencyBandConfig.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
LatencyBandConfig.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
LeaderElection.actor.cpp
Move Hostname to its own files. (#6759)
2022-04-04 19:04:51 -07:00
LeaderElection.h
Workers should monitor coordinators in submitCandidacy(). (#6655)
2022-03-24 19:20:42 -07:00
LocalConfiguration.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
LocalConfiguration.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogProtocolMessage.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogRouter.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogSystem.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogSystem.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogSystemConfig.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogSystemConfig.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogSystemDiskQueueAdapter.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogSystemDiskQueueAdapter.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
LogSystemPeekCursor.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
MasterInterface.h
Move resolutionBalancing() back to master
2022-03-23 09:57:31 -07:00
masterserver.actor.cpp
Refactor resolution balancing into separate files
2022-03-23 09:57:31 -07:00
MetricLogger.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
MetricLogger.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
MoveKeys.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
MoveKeys.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
MutationTracking.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
MutationTracking.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
networktest.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
NetworkTest.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
OldTLogServer_4_6.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
OldTLogServer_6_0.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
OldTLogServer_6_2.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
OnDemandStore.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
OnDemandStore.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
PaxosConfigConsumer.actor.cpp
Move the Promise<QuorumVersion> before the Future vector to be destroyed after the vector
2022-03-22 16:12:41 -07:00
PaxosConfigConsumer.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
ProxyCommitData.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
pubsub.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
pubsub.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
QuietDatabase.actor.cpp
Merge branch 'main' into blob_integration
2022-03-22 11:41:58 -05:00
QuietDatabase.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RadixTree.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
Ratekeeper.actor.cpp
merge commits from main
2022-03-28 22:49:03 -07:00
Ratekeeper.h
Resolve merge conflict
2022-03-28 22:54:00 -07:00
RatekeeperInterface.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RecoveryState.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RemoteIKeyValueStore.actor.cpp
Remote ikvs debugging (#6465)
2022-03-31 17:08:59 -07:00
RemoteIKeyValueStore.actor.h
Fix the bug where use the pointer after it's cleaned
2022-04-04 11:49:41 -07:00
ResolutionBalancer.actor.cpp
Refactor resolution balancing into separate files
2022-03-23 09:57:31 -07:00
ResolutionBalancer.actor.h
Refactor resolution balancing into separate files
2022-03-23 09:57:31 -07:00
Resolver.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
ResolverInterface.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreApplier.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreApplier.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreCommon.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreCommon.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreController.actor.cpp
Add proxy option to backup and restore params.
2022-03-28 17:10:49 -07:00
RestoreController.actor.h
Add proxy option to backup and restore params.
2022-03-28 17:10:49 -07:00
RestoreLoader.actor.cpp
Add proxy option to backup and restore params.
2022-03-28 17:10:49 -07:00
RestoreLoader.actor.h
Add proxy option to backup and restore params.
2022-03-28 17:10:49 -07:00
RestoreRoleCommon.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreRoleCommon.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreUtil.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreUtil.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreWorker.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreWorker.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreWorkerInterface.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
RestoreWorkerInterface.actor.h
Add proxy option to backup and restore params.
2022-03-28 17:10:49 -07:00
RkTagThrottleCollection.cpp
Add comments and modify ITagThrottler::tryUpdateAutoThrottling method
2022-03-11 12:13:34 -04:00
RkTagThrottleCollection.h
Add comments to RkTagThrottleCollection
2022-03-11 12:09:15 -04:00
RocksDBCheckpointUtils.actor.cpp
Fix option use in PhysicalShardMove and add support for tenants in the test.
2022-03-17 12:10:19 -07:00
RocksDBCheckpointUtils.actor.h
Physical Shard Move (#6264)
2022-03-15 13:03:23 -07:00
RoleLineage.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
RoleLineage.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
ServerCheckpoint.actor.cpp
Physical Shard Move (#6264)
2022-03-15 13:03:23 -07:00
ServerCheckpoint.actor.h
Physical Shard Move (#6264)
2022-03-15 13:03:23 -07:00
ServerDBInfo.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
ServerDBInfo.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
SigStack.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
SimEncryptVaultProxy.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
SimEncryptVaultProxy.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
SimpleConfigConsumer.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
SimpleConfigConsumer.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
SimulatedCluster.actor.cpp
Restore random storage engine selection to prepare for PR merge.
2022-04-07 23:54:59 -07:00
SimulatedCluster.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
SkipList.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
SpanContextMessage.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
Status.actor.cpp
Change timestamps used in storage server metadata and perpetual wiggle metrics to epoch seconds, stored as doubles, and stringified as either floating point epoch seconds or timestamp strings of the form "2013-04-28 20:57:01.000 +0000".
2022-03-30 18:57:06 -07:00
Status.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
StorageCache.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
StorageMetrics.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
StorageMetrics.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
storageserver.actor.cpp
misc bg operational fixes and improvements
2022-04-05 12:26:00 -05:00
TagPartitionedLogSystem.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
TagPartitionedLogSystem.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
TagThrottler.actor.cpp
Minor bug fix in TagThrottlerImpl::tryUpdateAutoThrottling
2022-03-12 13:32:41 -04:00
TagThrottler.h
Clean up TagThrottler* files
2022-03-11 12:23:01 -04:00
TCInfo.actor.cpp
add hasWigglePausedServer method; add new sort criteria
2022-03-14 16:02:42 -07:00
TCInfo.h
Merge remote-tracking branch 'origin/main' into change-rebalance-teams-signature
2022-03-18 21:12:47 -07:00
template_fdb.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
tester.actor.cpp
Allowing globally knob change in TOML file based test
2022-04-04 11:17:32 -07:00
TesterInterface.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
TLogInterface.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
TLogServer.actor.cpp
add ASSERT_WE_THINK
2022-04-07 09:21:50 -07:00
TransactionTagCounter.cpp
Fix TEST macro comment
2022-03-23 11:07:06 -07:00
TransactionTagCounter.h
Support sending multiple busy tags from storage server to ratekeeper
2022-03-11 12:09:15 -04:00
TSSMappingUtil.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
TSSMappingUtil.actor.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
VersionedBTree.actor.cpp
Updated BTree write-only forensic fields for last known logical page ID and last known logical parent page ID.
2022-04-08 01:17:50 -07:00
VFSAsync.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
VFSAsync.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
WaitFailure.actor.cpp
Update copyright header dates
2022-03-21 13:36:23 -07:00
WaitFailure.h
Update copyright header dates
2022-03-21 13:36:23 -07:00
worker.actor.cpp
address comments
2022-04-07 17:34:13 -07:00
WorkerInterface.actor.h
grey failure detection account for the case where the connection between primary and satellite DC becomes bad.
2022-04-07 17:34:13 -07:00