JakeHillion/storj
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bc0f697929
storj/examples/eestream/serve-collected/main.go
Maximillian von Briesen 821d0b6f1d
Stream encryption (#302) 
* begin adding encryption for remote pieces

* begin adding decryption

* add encryption key as arg to Put and Get

* move encryption/decryption to object store

* Add encryption key to object store constructor

* Add the erasure scheme to object store constructor

* Ensure decrypter is initialized with the stripe size used by encrypter

* Revert "Ensure decrypter is initialized with the stripe size used by encrypter"

This reverts commit 07272333f461606edfb43ad106cc152f37a3bd46.

* Revert "Add the erasure scheme to object store constructor"

This reverts commit ea5e793b536159d993b96e3db69a37c1656a193c.

* move encryption to stream store

* move decryption stuff to stream store

* revert changes in object store

* add encryptedBlockSize and close rangers on error during Get

* calculate padding sizes correctly

* encryptedBlockSize -> encryptionBlockSize

* pass encryption key and block size into stream store

* remove encryption key and block size from object store constructor

* move encrypter/decrypter initialization

* remove unnecessary cast

* Fix padding issue

* Fix linter

* add todos

* use random encryption key for data encryption. Store an encrypted copy of this key in segment metadata

* use different encryption key for each segment

* encrypt data in one step if it is small enough

* refactor and move encryption stuff

* fix errors related to nil slices passed to copy

* fix encrypter vs. decrypter bug

* put encryption stuff in eestream

* get captplanet test to pass

* fix linting errors

* add types for encryption keys/nonces and clean up

* fix tests

* more review changes

* add Cipher type for encryption stuff

* fix rs_test

* Simplify type casting of key and nonce

* Init starting nonce to the segment index

* don't copy derived key

* remove default encryption key; force user to explicitly set it

* move getSegmentPath to streams package

* dont require user to specify encryption key for captplanet

* rename GenericKey and GenericNonce to Key and Nonce

* review changes

* fix linting error

* Download uses the encryption type from metadata

* Store enc block size in metadata and use it for download
2018-09-26 09:32:23 -04:00

95 lines
2.2 KiB
Go
Raw Blame History

// Copyright (C) 2018 Storj Labs, Inc.
// See LICENSE for copying information.
package main
import (
"context"
"crypto/sha256"
"flag"
"fmt"
"net/http"
"os"
"time"
"github.com/vivint/infectious"
"storj.io/storj/pkg/eestream"
"storj.io/storj/pkg/ranger"
)
var (
addr = flag.String("addr", "localhost:8080", "address to serve from")
pieceBlockSize = flag.Int("piece_block_size", 4*1024, "block size of pieces")
key = flag.String("key", "a key", "the secret key")
rsk = flag.Int("required", 20, "rs required")
rsn = flag.Int("total", 40, "rs total")
)
func main() {
err := Main()
if err != nil {
fmt.Fprintf(os.Stderr, "error: %v\n", err)
os.Exit(1)
}
}
// Main is the exported CLI executable function
func Main() error {
encKey := eestream.Key(sha256.Sum256([]byte(*key)))
fc, err := infectious.NewFEC(*rsk, *rsn)
if err != nil {
return err
}
es := eestream.NewRSScheme(fc, *pieceBlockSize)
var firstNonce eestream.Nonce
cipher := eestream.AESGCM
decrypter, err := cipher.NewDecrypter(
&encKey, &firstNonce, es.DecodedBlockSize())
if err != nil {
return err
}
// initialize http rangers in parallel to save from network latency
rrs := map[int]ranger.Ranger{}
type indexRangerError struct {
i int
rr ranger.Ranger
err error
}
result := make(chan indexRangerError, *rsn)
for i := 0; i < *rsn; i++ {
go func(i int) {
url := fmt.Sprintf("http://18.184.133.99:%d", 10000+i)
rr, err := ranger.HTTPRanger(url)
result <- indexRangerError{i: i, rr: rr, err: err}
}(i)
}
// wait for all goroutines to finish and save result in rrs map
for i := 0; i < *rsn; i++ {
res := <-result
if res.err != nil {
// return on the first failure
return err
}
rrs[res.i] = res.rr
}
rc, err := eestream.Decode(rrs, es, 4*1024*1024)
if err != nil {
return err
}
rr, err := eestream.Transform(rc, decrypter)
if err != nil {
return err
}
ctx := context.Background()
rr, err = eestream.UnpadSlow(ctx, rr)
if err != nil {
return err
}
return http.ListenAndServe(*addr, http.HandlerFunc(
func(w http.ResponseWriter, r *http.Request) {
ranger.ServeContent(ctx, w, r, flag.Arg(0), time.Time{}, rr)
}))
}
Reference in New Issue View Git Blame Copy Permalink