Encryption support in Go client #552
Conversation
- add interface to support encryption - provide default encryption/decryption support - add ability to add custom encryption/decryption of data key
- make initial changes in producer for encryption[needs refactoring] - make changes for decrypting in consumer
- add test case to produce encrypted message and receive decrypted message
- adding encryption & decryption needs to have access to MessageMetadata - so making the pulsar proto package public from internal
There was a problem hiding this comment.
Thanks for your contribution. I took a quick look and left a few comments. A few suggestions:
In go file names are generally snake case so please try to follow that to keep things consistent. For example this crypto_key_reader.go instead of CryptoKeyReader.go
Can we break this up into multiple pull requests? Can we start with the crypto package that adds the interfaces and base implementations. Then some followup pull requests can be added for the consumer and producer implementation. This will make it easier on people to review the code.
pulsar/consumer_impl.go
Outdated
| "github.com/apache/pulsar-client-go/pulsar/log" | ||
| pb "github.com/apache/pulsar-client-go/pulsar/pulsar_proto" |
There was a problem hiding this comment.
We want to avoid exposing the proto as a public api. We should move this back to internal
There was a problem hiding this comment.
Client need access to MessagaMetada if they do not want to use default implementation of crypto. And it is not possible unless we make it public or create a wrapper around it.
| if c.options.KeyReader != nil && c.options.MessageCrypto == nil { | ||
| logCtx := fmt.Sprintf("[%v] [%v]", pt, c.options.SubscriptionName) | ||
| messageCrypto, err := crypto.NewDefaultMessageCrypto(logCtx, false, c.log) | ||
| if err != nil { |
There was a problem hiding this comment.
Good catch. Let me fix it
|
|
||
| // use default message crypto if not already created | ||
| if c.options.KeyReader != nil && c.options.MessageCrypto == nil { | ||
| logCtx := fmt.Sprintf("[%v] [%v]", pt, c.options.SubscriptionName) |
There was a problem hiding this comment.
what is log context and why is it needed?
There was a problem hiding this comment.
It is just a log message that default crypto implementation uses while logging.
pulsar/consumer_partition.go
Outdated
| errMsg := fmt.Errorf(errDecryptingPayload, err.Error()) | ||
| switch pc.options.consumerCryptoFailureAcrion { | ||
| case crypto.FailConsume: | ||
| pc.log.Warnf( |
There was a problem hiding this comment.
This info about the consumer will already be logged
pc.log = client.log.SubLogger(log.Fields{
"name": pc.name,
"topic": options.topic,
"subscription": options.subscription,
"consumerID": pc.consumerID,
})
There was a problem hiding this comment.
Ok. I'll remove the redundant info
| import "io/ioutil" | ||
|
|
||
| // DefaultKeyReader default implementation of KeyReader | ||
| type DefaultKeyReader struct { |
There was a problem hiding this comment.
May be yeah that looks good. I'll rename it.
Thanks for the suggestions. Actually I've gone too far to put all the functionality in the single PR. If it is absolutely necessary to breakdown into multiple pull requests I'll go ahead to do it. |
- make proto internal
|
Yes, please break this down into multiple pull requests. The crypto package would be a good one to start with. |
As per suggestions breaking down this into multiple pull requests.
|
|
|
@cckellogg @GPrabhudas Any update for this? We are ready to initiate a new version of the release, hoping to include this new change in the new version (because some of the code has been merged in), can we consider advancing the progress here. |
I'll work on it and address the review suggestions. |
|
|
ping @cckellogg @GPrabhudas What is the latest status here? |
@wolfstudy We can close this PR as all of its sub PRs are merged into master. we can add tag |
Cool, i will close this pull request. |
Motivation
Added Go client changes to encrypt messages published to pulsar. Once encrypted, it only allows the consumer with the right set of keys to be able to decrypt the original message published by the producer. Only RSA encryption of data key is supported.
Modifications
Changes are implemented as per PIP-4
Followed Java client Encryption support changes
Addresses issue #333