Skip to content

[improve][broker, client] Fixing BC FIPS based payload encryption#2

Open
z-kovacs wants to merge 19 commits into
masterfrom
improvement_bc_fips_encryption
Open

[improve][broker, client] Fixing BC FIPS based payload encryption#2
z-kovacs wants to merge 19 commits into
masterfrom
improvement_bc_fips_encryption

Conversation

@z-kovacs
Copy link
Copy Markdown
Owner

@z-kovacs z-kovacs commented Jun 8, 2023

Fixes apache#20373

Motivation

If we configure pulsar following the doc to use BouncyCastle FIPS library instead of the default non-FIPS version, we receive a ClassNotFoundException: org.bouncycastle.jce.provider.BouncyCastleProvider - as the MessageCryptoBc implementation is not prepared to use the FIPS library API (way more restrictive).

BC FIPS has some restrictions:

  • ECDSA keys cannot be used neither for encryption nor for key wrapping only RSA keys
  • RSA keys can only be used for key wrapping, not encryption
  • different API to manipulate ECDSA key loading/saving

Modifications

I have lifted out the BC FIPS and non-FIPS related code from MessageCryptoBc into the already existing bouncy-castle-bc and bouncy-castle-bcfips module, and created a bouncy-castle-common module with an interface definition and a dynamic loader of the implementation based on the security provider in classpath.
MessageCryptoBc now accessing the BC version specific crypto functionality via the dynamically loaded delegate.

in non-FIPS mode we use encrypt mode of cyphers to encrypt data key (probably should be wrap, but ECIES cypher does not support wrap).
In FIPS mode you have to use wrap. So as of now it is not possible to unify code to wrap the data key.

Verifying this change

  • Make sure that the change passes the CI checks.

This change added tests and can be verified as follows:

  • Added unittest for making sure key wrapping and encrypting are compatible for RSA keys
  • Added unittest for making sure that encryption works end-to-end when only bc FIPS libraries are loaded

Does this pull request potentially affect one of the following parts:

If the box was checked, please highlight the changes

  • Dependencies (add or upgrade a dependency)
  • The public API
  • The schema
  • The default values of configurations
  • The threading model
  • The binary protocol
  • The REST endpoints
  • The admin CLI options
  • The metrics
  • Anything that affects deployment

Note:
we have to warn users if they want to change the client to use BC FIPS client lib, the messages produced with non FIPS setup and where the master key was ECDSA key - won't be readable! (FIPS has way less enabled cyphers.)
we have to add to website to BC instructions, that you can mix fips ad non-fips producers and consumers as long as you use RSA master keys, since ECDSA keys cannot be used to wrap keys in BC FIPS.

Documentation

  • doc
  • doc-required
  • doc-not-needed
  • doc-complete

Matching PR in forked repository

PR in forked repository:

Zsolt Kovacs and others added 7 commits June 2, 2023 16:31
first draft - bc fips compatible messagecrypto implementation, and tests
28d9048
@z-kovacs
fixing checkstyle
2cd9fa4
- adding jcloud slf4j log driver
b3c6fc8 
- adding bc-common module to contain an interface (BcVersionSpecificUtility) which will provide a facade for FIPS and non-FIPS implementations
- bouncy-castle-common (bc-common) module will be a dependency of bouncy-castle-bc and bouncy-castle-bcfips
- MessageCryptoBc: moving private key and public key loading to bc version-specific (FIPS or non-FIPS) utility classes
- MessageCryptoBc: moving data key encryption and decryption to bc version-specific (FIPS or non-FIPS) utility classes
- ECDSA test
ba32b82 
- bouncy-castle-common following the dependency pattern used across pulsar (broker and client-original is setting up dependency, everywhere else is provided)
Merge remote-tracking branch 'origin/master' into improvement_bc_fips…
a3e6d4d 
…_encryption
adding test fips vs non-fips encryption of datakey, as we use wrap an…
57fb790 
…d encrypt functionality respectively (using wrap would be the right way probably, but in non-FIPS mode ECIES cypher cannot wrap - keeping as is for backwards compatibility)
Merge remote-tracking branch 'origin/master' into improvement_bc_fips…
bc1cba9 
…_encryption
@z-kovacs z-kovacs mentioned this pull request Jun 8, 2023
Closed
15 tasks
Zsolt Kovacs added 12 commits June 8, 2023 16:04
- renaming files to represent content and thus not to trigger RAT
1952a67
- adding missing package-info.java files, fixing one javadoc
ac617ed
- adding missing LICENSE file
54d5e63
- excluding bouncy-castle-common from the trino license check
62990ea
- excluding bouncy-castle-common from the license check
73ce815
changes based on review:
8feff61 
- using apache commons codec for hexadecimal to/from conversion
- fixing typo
- remove unnecessary dependency
- remove unnecessary LICENSE file
- fixing bcfips specific implementation package to match with non-fips

+ renaming BC FIPS specific encryption test to represent the test better and 'bcfips' should not be only in module name
Merge remote-tracking branch 'origin/master' into improvement_bc_fips…
a682e21 
…_encryption
based on review: removing static as this meant to be a per-instance v…
e44b17a 
…ariable, plus adding final
Merge remote-tracking branch 'origin/master' into improvement_bc_fips…
5c7fc2d 
…_encryption
updated file missed
fb0b01f
fix style
9439541
Merge remote-tracking branch 'origin/master' into improvement_bc_fips…
3bb44c6 
…_encryption
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

E2E encryption implementation using Bouncycastle FIPS provider and only the FIPS-library provided tools

1 participant

@z-kovacs