RFC-18: Encryption of database connection passwords in mapfiles

[tbonfort]

Reporter: dmorissette Date: 2006/05/30 - 17:29

This bug is to track the implementation of RFC-18 in MapServer 4.9. From the RFC:

------------------------

Overview
--------

This proposal provides a mechanism to protect database connection passwords used
inside mapfiles by encrypting them instead of including them in plain text.

Technical Solution
------------------

MapServer will be extended to allow the use of encrypted passwords as part of
the CONNECTION string for the following layer types:

    * Oracle Spatial
    * PostGIS
    * ESRI SDE
    * OGR

The Tiny Encryption Algorithm (TEA) at
http://www.simonshepherd.supanet.com/tea.htm will be used for the
encryption/decryption functions.

------------------------

See the RFC at http://mapserver.gis.umn.edu/development/rfc/ms-rfc-18 for full
details.

[tbonfort]

Author: dmorissette Date: 2006/05/31 - 17:06

Going ahead with implementation using TEA as per RFC-18

[tbonfort]

Author: dmorissette Date: 2006/08/11 - 19:26

Done.

This was implemented and committed to 4.9 CVS earlier in June. The bulk of the
implementation is in the new file mapcrypto.c and the new command-line utility
msencrypt.c. The driver-specific files only needed very minor changes to add a
call to decrypt the connection string before using it.

The changes to mapogr.cpp and maporaclaspatial.c was committed to CVS back in
June, they have both been well tested and haven't shown any side-effects.
Support for encryption in mapsde.c and mappostgis.c was also implemented at the
time but not committed to CVS since I had no way to test. I have committed those
two files a few minutes ago.

[tbonfort]

Author: dmorissette Date: 2006/08/11 - 19:55

I just added docs for the msencrypt utility in the "Utility Programs" manual on
the Mapserver website:
http://mapserver.gis.umn.edu/docs/reference/utilityreference/msencrypt

We also need to add something in the user documentation explaining how this
works. Here are some basic usage steps, there won't be much more to add in the
final docs really, perhaps just an intro and a couple of additional examples.

--------------------------

1- Create an encryption key using the new msencrypt command-line utility:

  msencrypt -keygen /path/to/mykey.txt

2- Set MS_ENCRYPTION_KEY in your mapfile (or in an env. var.) to point to the
encryption key:

  CONFIG MS_ENCRYPTION_KEY "/path/to/mykey.txt"

3- Encrypt portions or full connection strings using msencrypt:

  msencrypt -key /path/to/mykey.txt <string_to_encrypt>

4- Embed the encrypted strings in a CONNECTION string in the mapfile:

  CONNECTIONTYPE ORACLESPATIAL
  CONNECTION "user/{MIIBugIBAAKBgQCP0Yj+Seh8==}@service"

--------------------------