apache / pulsar

Apache Pulsar - distributed pub-sub messaging system
https://pulsar.apache.org/
Apache License 2.0
14.23k stars 3.58k forks source link

E2E encryption implementation using Bouncycastle FIPS provider and only the FIPS-library provided tools #20373

Open z-kovacs opened 1 year ago

z-kovacs commented 1 year ago

Search before asking

Motivation

my firm would like to use Pulsar but using Bouncycastle FIPS approved libs in approved mode for E2E encryption.

Currently the MessageCryptoBc is the only MessageCrypto implementation (non FIPS), and it is explicitly referenced from ProducerImpl and ConsumerImpl - unless overridden.

I think it would be greate if someone adds an encryption key and a CryptoKeyReader, based on the loaded modules pulsar would use the fips or non-fips implementation. As related job has been done in pulsar to separate out different version (non-fips or fips) of BouncyCastle dependencies, we could expand on it.

Solution

An idea about the tasks:

  1. Create a new MessageCrypto implementation using only bouncycastle FIPS provider and API calls and add it to a new org.apache.pulsar:pulsar-client-messagecrypto-bcfips module (pulsar-client-messagecrypto-bc already exists).
  2. ProducerImpl and ConsumerImpl should check which version (bc or bc-fips) of MessageCrypto can be found on the classpath and that should be used. Decision should be logged. Defaulting back to the origial non-fips solution for backward compatibility if both are on classpath.

Alternatives

n/a

Anything else?

Notes:

Are you willing to submit a PR?

david-streamlio commented 1 year ago

@z-kovacs You have indicated that you are willing to submit a PR for this issue. Do you have an existing code fix for this issue that you want to submit for review?

z-kovacs commented 1 year ago

@z-kovacs You have indicated that you are willing to submit a PR for this issue. Do you have an existing code fix for this issue that you want to submit for review?

@david-streamlio - I am working on the PR, hopefully I can present it soon.

github-actions[bot] commented 1 year ago

The issue had no activity for 30 days, mark with Stale label.