Example #1
0
    def __init__(self,
                 containerName,
                 swiftBackend,
                 cascadeProperties,
                 useCache=False):
        """
        Constructor
        """
        logging.warning(
            "initializing a new SDOS frontend: containerName={} useCache={}".
            format(containerName, useCache))
        self.containerName = containerName
        self.swift_backend = swiftBackend
        self.cascadeProperties = cascadeProperties
        self.batch_delete_log = set()

        # mappingStore = MappingPersistence.LocalFileMappingStore()
        self.mappingStore = MappingPersistence.SwiftMappingStore(
            containerNameSdosMgmt=self.cascadeProperties.container_name_mgmt,
            swift_backend=self.swift_backend)

        self.keySlotMapper = Mapping.KeySlotMapper(
            mappingStore=self.mappingStore,
            cascadeProperties=self.cascadeProperties)

        # partitionStore = CascadePersistence.LocalFilePartitionStore()
        self.partitionStore = CascadePersistence.SwiftPartitionStore(
            containerNameSdosMgmt=self.cascadeProperties.container_name_mgmt,
            swiftBackend=self.swift_backend)

        self.keySource = MasterKeySource.masterKeySourceFactory(
            cascadeProperties=cascadeProperties,
            swiftBackend=self.swift_backend)

        if useCache:
            p = KeyPartitionCache(partitionStore=self.partitionStore)
        else:
            p = self.partitionStore

        self.cascade = Cascade(partitionStore=p,
                               keySlotMapper=self.keySlotMapper,
                               masterKeySource=self.keySource,
                               cascadeProperties=self.cascadeProperties)
Example #2
0
class SdosFrontend(object):
	"""
	This frontend implements the SDOS functionality
	"""

	def __init__(self, containerName, swiftTenant = None, swiftToken = None, swiftUser = None, swiftKey = None):
		"""
		Constructor
		"""
		self.si = SwiftBackend.SwiftBackend(tenant=swiftTenant, token=swiftToken, user=swiftUser, key=swiftKey)
		self.containerName = containerName

		containerNameSdosMgmt = '_mcm-internal_SDOS-partitions_{}'.format(containerName)

		# mappingStore = MappingPersistence.LocalFileMappingStore()
		mappingStore = MappingPersistence.SwiftMappingStore(containerNameSdosMgmt=containerNameSdosMgmt, swiftBackend=self.si)
		keySlotMapper = Mapping.KeySlotMapper(mappingStore=mappingStore)

		# partitionStore = CascadePersistence.LocalFilePartitionStore()
		partitionStore = CascadePersistence.SwiftPartitionStore(containerNameSdosMgmt=containerNameSdosMgmt, swiftBackend=self.si)
		self.cascade = Cascade(partitionStore=partitionStore, keySlotMapper=keySlotMapper)

	def finish(self):
		self.cascade.finish()


	def encrypt_object(self, o, name):
		key = self.cascade.getKeyForNewObject(name)
		return DataCrypt.DataCrypt(key).encryptBytesIO(plaintext=o)

	def encrypt_bytes_object(self, o, name):
		return self.encrypt_object(o=io.BytesIO(o), name=name).read()


	def putObject(self, o, name):
		c = self.encrypt_object(o=o, name=name)
		self.si.putObject(self.containerName, name, c, headers={"X-Object-Meta-MCM-Content": DataCrypt.HEADER})




	def decrypt_object(self, c, name):
		key = self.cascade.getKeyForStoredObject(name)
		return DataCrypt.DataCrypt(key).decryptBytesIO(ciphertext=c)

	def decrypt_bytes_object(self, c, name):
		return self.decrypt_object(io.BytesIO(c), name).read()

	def getObject(self, name):
		c = self.si.getObject(container=self.containerName, name=name)
		return self.decrypt_object(c, name)




	def deleteObject(self, name, deleteDataObjectInSwift = True):
		self.cascade.secureDeleteObjectKey(name)
		if deleteDataObjectInSwift:
			self.si.deleteObject(container=self.containerName, name=name)
Example #3
0
	def __init__(self, containerName, swiftTenant = None, swiftToken = None, swiftUser = None, swiftKey = None):
		"""
		Constructor
		"""
		self.si = SwiftBackend.SwiftBackend(tenant=swiftTenant, token=swiftToken, user=swiftUser, key=swiftKey)
		self.containerName = containerName

		containerNameSdosMgmt = '_mcm-internal_SDOS-partitions_{}'.format(containerName)

		# mappingStore = MappingPersistence.LocalFileMappingStore()
		mappingStore = MappingPersistence.SwiftMappingStore(containerNameSdosMgmt=containerNameSdosMgmt, swiftBackend=self.si)
		keySlotMapper = Mapping.KeySlotMapper(mappingStore=mappingStore)

		# partitionStore = CascadePersistence.LocalFilePartitionStore()
		partitionStore = CascadePersistence.SwiftPartitionStore(containerNameSdosMgmt=containerNameSdosMgmt, swiftBackend=self.si)
		self.cascade = Cascade(partitionStore=partitionStore, keySlotMapper=keySlotMapper)
Example #4
0
class SdosFrontend(object):
    """
    This frontend implements the SDOS functionality
    """
    def __init__(self,
                 containerName,
                 swiftBackend,
                 cascadeProperties,
                 useCache=False):
        """
        Constructor
        """
        logging.warning(
            "initializing a new SDOS frontend: containerName={} useCache={}".
            format(containerName, useCache))
        self.containerName = containerName
        self.swift_backend = swiftBackend
        self.cascadeProperties = cascadeProperties
        self.batch_delete_log = set()

        # mappingStore = MappingPersistence.LocalFileMappingStore()
        self.mappingStore = MappingPersistence.SwiftMappingStore(
            containerNameSdosMgmt=self.cascadeProperties.container_name_mgmt,
            swift_backend=self.swift_backend)

        self.keySlotMapper = Mapping.KeySlotMapper(
            mappingStore=self.mappingStore,
            cascadeProperties=self.cascadeProperties)

        # partitionStore = CascadePersistence.LocalFilePartitionStore()
        self.partitionStore = CascadePersistence.SwiftPartitionStore(
            containerNameSdosMgmt=self.cascadeProperties.container_name_mgmt,
            swiftBackend=self.swift_backend)

        self.keySource = MasterKeySource.masterKeySourceFactory(
            cascadeProperties=cascadeProperties,
            swiftBackend=self.swift_backend)

        if useCache:
            p = KeyPartitionCache(partitionStore=self.partitionStore)
        else:
            p = self.partitionStore

        self.cascade = Cascade(partitionStore=p,
                               keySlotMapper=self.keySlotMapper,
                               masterKeySource=self.keySource,
                               cascadeProperties=self.cascadeProperties)

    def refresh_swift_backend(self, swift_backend_new):
        if self.swift_backend != swift_backend_new:
            logging.info(
                "container: {} - replacing old swift backend {} with {}".
                format(self.containerName, self.swift_backend,
                       swift_backend_new))
            self.swift_backend = swift_backend_new
            self.mappingStore.swift_backend = swift_backend_new
            self.keySource.swiftBackend = swift_backend_new

    def finish(self):
        self.cascade.finish()

    def encrypt_object(self, o, name):
        key = self.cascade.getKeyForNewObject(name)
        return DataCrypt.DataCrypt(key).encryptBytesIO(plaintext=o)

    def encrypt_bytes_object(self, o, name):
        return self.encrypt_object(o=io.BytesIO(o), name=name).read()

    def putObject(self, o, name):
        c = self.encrypt_object(o=o, name=name)
        self.swift_backend.putObject(
            self.containerName,
            name,
            c,
            headers={"X-Object-Meta-MCM-Content": DataCrypt.HEADER})

    def decrypt_object(self, c, name):
        key = self.cascade.getKeyForStoredObject(name)
        return DataCrypt.DataCrypt(key).decryptBytesIO(ciphertext=c)

    def decrypt_bytes_object(self, c, name):
        return self.decrypt_object(io.BytesIO(c), name).read()

    def getObject(self, name):
        c = self.swift_backend.getObject(container=self.containerName,
                                         name=name)
        return self.decrypt_object(c, name)

    def deleteObject(self, name):
        """
        delete an individual object. this triggers the secure delete / re-keying on the cascade
        unless batch delete is activated, then the frontend will save deletions to a log and
        not call the cascade for re-keying
        :param name:
        :param deleteDataObjectInSwift:
        :return:
        """
        if self.cascadeProperties.use_batch_delete:
            self.batch_delete_log.add(name)
            logging.info("new batch delete log entry: {}".format(name))
        else:
            self.cascade.secureDeleteObjectKey(name)

    def batch_delete_start(self):
        """
        here we process the logged delete requests.
        The key cascade can process them all at once in a single re-key operation
        :return:
        """
        this_batch = self.batch_delete_log.copy()
        self.batch_delete_log.clear()
        logging.warning(
            "executing batch deletions on {}. Log has a length of {}".format(
                self.containerName, len(this_batch)))
        try:
            self.cascade.secureDeleteObjectKeyBatch(names=this_batch)
        except Exception as e:
            self.batch_delete_log.update(this_batch)
            raise SystemError("Batch log was restored. {}".format(e))