Skip to content

Implement encryptor in keystore library#1587

Merged
connorwstein merged 25 commits intomainfrom
ARCH-331-keystore-encryptor-2
Oct 27, 2025
Merged

Implement encryptor in keystore library#1587
connorwstein merged 25 commits intomainfrom
ARCH-331-keystore-encryptor-2

Conversation

@connorwstein
Copy link
Copy Markdown
Contributor

@connorwstein connorwstein commented Oct 6, 2025
edited
Loading

Note signer impl already reviewed.

@connorwstein connorwstein changed the title Wip encryptor Implement encryptor in keystore library Oct 6, 2025
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Oct 6, 2025
edited
Loading

✅ API Diff Results - No breaking changes

📄 View full apidiff report

jmank88
jmank88 reviewed Oct 6, 2025
View reviewed changes
Comment thread keystore/serialization/keystore.proto Outdated
pavel-raykov
pavel-raykov reviewed Oct 9, 2025
View reviewed changes
Comment thread keystore/keystore.go
pavel-raykov
pavel-raykov previously approved these changes Oct 9, 2025
View reviewed changes
jmank88
jmank88 reviewed Oct 9, 2025
View reviewed changes
Comment thread keystore/encryptor.go
}
return EncryptResponse{EncryptedData: encrypted}, nil
default:
return EncryptResponse{}, ErrEncryptionFailed
Copy link
Copy Markdown
Contributor

@jmank88 jmank88 Oct 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should these ErrEncryptionFailed errors be wrapped with more context? Currently there is no difference between too long, unknown type, name not found, etc.

Copy link
Copy Markdown
Contributor Author

@connorwstein connorwstein Oct 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah thats intentional - most encrypt/decrypt libs operate that way since sometimes leaking info like "bad padding" can lead to attacks. That being said probably less important if the code is OS, not sure can ask sec what they think

jmank88
jmank88 reviewed Oct 9, 2025
View reviewed changes
Comment thread keystore/encryptor.go
}
sharedSecret, err := curve25519.X25519(internal.Bytes(key.privateKey), req.RemotePubKey)
if err != nil {
return DeriveSharedSecretResponse{}, ErrSharedSecretFailed
Copy link
Copy Markdown
Contributor

@jmank88 jmank88 Oct 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should include the original error, no? Or at least log it if we don't want to expose something?

@connorwstein connorwstein enabled auto-merge (squash) October 10, 2025 15:59
@connorwstein
Merge branch 'main' into ARCH-331-keystore-encryptor-2
d46dc32
@connorwstein
Keystore signer impl (#1598)
ac08a79 
* Wip

* Basic signer test

* Errors new

* Fix merge

* Remove unnecessary lock
cedric-cordenier
cedric-cordenier reviewed Oct 10, 2025
View reviewed changes
Comment thread keystore/encryptor.go
const (
// Maximum payload size for encrypt/decrypt operations (100kb)
// Note just an initial limit, we may want to increase this in the future.
MaxEncryptionPayloadSize = 100 * 1024
Copy link
Copy Markdown
Contributor

@cedric-cordenier cedric-cordenier Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we allow users to pass in a limit when creating the keystore? Agree this is fine for now, but since we're going to be trusting clients to use this correctly, it would make sense for them to be able to provide the limit. (Maybe we can follow the OCR model of having a MaxMax limit)

Copy link
Copy Markdown
Contributor Author

@connorwstein connorwstein Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't yet but yep we can add a user facing limit with an underlying MaxMax

cedric-cordenier
cedric-cordenier reviewed Oct 10, 2025
View reviewed changes
Comment thread keystore/encryptor.go
k.mu.RLock()
defer k.mu.RUnlock()

if len(req.EncryptedData) == 0 || len(req.EncryptedData) > MaxEncryptionPayloadSize*2 {
Copy link
Copy Markdown
Contributor

@cedric-cordenier cedric-cordenier Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this potentially brittle? Can we document how we got to this number and under what circumstances it would change

Copy link
Copy Markdown
Contributor Author

@connorwstein connorwstein Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah I think it'd be possible in principle that we introduce some new scheme which has enormous overhead/envelope size (more than 2x), but exceedingly unlikely. Perhaps better to have explicit envelope sizes per type (at least the existing ones so far are fixed so we can start with that). Can do in a follow up

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmank88 jmank88 jmank88 approved these changes

@cedric-cordenier cedric-cordenier cedric-cordenier approved these changes

@pavel-raykov pavel-raykov pavel-raykov left review comments

@gtklocker gtklocker Awaiting requested review from gtklocker

@timweri timweri Awaiting requested review from timweri

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@connorwstein @jmank88 @cedric-cordenier @pavel-raykov @EasterTheBunny