a4171b5772
This commit implements a MinIO specific request encryption/decryption logic. It is not documented, nor listed anywhere except the oficially supported SDKs (Python, GO) use these. Therefore, the logic is reverse engineered from the existing SDKs (https://github.com/minio/minio-py, https://github.com/minio/madmin-go/tree/main) Figuring out request body encrypt/decrypt operation by reading other source code without proper documentation was painful. So, here is my understanding on how they perform encryption. The decryption is simply doing the same thing but decrypting instead of encrypting. 1. First 32 bytes of a request body is SALT. That is a set of random bytes to use together with the secret key to encrypt the data. 2. Next 8 bytes of a request body is NONCE. These are again random bytes used to encrypt the request body and extra bytes from NONCE because NONCE should be 12 bytes in Argon but we use only 8 for MinIO. 3. Next bytes until the last 16th byte is the request body in encrypted form using AesGcmCipherProvider 4. Last 16 bytes are what is called as hmac_tag that is generated by the full length of nonce (12 bytes) in encrypted form. This commit comes with 2 API implementation that makes use of both encrypt and decrypt functionality; 1. admin_list_users: lists users and some of their properties. The response is sent in encrypted form from the server, therefore, we decrypt it using the credentials and the algorith explained above. 2. admin_add_user: adds a new user to the system with access_key and secret_key. Since keys must not leak outside of the system, the request body is encrypted using the client user secret_key and the algorithm explained above.
3.0 KiB
3.0 KiB