Implement secure key via KDF for transparent data encryption/decryption #60

2025-08-30 15:43:01 -05:00
parent ff3b2314bf
commit c00d5e8894
1 changed files with 0 additions and 22 deletions
--- a/repertory/librepertory/src/providers/s3/s3_provider.cpp
+++ b/repertory/librepertory/src/providers/s3/s3_provider.cpp
@@ -780,12 +780,8 @@ auto s3_provider::initialize_crypto(const s3_config &cfg) -> bool {
  switch (res) {
  case api_error::item_not_found: {
    try {
-      event_system::instance().raise<debug_log>(
-          function_name, "searching for master kdf config");
      if (not search_keys_for_master_kdf(cfg.encryption_token)) {
        if (get_directory_item_count("/") == 0U) {
-          event_system::instance().raise<debug_log>(
-              function_name, "creating master kdf config for empty bucket");
          legacy_bucket_ = false;
          master_kdf_cfg_.seal();
          master_key_ =
@@ -794,10 +790,6 @@ auto s3_provider::initialize_crypto(const s3_config &cfg) -> bool {

          res = set_item_meta("/", META_KDF,
                              nlohmann::json(master_kdf_cfg_).dump());
-          event_system::instance().raise<debug_log>(
-              function_name,
-              fmt::format("master_kdf|{}",
-                          nlohmann::json(master_kdf_cfg_).dump(2)));
          if (res != api_error::success) {
            utils::error::raise_api_path_error(function_name, "/", res,
                                               "set kdf config in meta failed");
@@ -812,9 +804,6 @@ auto s3_provider::initialize_crypto(const s3_config &cfg) -> bool {
  } break;

  case api_error::success: {
-    event_system::instance().raise<debug_log>(
-        function_name, "recreating master kdf config for existing bucket");
-
    legacy_bucket_ = false;
    if (not utils::encryption::recreate_key_argon2id(
            cfg.encryption_token, master_kdf_cfg_, master_key_)) {
@@ -1077,13 +1066,8 @@ auto s3_provider::search_keys_for_master_kdf(

    auto res =
        set_item_meta("/", META_KDF, nlohmann::json(master_kdf_cfg_).dump());
-    event_system::instance().raise<debug_log>(
-        function_name,
-        fmt::format("master_kdf|{}", nlohmann::json(master_kdf_cfg_).dump(2)));
    if (res == api_error::success) {
      legacy_bucket_ = false;
-      event_system::instance().raise<debug_log>(function_name,
-                                                "found master kdf config");
      return true;
    }

@@ -1235,12 +1219,6 @@ auto s3_provider::upload_file_impl(const std::string &api_path,
      res = set_item_meta(
          api_path, META_KDF,
          nlohmann::json(*put_file.reader->get_kdf_config_for_data()).dump());
-      event_system::instance().raise<debug_log>(
-          function_name,
-          fmt::format(
-              "file_kdf|{}",
-              nlohmann::json(*put_file.reader->get_kdf_config_for_data())
-                  .dump(2)));
      if (res != api_error::success) {
        return res;
      }