From 475ff60c3f66bfedda63c5d55946c241edb48082 Mon Sep 17 00:00:00 2001 From: Robert Newson Date: Wed, 4 Nov 2020 15:39:09 +0000 Subject: Add an "encryption" object to db info The encryption object contains a boolean "enabled" property. Additional properties might be added by the key manager which will appear in the "key_manager" sub-object. --- src/aegis/src/aegis.erl | 11 +++++++++++ src/aegis/src/aegis_key_manager.erl | 8 ++++++++ src/aegis/test/aegis_server_test.erl | 7 +++++++ src/fabric/src/fabric2_fdb.erl | 4 +++- 4 files changed, 29 insertions(+), 1 deletion(-) diff --git a/src/aegis/src/aegis.erl b/src/aegis/src/aegis.erl index e8a0b4bfb..d3f7f9676 100644 --- a/src/aegis/src/aegis.erl +++ b/src/aegis/src/aegis.erl @@ -20,6 +20,7 @@ -export([ init_db/2, open_db/1, + get_db_info/1, decrypt/2, decrypt/3, @@ -39,6 +40,16 @@ open_db(#{} = Db) -> }. +get_db_info(#{is_encrypted := IsEncrypted} = Db) -> + KeyManagerInfo = case erlang:function_exported(?AEGIS_KEY_MANAGER, get_db_info, 1) of + true -> + ?AEGIS_KEY_MANAGER:get_db_info(Db); + false -> + [] + end, + [{enabled, IsEncrypted}, {key_manager, {KeyManagerInfo}}]. + + encrypt(#{} = _Db, _Key, <<>>) -> <<>>; diff --git a/src/aegis/src/aegis_key_manager.erl b/src/aegis/src/aegis_key_manager.erl index aa9e3429a..4426c4f10 100644 --- a/src/aegis/src/aegis_key_manager.erl +++ b/src/aegis/src/aegis_key_manager.erl @@ -20,3 +20,11 @@ -callback open_db(Db :: #{}) -> {ok, binary()} | false. + + +-callback get_db_info(Db :: #{}) -> list(). + + +-optional_callbacks([ + get_db_info/1 +]). diff --git a/src/aegis/test/aegis_server_test.erl b/src/aegis/test/aegis_server_test.erl index 0f96798b7..ff16475b4 100644 --- a/src/aegis/test/aegis_server_test.erl +++ b/src/aegis/test/aegis_server_test.erl @@ -35,6 +35,8 @@ basic_test_() -> {timeout, ?TIMEOUT, fun test_init_db/0}}, {"open_db returns true when encryption enabled", {timeout, ?TIMEOUT, fun test_open_db/0}}, + {"get_db_info returns encryption enabled true", + {timeout, ?TIMEOUT, fun test_get_db_info/0}}, {"init_db caches key", {timeout, ?TIMEOUT, fun test_init_db_cache/0}}, {"open_db caches key", @@ -70,6 +72,11 @@ test_open_db() -> ?assertEqual(1, meck:num_calls(?AEGIS_KEY_MANAGER, open_db, 1)). +test_get_db_info() -> + ?assertEqual([{enabled,true},{key_manager,{[]}}], + aegis:get_db_info(#{is_encrypted => true})). + + test_init_db_cache() -> ?assertEqual(0, meck:num_calls(?AEGIS_KEY_MANAGER, init_db, 2)), diff --git a/src/fabric/src/fabric2_fdb.erl b/src/fabric/src/fabric2_fdb.erl index 36fa451ab..aa2badee9 100644 --- a/src/fabric/src/fabric2_fdb.erl +++ b/src/fabric/src/fabric2_fdb.erl @@ -495,7 +495,9 @@ get_info(#{} = Db) -> tx := Tx, db_prefix := DbPrefix } = ensure_current(Db), - get_info_wait(get_info_future(Tx, DbPrefix)). + DbInfo = get_info_wait(get_info_future(Tx, DbPrefix)), + AegisProps = aegis:get_db_info(Db), + [{encryption, {AegisProps}} | DbInfo]. get_info_future(Tx, DbPrefix) -> -- cgit v1.2.1