Proto commits in cossacklabs/acra

These 11 commits are when the Protocol Buffers files have changed:

2024-09-17

Commit:	8843776
Author:	Zhaars	2024-09-17 14:07:16 +0200
Committer:	GitHub	2024-09-17 14:07:16 +0200

Pg_query integration (#691) Integrate pg_query parser

The documentation is generated from this commit.

2023-11-10

Commit:	80fc974
Author:	Zhaars	2023-11-10 14:57:38 +0100

Integrate pg_query parser to QueryDataEncryptor component

The documentation is generated from this commit.

2023-10-31

Commit:	19be5f1
Author:	Zhaars	2023-10-31 10:03:03 +0100

Initial setup

2022-12-16

Commit:	38dc19e
Author:	Lagovas	2022-12-16 18:04:12 +0200
Committer:	GitHub	2022-12-16 18:04:12 +0200

Remove zone support (#574) * remove zones from acra-rollback * remove zones from acra-rotate * remove zones for acra-translator * remove zones from AS/AT, leave as additionalContext leave tokenization with zones/AD * remove acra-addzone * remove zone/zonemode related tests and code from acra-keys/keymaker * update mocks * update swagger related docs/schema * integration tests: remove zones from tests/utils.py:prepare_encryptor_config * remove zonese from integration tests * remove mention of zones in class names * mark zone's keys as legacy * remove from generate_acrastruct.py tool * remove building acra-addzone * remove zones from benchmarks * remove legacy mock * fix benchmarks * update configs * remove zones and their mentioning from examples * remove zones from encryptor's config example * remove legacy and redundant fuzz that not used anywhere and uses zones too * change zones to additionalContext in wrappers

2022-03-29

Commit:	e522e23
Author:	Lagovas	2022-03-29 19:36:30 +0300
Committer:	GitHub	2022-03-29 19:36:30 +0300

Transparent decryption with metadata replacing (#515) * extend client session with map interface to store session related data * save session in ctx * save query encryption settings to client session * make public function of encoding binary data to hex wrap encoding functions with wrapper that do nothing with valid strings * extend GetData method for BoundValue with error returning to handle possible errors * save client session in ctx after accepting connection user struct instead of interface for QueryDataItem to avoid extra nil checks with reflection * remove redundant interface method with per column subscribing that weren't used by any component and just produce unused code and complicate reading * extend PgSQLDataEncoderProcessor, make responsible for all data encoding/decoding operations over interesting data for decryption/detokenization received from database * update encoding encrypted data in PostgresqlDBDataCoder extend encryptor, now find ColumnEncryptionSettings for queries from Parse Packet with placeholders and save it in ClientSession to use it in ParameterDescription packet followed by Parse packet (and also for Bind packet but there we already have query to re-parse it) * parse ParameterDescription + RowDescription packets, update OID values according to ColumnEncryptionSetting change value encoding flow for encrypted integers Remove encoding/decoding logic from Column struct, use only from PostgresqlEncoderDecoder and BoundValue encodings * refactor ColumnData: - don't use DecodedData struct - store raw data on protocol handler level - encode/decode data in OnColumn handler on higher level * log keystore's folder used on startup * use logger related to context instead of global in handleBindPacket function * store data about used placeholders and related ColumnEncryptionSetting in SQL queries to encrypt bound values * handle text format for binds too fix parameter description updates * validate token type in encryption_config * fix saving placeholder's data and add unit tests * move pgsql data encoder from pseudonymization to decryptor/postgresql package * convert comparable data to bytes due to receiving as bytes from db drivers * use separate setting field for data type tampering * separate PgDataEncodeDecodeProcessor into two separate processors fix unit/integration tests * encapsulate long logical check into separate function into common package decryptor/base

2022-03-17

Commit:	9b7e0ba
Author:	Lagovas	2022-03-17 18:23:16 +0200

use separate setting field for data type tampering

2021-11-25

Commit:	eee9eb4
Author:	Lagovas	2021-11-25 17:00:59 +0100
Committer:	GitHub	2021-11-25 18:00:59 +0200

Refactor AT services (#461) * * use AcraTranslatorData instead of fields of services, share all data using only AcraTranslatorData struct * pass build flags in integrations tests * fix overriding test in integrations tests * make getClientID as separate function instead of method of TLSServiceWrapper * add registries for registering callbacks on HTTP/gRPC initialization * initialize and assign tokenizer to TranslatorData explicitly and outside of newServer function * extend makefile with building command of grpc services for tests update golang services according to updates https://github.com/grpc/grpc-go/issues/3669

2021-11-05

Commit:	88e2c59
Author:	Lagovas	2021-11-05 22:37:52 +0200

Acra v0.90.0

2020-02-12

Commit:	6586966
Author:	Dmitriy Korneev	2020-02-12 21:16:57 +0200

merge masking and translator refactorings

2020-02-06

Commit:	096c24f
Author:	Lagovas	2020-02-06 17:33:57 +0200
Committer:	GitHub	2020-02-06 17:33:57 +0200

encryption api for acra-translator (#348) * add encrypt method for grpc and http api

2018-07-23

Commit:	cbf1705
Author:	vixentael	2018-07-23 14:57:59 +0300
Committer:	GitHub	2018-07-23 14:57:59 +0300

Add AcraTranslator service T663 (#213) * acra reader: entry point * deadline listener; refactor acra-server * base part of connection handling (#197) * base part of connection handling * save connections by descriptor * add a little bit graceful stop service * basic http /decrypt handle (#198) * refactor http API handler, add test (#199) * refactor http API handler, add test * validate acrastruct length before decryption (#201) * add more errors checking * copy keys in test keystorage, add tests on encryption * move into separate folder; add http message responses in body * grpc handler (#200) * change sign of comparison key length * base part of connection handling * save connections by descriptor * add a little bit graceful stop service * add grpc service * fix log message * fix import path * add missing file * validate acrastruct length before decryption * add api test * drop old method fill with zeroes private key * verbose go get * rename api -> grpc_api * fix network part (#203) * fix accepting connections, network manager * drop comment * AcraReader http buffering (#204) * fixing http handling * close connection, remove buffers for http response * add more logs to decryptor * move defer to the top * acra-reader -> acra-translator renaming (#205) * acra-reader -> acra-translator * re-gen api.pb.go * rm old file * Update AcraConnector to connect with AcraTranslator (#206) * acra-reader -> acra-translator * re-gen api.pb.go * add separate acra-translator keys * simplify keys check * acra reader integration tests [T663] (#207) * integration tests for grpc/http * refactor serializing http response struct * check response codes and messages in tests * compare all messages in lower case * add translator keystore move filesystem keystore to separate package run translator with own transport keys * fix import in unit test * return error code after failed creation of posion record * drop keys folder before tests * set Connection: close header to http response * optimize response sending * deadline for secure session handshake timeout for http requests in tests * refactor tests of acra-connector shutdown * detect poison record on translator (#212) * check poison records on acra-translator * change path to test master key * update log messages