diff --git a/src/replica/replication_app_base.h b/src/replica/replication_app_base.h index 65d4b8dff8c..9a47c038652 100644 --- a/src/replica/replication_app_base.h +++ b/src/replica/replication_app_base.h @@ -52,48 +52,6 @@ class learn_state; class mutation; class replica; -<<<<<<< HEAD -======= -namespace { -template -error_code write_blob_to_file(const std::string &fname, - const T &data, - const dsn::utils::FileDataType &fileDataType) -{ - std::string tmp_fname = fname + ".tmp"; - auto cleanup = defer([tmp_fname]() { utils::filesystem::remove_path(tmp_fname); }); - auto s = rocksdb::WriteStringToFile(dsn::utils::PegasusEnv(fileDataType), - rocksdb::Slice(data.data(), data.length()), - tmp_fname, - /* should_sync */ true); - LOG_AND_RETURN_NOT_TRUE( - ERROR, s.ok(), ERR_FILE_OPERATION_FAILED, "write file {} failed", tmp_fname); - LOG_AND_RETURN_NOT_TRUE(ERROR, - utils::filesystem::rename_path(tmp_fname, fname), - ERR_FILE_OPERATION_FAILED, - "move file from {} to {} failed", - tmp_fname, - fname); - return ERR_OK; -} - -template -error_code load_json_generic(const std::string &fname, T &object) -{ - std::string data; - auto s = rocksdb::ReadFileToString(dsn::utils::PegasusEnv(FileType), fname, &data); - LOG_AND_RETURN_NOT_TRUE(ERROR, s.ok(), ERR_FILE_OPERATION_FAILED, "read file {} failed", fname); - LOG_AND_RETURN_NOT_TRUE( - ERROR, - json::json_forwarder::decode(blob::create_from_bytes(std::move(data)), object), - ERR_FILE_OPERATION_FAILED, - "decode json from file {} failed", - fname); - return ERR_OK; -} -} // namespace - ->>>>>>> 4bd797d87 (feat(encryption): add kms key management) class replica_init_info { public: diff --git a/src/test/function_test/base_api/test_default_key_provider.cpp b/src/test/function_test/base_api/test_default_key_provider.cpp deleted file mode 100644 index ee6a5a1f78d..00000000000 --- a/src/test/function_test/base_api/test_default_key_provider.cpp +++ /dev/null @@ -1,84 +0,0 @@ -// Licensed to the Apache Software Foundation (ASF) under one -// or more contributor license agreements. See the NOTICE file -// distributed with this work for additional information -// regarding copyright ownership. The ASF licenses this file -// to you under the Apache License, Version 2.0 (the -// "License"); you may not use this file except in compliance -// with the License. You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, -// software distributed under the License is distributed on an -// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -// KIND, either express or implied. See the License for the -// specific language governing permissions and limitations -// under the License. - -#include - -#include "gtest/gtest.h" -#include "include/pegasus/client.h" -#include "pegasus/error.h" -#include "replica/default_key_provider.h" -#include "replica/replica_stub.cpp" -#include "runtime/security/replica_kms_info.h" -#include "test/function_test/utils/test_util.h" -#include "test_util/test_util.h" - -using std::string; -using namespace ::pegasus; - -DSN_DECLARE_bool(encrypt_data_at_rest); -DSN_DECLARE_string(server_encrypted_key); - -class DefaultKeyProviderTest : public test_util -{ -protected: - dsn::security::DefaultKeyProvider key_provider; -}; - -TEST_F(DefaultKeyProviderTest, TestEncryptAndDecrypt) -{ - ASSERT_TRUE(client_ != nullptr); - string encryption_key; - string iv; - string version; - string decrypted_key; - const string data_dir = "/tmp/"; - FLAGS_encrypt_data_at_rest = true; - // 生成加密密钥 - ASSERT_TRUE(key_provider.GenerateEncryptionKey(&encryption_key, &iv, &version)); - // 解密密钥 - ASSERT_TRUE(key_provider.DecryptEncryptionKey(encryption_key, iv, version, &decrypted_key)); - FLAGS_server_encrypted_key = decrypted_key.c_str(); - // 存密钥 - dsn::replication::store_kms_key(data_dir, encryption_key, iv, version); - // 写数据 - ASSERT_EQ(PERR_OK, - client_->set("basic_test_hash_key_1", "basic_test_sort_key_1", "basic_test_value_1")); - ASSERT_EQ(PERR_OK, client_->exist("basic_test_hash_key_1", "basic_test_sort_key_1")); - string old_value; - client_->get("basic_test_hash_key_1", "basic_test_sort_key_1", old_value); - LOG_WARNING("value = {}", old_value); - // ASSERT_EQ(PERR_NOT_FOUND, client_->exist("basic_test_hash_key_1", "basic_test_sort_key_2")); - - // 重启服务 - ASSERT_NO_FATAL_FAILURE(run_cmd_from_project_root("./run.sh restart_onebox_instance -r 1")); - // ASSERT_NO_FATAL_FAILURE(run_cmd_from_project_root("./run.sh restart_onebox_instance -r 2")); - // ASSERT_NO_FATAL_FAILURE(run_cmd_from_project_root("./run.sh restart_onebox_instance -r 3")); - - // 获取密钥 - dsn::replication::get_kms_key(data_dir, &encryption_key, &iv, &version); - // 解密密钥 - ASSERT_TRUE(key_provider.DecryptEncryptionKey(encryption_key, iv, version, &decrypted_key)); - FLAGS_server_encrypted_key = decrypted_key.c_str(); - FLAGS_encrypt_data_at_rest = true; - // 验证数据 - string new_value; - ASSERT_EQ(PERR_OK, - client_->get("basic_test_hash_key_1", "basic_test_sort_key_1", new_value)); - LOG_WARNING("value = {}", new_value); - ASSERT_EQ("basic_test_value_1", new_value); - ASSERT_EQ(encryption_key, decrypted_key); -}