Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[MD] Add data source signing support #2510

Merged
merged 3 commits into from
Oct 11, 2022

Conversation

noCharger
Copy link
Contributor

@noCharger noCharger commented Oct 5, 2022

Signed-off-by: Louis Chu [email protected]

Description

Add data source signing support

Signature algorithm: ECDSA with P-384 and SHA-384. Under multiple data source case, data source indices stored on OpenSearch can be modified / replaced by attacker, as @dblock pointed out. With ECDSA signature, ciphertext decryption will fail if it’s getting pullted. No one will be able to create another signature that verifies with the public key because the private key has been dropped.

Step to change endpoint on OpenSearch

  1. Create a data source with endpoint https://localhost:9200
      {
        "_index" : ".kibana",
        "_id" : "data-source:0000000",
        "_score" : 1.3862942,
        "_source" : {
          "data-source" : {
            "title" : "test-1",
            "description" : "",
            "endpoint" : "https://localhost:9200",
            "auth" : {
              "type" : "username_password",
              "credentials" : {
                "password" : "****",
                "username" : "test"
              }
            }
          },
          "type" : "data-source",
          "references" : [ ],
          "updated_at" : "2022-10-06T19:58:13.069Z"
        }
  1. Update the document (either full doc or partially)
PUT /.kibana/_doc/data-source:0000000
      {
          "data-source" : {
            "title" : "test-1",
            "description" : "",
            "endpoint" : "http://hacker.com",
            "auth" : {
              "type" : "username_password",
              "credentials" : {
                "password" : "****",
                "username" : "test"
              }
            }
          },
          "type" : "data-source",
          "references" : [ ],
          "updated_at" : "2022-10-06T19:58:13.069Z"
        }
  1. Read the document again
    GET /.kibana/_doc/data-source:0000000
     {
       "_index" : ".kibana",
       "_id" : "data-source:0000000",
       "_score" : 1.3862942,
       "_source" : {
         "data-source" : {
           "title" : "test-1",
           "description" : "",
           "endpoint" : "http://hacker.com",
           "auth" : {
             "type" : "username_password",
             "credentials" : {
               "password" : "****",
               "username" : "test"
             }
           }
         },
         "type" : "data-source",
         "references" : [ ],
         "updated_at" : "2022-10-06T19:58:13.069Z"
       }

Issues Resolved

#2520
#2207

Check List

  • All tests pass
    • yarn test:jest src/plugins/data_source
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

@noCharger noCharger self-assigned this Oct 5, 2022
@noCharger noCharger added multiple datasource multiple datasource project backport 2.x labels Oct 5, 2022
@noCharger noCharger changed the title Add data source signing support [MD] Add data source signing support Oct 5, 2022
@noCharger noCharger added the v2.4.0 'Issues and PRs related to version v2.4.0' label Oct 5, 2022
@noCharger noCharger requested a review from AMoo-Miki October 5, 2022 18:00
@noCharger noCharger marked this pull request as ready for review October 5, 2022 22:31
@noCharger noCharger requested a review from a team as a code owner October 5, 2022 22:31
CHANGELOG.md Outdated
@@ -10,18 +12,20 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)

### 📈 Features/Enhancements

* [MD] Support legacy client for data source ([#2204](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2204))
* [Plugin Helpers] Facilitate version changes ([#2398](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2398))
- [MD] Support legacy client for data source ([#2204](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2204))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the auto linter here needs a fix since this will cause conflicts with all existing PR's if merged.

@ashwin-pc
Copy link
Member

@noCharger Can we keep the diff limited to just the change? I know it can be tempting (or just an accident) to push in a bunch of other linting fixes but that makes the PR harder to read and is also usually a source for other merge conflicts unrelated to your change. We can address them in a separate PR.

@noCharger
Copy link
Contributor Author

noCharger commented Oct 5, 2022

@noCharger Can we keep the diff limited to just the change? I know it can be tempting (or just an accident) to push in a bunch of other linting fixes but that makes the PR harder to read and is also usually a source for other merge conflicts unrelated to your change. We can address them in a separate PR.

@ashwin-pc Yes it's triggered by the prettier. Created a seperate issue for the lint on CHANGELOG #2519 and removed the lint changes on this PR.

@noCharger noCharger requested review from ashwin-pc and a team October 5, 2022 23:14
@noCharger noCharger requested a review from zhongnansu October 6, 2022 02:45
@codecov-commenter
Copy link

codecov-commenter commented Oct 6, 2022

Codecov Report

Merging #2510 (2ba789e) into main (7777749) will increase coverage by 0.00%.
The diff coverage is 82.35%.

@@           Coverage Diff           @@
##             main    #2510   +/-   ##
=======================================
  Coverage   66.73%   66.73%           
=======================================
  Files        3203     3204    +1     
  Lines       60978    60988   +10     
  Branches     9274     9275    +1     
=======================================
+ Hits        40692    40702   +10     
- Misses      18067    18068    +1     
+ Partials     2219     2218    -1     
Impacted Files Coverage Δ
...plugins/data_source/server/cryptography_service.ts 72.22% <72.22%> (ø)
...gins/data_source/server/client/configure_client.ts 87.17% <88.88%> (+7.17%) ⬆️
...s/data_source/server/cryptography_service.mocks.ts 100.00% <100.00%> (ø)
...ta_source/server/legacy/configure_legacy_client.ts 70.83% <100.00%> (+6.25%) ⬆️
...ared/static/forms/hook_form_lib/hooks/use_field.ts 65.70% <0.00%> (-0.97%) ⬇️
...ic/application/models/sense_editor/sense_editor.ts 65.77% <0.00%> (+0.88%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@kristenTian
Copy link
Contributor

One favor, could you mention the testing steps about how to reproduce the attack and expected error message? This way others know how to test as well.

@noCharger
Copy link
Contributor Author

noCharger commented Oct 6, 2022

One favor, could you mention the testing steps about how to reproduce the attack and expected error message? This way others know how to test as well.

@kristenTian Reproduce the attack seems to be a risky thing because it's not a bug but a system level security leak. From system architecture, we cannot gaurantee the document is untouched on OpenSearch side. Added one simple (non-hacking way) example here

From OSD side, there are UTs on PR

https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2510/files#diff-a0206b2410205bc1ae830a9621db3abcbfad402f94655f1ad99d6d44dcd8fdceR176-R189

zhongnansu
zhongnansu previously approved these changes Oct 10, 2022
Copy link
Member

@zhongnansu zhongnansu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm. found 1 typo

kristenTian
kristenTian previously approved these changes Oct 10, 2022
AMoo-Miki
AMoo-Miki previously approved these changes Oct 10, 2022
src/plugins/data_source/README.md Outdated Show resolved Hide resolved
src/plugins/data_source/README.md Outdated Show resolved Hide resolved
src/plugins/data_source/README.md Outdated Show resolved Hide resolved
AMoo-Miki
AMoo-Miki previously approved these changes Oct 10, 2022
Copy link
Member

@ananzh ananzh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ananzh ananzh merged commit e3bbdef into opensearch-project:main Oct 11, 2022
opensearch-trigger-bot bot pushed a commit that referenced this pull request Oct 11, 2022
* Add data source signing support
* Optimize error handling and logging
* Update wording on error message and readme

Signed-off-by: Louis Chu <[email protected]>
(cherry picked from commit e3bbdef)
Comment on lines +297 to +298
this.logger.error(errMsg);
this.logger.error(err);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

better to log the error into 1 message

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

since you throw it on L299, so you don't need to log it here

kristenTian pushed a commit that referenced this pull request Oct 12, 2022
* Add data source signing support
* Optimize error handling and logging
* Update wording on error message and readme

Signed-off-by: Louis Chu <[email protected]>
(cherry picked from commit e3bbdef)
kristenTian pushed a commit that referenced this pull request Oct 12, 2022
* Add data source signing support
* Optimize error handling and logging
* Update wording on error message and readme

Signed-off-by: Louis Chu <[email protected]>
(cherry picked from commit e3bbdef)

Co-authored-by: Louis Chu <[email protected]>
@ananzh ananzh added the enhancement New feature or request label Nov 5, 2022
pjfitzgibbons pushed a commit to pjfitzgibbons/OpenSearch-Dashboards that referenced this pull request Dec 1, 2022
…earch-project#2547)

* Add data source signing support
* Optimize error handling and logging
* Update wording on error message and readme

Signed-off-by: Louis Chu <[email protected]>
(cherry picked from commit e3bbdef)

Co-authored-by: Louis Chu <[email protected]>
sipopo pushed a commit to sipopo/OpenSearch-Dashboards that referenced this pull request Dec 16, 2022
* Add data source signing support
* Optimize error handling and logging
* Update wording on error message and readme

Signed-off-by: Louis Chu <[email protected]>
Signed-off-by: Sergey V. Osipov <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport 2.x enhancement New feature or request multiple datasource multiple datasource project v2.4.0 'Issues and PRs related to version v2.4.0'
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants