Possibility of using a ksm plugin to encrypt the file on the client side when using an s3 backend

[andre-stoesel]

Hello,

I am currently looking for a way to share a (remote) S3 bucket locally on my network. The sftpgo project makes a very good first impression. The documentation states that the file encryption only works with a local file system and that for the cloud based solution you should use the server side encryption.

However, I don't really trust the server side encryption.

Would it be possible to work around this limitation by developing a custom kms plugin? If so, is this advisable or can it cause major problems?

Thanks in advance :)

[drakkan]

Hi,

KMS can be used to store the master encryption key, we should encrypt/decrypt files on the fly on the client side (this means that any other S3 client will read encrypted files and only SFTPGo can decrypt your files). We also need to provide the decrypted size in file list and stat calls. Download from an offset could be problematic and/or add complexity. I should do some testing and invest some time to evaluate if this is possible and to estimate the added complexity.

Do you plan to support SFTPGo with a sponsorship/donation?

[andre-stoesel]

That sounds a little more complex than I initially thought. I was hoping I could just implement an simple plugin and it would work ;)

I am curious to see what your final assessment will be.

Regarding sponsoring:

I'm looking for a solution for my private purposes. I don't run a company and won't earn any money with it.
Nevertheless, there is nothing that speaks against me contributing a small monthly amount for the use of the software. However, it won't be much and therefore it's questionable if a bigger effort will be worthwhile for you.

[drakkan]

That sounds a little more complex than I initially thought. I was hoping I could just implement an simple plugin and it would work ;)

If you use the SFTPGo development version you can implement a plugin using the httpfs

AWS provide two options for client side encryption. I think you won't trust option 1: "Using a KMS key stored in AWS KMS", this should require minimal changes.
If instead we encrypt the files ourself and the encryption changes the file size we have to return the unencrypted size to the clients otherwise they stalls while downloading the files and we need to properly manage downloads from an offset different from zero. You can handle these things in your own httpfs based hook but I don't think it is so straightforward

I am curious to see what your final assessment will be.

I don't have enough time for an in-depth analysis right now, I will reevaluate it in the future

Regarding sponsoring:

I'm looking for a solution for my private purposes. I don't run a company and won't earn any money with it. Nevertheless, there is nothing that speaks against me contributing a small monthly amount for the use of the software. However, it won't be much and therefore it's questionable if a bigger effort will be worthwhile for you.

[andre-stoesel]

If you use the SFTPGo development version you can implement a plugin using the httpfs

Thank you very much. I'll take a look at it.