apache · spacewander · Sep 23, 2022 · Sep 15, 2022 · Sep 15, 2022 · Sep 15, 2022
diff --git a/apisix/cli/file.lua b/apisix/cli/file.lua
@@ -133,6 +133,10 @@ local function path_is_multi_type(path, type_val)
         return true
     end
 
+    if path == "apisix->ssl->key_encrypt_salt" then
+        return true
+    end
+
     return false
 end
 

diff --git a/apisix/cli/schema.lua b/apisix/cli/schema.lua
@@ -219,7 +219,25 @@ local config_schema = {
                                     }
                                 }
                             }
-                        }
+                        },
+                        key_encrypt_salt = {
+                            anyOf = {
+                                {
+                                    type = "array",
+                                    minItems = 1,
+                                    items = {
+                                        type = "string",
+                                        minLength = 16,
+                                        maxLength = 16
+                                    }
+                                },
+                                {
+                                    type = "string",
+                                    minLength = 16,
+                                    maxLength = 16
+                                }
+                            }
+                        },
                     }
                 },
             }

diff --git a/apisix/ssl.lua b/apisix/ssl.lua
@@ -22,6 +22,7 @@ local aes = require("resty.aes")
 local str_lower = string.lower
 local assert = assert
 local type = type
+local ipairs = ipairs
 
 
 local cert_cache = core.lrucache.new {
@@ -55,23 +56,32 @@ function _M.server_name()
 end
 
 
-local _aes_128_cbc_with_iv = false
+local _aes_128_cbc_with_iv_tbl
 local function get_aes_128_cbc_with_iv()
-    if _aes_128_cbc_with_iv == false then
+    if _aes_128_cbc_with_iv_tbl == nil then
+        _aes_128_cbc_with_iv_tbl = core.table.new(2, 0)
         local local_conf = core.config.local_conf()
-        local iv = core.table.try_read_attr(local_conf, "apisix", "ssl", "key_encrypt_salt")
-        if type(iv) =="string" and #iv == 16 then
-            _aes_128_cbc_with_iv = assert(aes:new(iv, nil, aes.cipher(128, "cbc"), {iv = iv}))
-        else
-            _aes_128_cbc_with_iv = nil
+        local ivs = core.table.try_read_attr(local_conf, "apisix", "ssl", "key_encrypt_salt")
+        local type_ivs = type(ivs)
+
+        if type_ivs == "table" then
+            for _, iv in ipairs(ivs) do
+                local aes_with_iv = assert(aes:new(iv, nil, aes.cipher(128, "cbc"), {iv = iv}))
+                core.table.insert(_aes_128_cbc_with_iv_tbl, aes_with_iv)
+            end
+        elseif type_ivs == "string" then
+            local aes_with_iv = assert(aes:new(ivs, nil, aes.cipher(128, "cbc"), {iv = ivs}))
+            core.table.insert(_aes_128_cbc_with_iv_tbl, aes_with_iv)
         end
     end
-    return _aes_128_cbc_with_iv
+
+    return _aes_128_cbc_with_iv_tbl
 end
 
 
 function _M.aes_encrypt_pkey(origin)
-    local aes_128_cbc_with_iv = get_aes_128_cbc_with_iv()
+    local aes_128_cbc_with_iv_tbl = get_aes_128_cbc_with_iv()
+    local aes_128_cbc_with_iv = aes_128_cbc_with_iv_tbl[1]
     if aes_128_cbc_with_iv ~= nil and core.string.has_prefix(origin, "---") then
         local encrypted = aes_128_cbc_with_iv:encrypt(origin)
         if encrypted == nil then
@@ -86,32 +96,32 @@ function _M.aes_encrypt_pkey(origin)
 end
 
 
-local function decrypt_priv_pkey(iv, key)
-    local decoded_key = ngx_decode_base64(key)
-    if not decoded_key then
-        core.log.error("base64 decode ssl key failed. key[", key, "] ")
-        return nil
+local function aes_decrypt_pkey(origin)
+    if core.string.has_prefix(origin, "---") then
+        return origin
     end
 
-    local decrypted = iv:decrypt(decoded_key)
-    if not decrypted then
-        core.log.error("decrypt ssl key failed. key[", key, "] ")
+    local aes_128_cbc_with_iv_tbl = get_aes_128_cbc_with_iv()
+    if #aes_128_cbc_with_iv_tbl == 0 then
+        return origin
     end
 
-    return decrypted
-end
-
-
-local function aes_decrypt_pkey(origin)
-    if core.string.has_prefix(origin, "---") then
-        return origin
+    local decoded_key = ngx_decode_base64(origin)
+    if not decoded_key then
+        core.log.error("base64 decode ssl key failed. key[", origin, "] ")
+        return nil
     end
 
-    local aes_128_cbc_with_iv = get_aes_128_cbc_with_iv()
-    if aes_128_cbc_with_iv ~= nil then
-        return decrypt_priv_pkey(aes_128_cbc_with_iv, origin)
+    for _, aes_128_cbc_with_iv in ipairs(aes_128_cbc_with_iv_tbl) do
+        local decrypted = aes_128_cbc_with_iv:decrypt(decoded_key)
+        if decrypted then
+            return decrypted
+        end
     end
-    return origin
+
+    core.log.error("decrypt ssl key failed")
+
+    return nil
 end
 
 

diff --git a/conf/config-default.yaml b/conf/config-default.yaml
@@ -112,9 +112,10 @@ apisix:
     ssl_session_tickets: false              #  disable ssl_session_tickets by default for 'ssl_session_tickets' would make Perfect Forward Secrecy useless.
                                             #  ref: https://github.com/mozilla/server-side-tls/issues/135
 
-    key_encrypt_salt: edd1c9f0985e76a2      #  If not set, will save origin ssl key into etcd.
-                                            #  If set this, must be a string of length 16. And it will encrypt ssl key with AES-128-CBC
-                                            #  !!! So do not change it after saving your ssl, it can't decrypt the ssl keys have be saved if you change !!
+    key_encrypt_salt:             #  If not set, will save origin ssl key into etcd.
+      - edd1c9f0985e76a2          #  If set this, the key_encrypt_salt should be an array whose elements are string, and the size is also 16, and it will encrypt ssl key with AES-128-CBC
+                                  #  !!! So do not change it after saving your ssl, it can't decrypt the ssl keys have be saved if you change !!
+                                  #  Only use the first key to encrypt, and decrypt in the order of the array.
 
     #fallback_sni: "my.default.domain"      # If set this, when the client doesn't send SNI during handshake, the fallback SNI will be used instead
   enable_control: true