remove all default keys (#1485)

This change:
- Generates a new BitTorrent pepper by default
- Generates a new pagination key by default
- Changes the pagination key format to base64
- Removes selfsigned JWT certs
- Moves test keys to test/data

config.py

@@ -1,5 +1,9 @@
+from uuid import uuid4
+
 import os.path
 
+from cryptography.fernet import Fernet
+
 import requests
 
 
@@ -258,8 +262,8 @@ class DefaultConfig(object):
   # Registry v2 JWT Auth config
   JWT_AUTH_MAX_FRESH_S = 60 * 60 + 60  # At most signed for one hour, accounting for clock skew
   JWT_AUTH_TOKEN_ISSUER = 'quay-test-issuer'
-  JWT_AUTH_CERTIFICATE_PATH = 'conf/selfsigned/jwt.crt'
-  JWT_AUTH_PRIVATE_KEY_PATH = 'conf/selfsigned/jwt.key'
+  JWT_AUTH_CERTIFICATE_PATH = None
+  JWT_AUTH_PRIVATE_KEY_PATH = None
 
   # The URL endpoint to which we redirect OAuth when generating a token locally.
   LOCAL_OAUTH_HANDLER = '/oauth/localapp'
@@ -317,13 +321,14 @@ class DefaultConfig(object):
   FEATURE_BITTORRENT = False
   BITTORRENT_PIECE_SIZE = 512 * 1024
   BITTORRENT_ANNOUNCE_URL = 'https://localhost:6881/announce'
-  BITTORRENT_FILENAME_PEPPER = '3ae93fef-c30a-427e-9ba0-eea0fd710419'
+  BITTORRENT_FILENAME_PEPPER = str(uuid4())
   BITTORRENT_WEBSEED_LIFETIME = 3600
 
   # "Secret" key for generating encrypted paging tokens. Only needed to be secret to
   # hide the ID range for production (in which this value is overridden). Should *not*
   # be relied upon for secure encryption otherwise.
-  PAGE_TOKEN_KEY = 'um=/?Kqgp)2yQaS/A6C{NL=dXE&>C:}('
+  # This value is a Fernet key and should be 32bytes URL-safe base64 encoded.
+  PAGE_TOKEN_KEY = '0OYrc16oBuksR8T3JGB-xxYSlZ2-7I_zzqrLzggBJ58='
 
   # The timeout for service key approval.
   UNAPPROVED_SERVICE_KEY_TTL_SEC = 60 * 60 * 24 # One day

test/testconfig.py

@@ -70,6 +70,8 @@ class TestConfig(DefaultConfig):
   SIGNING_ENGINE = 'gpg2'
 
   GPG2_PRIVATE_KEY_NAME = 'EEB32221'
-  GPG2_PRIVATE_KEY_FILENAME = '/test/signing-private.gpg'
-  GPG2_PUBLIC_KEY_FILENAME = '/test/signing-public.gpg'
+  GPG2_PRIVATE_KEY_FILENAME = '/test/data/signing-private.gpg'
+  GPG2_PUBLIC_KEY_FILENAME = '/test/data/signing-public.gpg'
 
+  JWT_AUTH_CERTIFICATE_PATH = 'test/data/registry_v2_auth.crt'
+  JWT_AUTH_PRIVATE_KEY_PATH = 'test/data/registry_v2_auth_private.key'

util/security/crypto.py

@@ -4,12 +4,12 @@ from cryptography.fernet import Fernet, InvalidToken
 
 def encrypt_string(string, key):
   """ Encrypts a string with the specified key. The key must be 32 raw bytes. """
-  f = Fernet(base64.urlsafe_b64encode(key))
+  f = Fernet(key)
   return f.encrypt(string)
 
 def decrypt_string(string, key, ttl=None):
   """ Decrypts an encrypted string with the specified key. The key must be 32 raw bytes. """
-  f = Fernet(base64.urlsafe_b64encode(key))
+  f = Fernet(key)
   try:
     return f.decrypt(str(string), ttl=ttl)
   except InvalidToken: