[Checkins] SVN: keas.kmi/trunk/src/keas/kmi/ Add a trivial KeyHolder utility.

Thu Sep 4 19:42:08 EDT 2008

Log message for revision 90851:
  Add a trivial KeyHolder utility.
  
  

Changed:
  A   keas.kmi/trunk/src/keas/kmi/keyholder.py
  A   keas.kmi/trunk/src/keas/kmi/keyholder.txt
  U   keas.kmi/trunk/src/keas/kmi/tests.py

-=-
Added: keas.kmi/trunk/src/keas/kmi/keyholder.py
===================================================================

--- keas.kmi/trunk/src/keas/kmi/keyholder.py	                        (rev 0)
+++ keas.kmi/trunk/src/keas/kmi/keyholder.py	2008-09-04 23:42:08 UTC (rev 90851)
@@ -0,0 +1,31 @@
+##############################################################################
+#
+# Copyright (c) 2008 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""
+$Id
+"""
+__docformat__ = "reStructuredText"
+
+from zope.interface import implements
+
+from keas.kmi.interfaces import IKeyHolder
+
+
+class KeyHolder(object):
+    """A key holder utility that loads the key from a file and keeps it in RAM."""
+
+    implements(IKeyHolder)
+
+    def __init__(self, filename):
+        self.key = file(filename, 'rb').read()
+


Property changes on: keas.kmi/trunk/src/keas/kmi/keyholder.py
___________________________________________________________________
Name: svn:keywords
   + Id

Added: keas.kmi/trunk/src/keas/kmi/keyholder.txt
===================================================================
--- keas.kmi/trunk/src/keas/kmi/keyholder.txt	                        (rev 0)
+++ keas.kmi/trunk/src/keas/kmi/keyholder.txt	2008-09-04 23:42:08 UTC (rev 90851)
@@ -0,0 +1,42 @@
+===================
+Database key holder
+===================
+
+If you want to have encrypted objects in the database, you need to store the
+key encrypting key somewhere.  A DatabaseKeyHolder stores it in the database
+alongside your encrypted objects.  This is convenient, and slightly secure:
+If someone steals your database, they won't be able to decrypt your data
+without gaining access to the Key Management Server.
+
+    >>> from keas.kmi.keyholder import DatabaseKeyHolder
+    >>> from keas.kmi.interfaces import IKeyHolder
+    >>> from zope.interface.verify import verifyObject
+    >>> holder = DatabaseKeyHolder()
+    >>> verifyObject(IKeyHolder, holder)
+    True
+
+Initially there is no key
+
+    >>> holder.key
+
+We can set it
+
+    >>> holder.key = 'xyzzy'
+    >>> holder.key
+    'xyzzy'
+
+It is actually stored in the database
+
+    >>> from keas.kmi.keyholder improt KEY
+    >>> from zope.component import getUtility
+    >>> from ZODB.interfaces import IDatabase
+    >>> getUtility(IDatabase).open().root()[KEY]
+    'xyzzy'
+
+You cannot change the key once it's set
+
+    >>> holder.key = 'wubawuba'
+    Traceback (most recent call last):
+      ...
+    ValueError: waaah
+


Property changes on: keas.kmi/trunk/src/keas/kmi/keyholder.txt
___________________________________________________________________
Name: svn:eol-style
   + native

Modified: keas.kmi/trunk/src/keas/kmi/tests.py
===================================================================
--- keas.kmi/trunk/src/keas/kmi/tests.py	2008-09-04 22:35:56 UTC (rev 90850)
+++ keas.kmi/trunk/src/keas/kmi/tests.py	2008-09-04 23:42:08 UTC (rev 90851)
@@ -20,9 +20,12 @@
 from zope.testing import doctest
 from zope.app.testing import setup
 from zope.component import provideUtility
+from zope.interface.verify import verifyObject
 
 from keas.kmi.testing import TestingKeyManagementFacility
+from keas.kmi.keyholder import KeyHolder
 from keas.kmi.interfaces import IKeyManagementFacility
+from keas.kmi.interfaces import IKeyHolder
 
 
 def setUpPersistent(test):
@@ -38,6 +41,16 @@
     setup.tearDownTestAsModule(test)
 
 
+def doctest_KeyHolder():
+    """Smoke test for the KeyHolder class.
+
+        >>> holder = KeyHolder(__file__)
+        >>> verifyObject(IKeyHolder, holder)
+        True
+
+    """
+
+
 def test_suite():
     return unittest.TestSuite([
         doctest.DocFileSuite(
@@ -48,4 +61,5 @@
             'persistent.txt',
             setUp=setUpPersistent, tearDown=tearDownPersistent,
             optionflags=doctest.NORMALIZE_WHITESPACE|doctest.ELLIPSIS),
+        doctest.DocTestSuite(),
     ])

