[Checkins] SVN: keas.kmi/trunk/src/keas/kmi/ Add a trivial KeyHolder utility.
Marius Gedminas
marius at pov.lt
Thu Sep 4 19:42:08 EDT 2008
Log message for revision 90851:
Add a trivial KeyHolder utility.
Changed:
A keas.kmi/trunk/src/keas/kmi/keyholder.py
A keas.kmi/trunk/src/keas/kmi/keyholder.txt
U keas.kmi/trunk/src/keas/kmi/tests.py
-=-
Added: keas.kmi/trunk/src/keas/kmi/keyholder.py
===================================================================
--- keas.kmi/trunk/src/keas/kmi/keyholder.py (rev 0)
+++ keas.kmi/trunk/src/keas/kmi/keyholder.py 2008-09-04 23:42:08 UTC (rev 90851)
@@ -0,0 +1,31 @@
+##############################################################################
+#
+# Copyright (c) 2008 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""
+$Id
+"""
+__docformat__ = "reStructuredText"
+
+from zope.interface import implements
+
+from keas.kmi.interfaces import IKeyHolder
+
+
+class KeyHolder(object):
+ """A key holder utility that loads the key from a file and keeps it in RAM."""
+
+ implements(IKeyHolder)
+
+ def __init__(self, filename):
+ self.key = file(filename, 'rb').read()
+
Property changes on: keas.kmi/trunk/src/keas/kmi/keyholder.py
___________________________________________________________________
Name: svn:keywords
+ Id
Added: keas.kmi/trunk/src/keas/kmi/keyholder.txt
===================================================================
--- keas.kmi/trunk/src/keas/kmi/keyholder.txt (rev 0)
+++ keas.kmi/trunk/src/keas/kmi/keyholder.txt 2008-09-04 23:42:08 UTC (rev 90851)
@@ -0,0 +1,42 @@
+===================
+Database key holder
+===================
+
+If you want to have encrypted objects in the database, you need to store the
+key encrypting key somewhere. A DatabaseKeyHolder stores it in the database
+alongside your encrypted objects. This is convenient, and slightly secure:
+If someone steals your database, they won't be able to decrypt your data
+without gaining access to the Key Management Server.
+
+ >>> from keas.kmi.keyholder import DatabaseKeyHolder
+ >>> from keas.kmi.interfaces import IKeyHolder
+ >>> from zope.interface.verify import verifyObject
+ >>> holder = DatabaseKeyHolder()
+ >>> verifyObject(IKeyHolder, holder)
+ True
+
+Initially there is no key
+
+ >>> holder.key
+
+We can set it
+
+ >>> holder.key = 'xyzzy'
+ >>> holder.key
+ 'xyzzy'
+
+It is actually stored in the database
+
+ >>> from keas.kmi.keyholder improt KEY
+ >>> from zope.component import getUtility
+ >>> from ZODB.interfaces import IDatabase
+ >>> getUtility(IDatabase).open().root()[KEY]
+ 'xyzzy'
+
+You cannot change the key once it's set
+
+ >>> holder.key = 'wubawuba'
+ Traceback (most recent call last):
+ ...
+ ValueError: waaah
+
Property changes on: keas.kmi/trunk/src/keas/kmi/keyholder.txt
___________________________________________________________________
Name: svn:eol-style
+ native
Modified: keas.kmi/trunk/src/keas/kmi/tests.py
===================================================================
--- keas.kmi/trunk/src/keas/kmi/tests.py 2008-09-04 22:35:56 UTC (rev 90850)
+++ keas.kmi/trunk/src/keas/kmi/tests.py 2008-09-04 23:42:08 UTC (rev 90851)
@@ -20,9 +20,12 @@
from zope.testing import doctest
from zope.app.testing import setup
from zope.component import provideUtility
+from zope.interface.verify import verifyObject
from keas.kmi.testing import TestingKeyManagementFacility
+from keas.kmi.keyholder import KeyHolder
from keas.kmi.interfaces import IKeyManagementFacility
+from keas.kmi.interfaces import IKeyHolder
def setUpPersistent(test):
@@ -38,6 +41,16 @@
setup.tearDownTestAsModule(test)
+def doctest_KeyHolder():
+ """Smoke test for the KeyHolder class.
+
+ >>> holder = KeyHolder(__file__)
+ >>> verifyObject(IKeyHolder, holder)
+ True
+
+ """
+
+
def test_suite():
return unittest.TestSuite([
doctest.DocFileSuite(
@@ -48,4 +61,5 @@
'persistent.txt',
setUp=setUpPersistent, tearDown=tearDownPersistent,
optionflags=doctest.NORMALIZE_WHITESPACE|doctest.ELLIPSIS),
+ doctest.DocTestSuite(),
])
More information about the Checkins
mailing list