用于数据库记录加密的zodb存储包装器
cipher.encryptingstorage的Python项目详细描述
加密存储
用于数据库记录加密的zodb存储包装器。 实际上它在做加密和压缩。
带内置件的安装手册
按照https://pypi.python.org/pypi/keas.kmi生成kek.dat文件:
$ git clone https://github.com/zopefoundation/keas.kmi.git $ cd keas.kmi $ python2.7 bootstrap.py $ ./bin/buildout $ ./bin/runserver & $ wget https://localhost:8080/new -O kek.dat --ca-certificate sample.pem \ --post-data="" $ wget https://localhost:8080/key --header 'Content-Type: text/plain' \ --post-file kek.dat -O datakey.dat --ca-certificate sample.pem
现在将kek.dat和键复制到plone站点:
$ cp -pi kek.dat /home/yourname/Plone/training/var/kek.dat $ cp -pri keys /home/yourname/Plone/training/var/dek-storage
然后在buildout目录中创建一个这样的encryption.conf
[encryptingstorage:encryption] enabled = true kek-path = /home/yourname/Plone/training/var/kek.dat dek-storage-path = /home/yourname/Plone/training/var/dek-storage/
然后编辑buildout.cfg并将cipher.encryptingstorage添加到您的鸡蛋中:
eggs += cipher.encryptingstorage
现在扩展您的[实例](plone.recipe.zope2instance):
zope-conf-imports = cipher.encryptingstorage zope-conf-additional = <zodb_db main> cache-size 30000 <encryptingstorage> config encryption.conf # FileStorage database <filestorage> path ${buildout:buildout_dir}/var/filestorage/Data.fs blob-dir ${buildout:buildout_dir}/var/blobstorage </filestorage> </encryptingstorage> mount-point / </zodb_db>
然后运行buildout:
$ ./bin/buildout
删除parts/instance/etc/zope.conf中生成的<;zodb戋u db main>;条目:
<zodb_db main> # Main database cache-size 30000 # Blob-enabled FileStorage database <blobstorage> blob-dir /home/yourname/Plone/training/var/blobstorage # FileStorage database <filestorage> path /home/yourname/Plone/training/var/filestorage/Data.fs </filestorage> </blobstorage> mount-point / </zodb_db>
运行测试/开发
$ virtualenv -p /usr/bin/python2.7 --no-site-packages . $ ./bin/pip install -r requirements.txt $ ./bin/buildout $ ./bin/test -v1
变化
1.1(2016-04-22)
- 为blobstorage添加加密。 [pcdummy]
1.0.0(2012-04-06)
0.1.0(2012-02-14)
- 作为一个单独的包首次发布。