A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/pythonsdk.htm below:

SDK for Python

Client Side Encryption allows you to encrypt data on the client side before storing it locally or using it with other Oracle Cloud Infrastructure services.

To use client-side encryption, you must create a master encryption key (MEK) using the Key Management Service. This can be done using the CreateKey or ImportKey operations.

The MEK is used to generate a Data Encryption Key (DEK) to encrypt each payload. A encrypted copy of this DEK (encrypted under the MEK) and other pieces of metadata are included in the encrypted payload returned by the SDKs so that they can be used for decryption.

Examples

The following code example shows how to encrypt a string:



import oci
 
# user supplied vars
vault_id = TEST_VAULT_OCID
master_key_id = TEST_MASTER_KEY_ID
data_to_encrypt_bytes = b"This is a secret message"
 
config = oci.config.from_file()
kms_master_key = oci.encryption.KMSMasterKey(
    config=config, master_key_id=master_key_id, vault_id=vault_id
)
 
kms_master_key_provider = oci.encryption.KMSMasterKeyProvider(
    config=config,
    kms_master_keys=[kms_master_key]
)
 
crypto_result = crypto.encrypt(kms_master_key_provider, data_to_encrypt_bytes)
ciphertext = crypto_result.get_data()
print("ciphertext: {}".format(ciphertext))
 
# decrypt string example
crypto_result = crypto.decrypt(ciphertext, kms_master_key_provider)
print("unencrypted text: {}".format(crypto_result.get_data()))

The following example shows how to encrypt a file stream:

import oci
import shutil
 
# user supplied vars
vault_id = TEST_VAULT_OCID
master_key_id = TEST_MASTER_KEY_ID
file_to_encrypt = "/file/to/encrypt/message.txt"
output_encrypted_file = "/tmp/message.txt.encrypted"
output_decrypted_file = "/tmp/message.txt.decrypted"
 
# setup OCI KMS keys
config = oci.config.from_file()
kms_master_key = oci.encryption.KMSMasterKey(
    config=config, master_key_id=master_key_id, vault_id=vault_id
)
 
kms_master_key_provider = oci.encryption.KMSMasterKeyProvider(
    config=config,
    kms_master_keys=[kms_master_key]
)
 
# encrypt stream example
with open(output_encrypted_file, 'wb') as output_stream, open(file_to_encrypt, 'rb') as stream_to_encrypt:
    with crypto.create_encryption_stream(
        kms_master_key_provider,
        stream_to_encrypt
    ) as encryption_stream:
        shutil.copyfileobj(encryption_stream, output_stream)
 
# decrypt stream example
with open(output_decrypted_file, 'wb') as output_stream, open(output_encrypted_file, 'rb') as stream_to_decrypt:
    with crypto.create_decryption_stream(
        stream_to_decrypt,
        kms_master_key_provider
    ) as decryption_stream:
        shutil.copyfileobj(decryption_stream, output_stream)

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4