GnuPG 加密所有文件上传
我想在上传文件时对其进行加密,通常会发生的情况是将其写入磁盘,然后您可以从那里对其进行加密,我想在此之前对其进行加密。 是否有任何用于http服务器或应用程序框架的模块可以让我做到这一点,我不想花很多时间为此编写软件,但如果需要的话我会这样做。
重要的是,任何未加密的记录都不会接触硬盘。
硬盘驱动器已经使用 aes 加密,但由于第三方可以在我不知情的情况下访问服务器,因此我更希望有某种方法可以防止实际数据被轻易泄露。
I would like to encrypt a file as it gets uploaded, generally what happens is that it gets written to disk and then you can encrypt it from there, I would like to encrypt it before that happens.
Is there any module for a http server or for an application framework that would allow me to do that, I don't want to spend a lot of time working on writing the software for this, but if needs must I'll do it.
The important thing is that no unencrypted record ever touches the hard disk.
The hard drive is already encrypted using aes but as the server can be accessed by a third party without my knowledge I would prefer if there was some way to prevent the actual data being /that/ easily compromised.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
系统管理员回答:ramdisk 保存预加密数据的区域。从未接触过磁盘,问题已解决。不?
Sysadmin answer: ramdisk holding area for pre-encrypted data. Never touches the disk, problem solved. No?
这是我收到但尚未测试的答案,在我确切测试了它的作用之前,我不会将其标记为答案。
答案是这个django项目,它是用于泄露网站的,它将整个文件读取到内存中,然后对其进行加密。
http://gitorious.org/deaddrop/deaddrop/blobs/master/drop /views.py
然而,有一种方法可以对数据进行分块
http://docs.djangoproject.com/en/1.3/topics/http/file-uploads/
还有一个问题是httpd正在处理文件上传并且可以忽略应用程序框架,具体取决于...所以我需要对其进行多次测试才能确定它在做什么。
不过,这就是说我很确定你可以使用 wsgi 来做到这一点,我很确定当你将 mod_wsgi 与 apache 一起使用时 django 会这样做......不确定其他 Web 服务器使用什么,我更喜欢使用更轻量级的东西。
编辑:如果有人碰巧严格测试了这一点,并将其作为答案发布,我会将其标记为答案。
Here is the answer I have received but haven't tested yet, I'm not going to mark it as the answer until I have tested exactly what it does.
The answer is this django project, it's for leaking websites, it reads the entire file into memory and then encrypts it.
http://gitorious.org/deaddrop/deaddrop/blobs/master/drop/views.py
There is however a way to chunk the data
http://docs.djangoproject.com/en/1.3/topics/http/file-uploads/
There is also a problem that the httpd is handling the file upload and can ignore the application framework depending... so I need to test it out a lot before I'm sure what it's doing.
However that said I'm pretty sure you can do it with wsgi which I'm pretty sure that django does when you use mod_wsgi with apache... not sure what other web servers use and I'd prefer to use something more light weight.
edit: if someone does happen to test this out rigorously, and posts it as an answer I'll mark that as the answer.
我最终做的是使用 mod_wsgi ..
这样我就可以将上传作为流,然后使用 PyCrypto 对其进行加密
当我这样
做时,我最终使用状态密码加密整个后数据并将其写入文件中,然后在使用 GnuPG 加密后将密钥保存到另一个文件中。
What I ended up doing was using mod_wsgi..
with that I'm able to take the upload as a stream and then encrypt it using PyCrypto
works nicely
When I do that I end up encrypting the entire postdata using a stateful cipher and writing it into a file, I then save the key to another file after using GnuPG to encrypt that.