Commits

Erik Wickstrom committed f6030f7

Added encryption support to S3 backend.

Comments (0)

Files changed (2)

+storages/backends/s3.py
 # Placed by Bitbucket

storages/backends/s3.py

+Added encryption support to S3 backend.
+
+diff -r 40184a5ed699 storages/backends/s3.py
+--- a/storages/backends/s3.py	Thu Dec 10 22:04:27 2009 -0500
++++ b/storages/backends/s3.py	Thu Jan 21 00:41:00 2010 +0000
+@@ -11,6 +11,7 @@ from django.core.files.base import File
+ from django.core.files.base import File
+ from django.core.files.storage import Storage
+ from django.utils.functional import curry
++import ezPyCrypto
+ 
+ try:
+     from S3 import AWSAuthConnection, QueryStringAuthGenerator
+@@ -33,9 +34,10 @@ class S3Storage(Storage):
+ 
+     def __init__(self, bucket=settings.AWS_STORAGE_BUCKET_NAME,
+             access_key=None, secret_key=None, acl=DEFAULT_ACL,
+-            calling_format=settings.AWS_CALLING_FORMAT):
++            calling_format=settings.AWS_CALLING_FORMAT, encrypt=False):
+         self.bucket = bucket
+         self.acl = acl
++        self.encrypt = encrypt
+ 
+         if not access_key and not secret_key:
+             access_key, secret_key = self._get_access_keys()
+@@ -70,6 +72,22 @@ class S3Storage(Storage):
+         return os.path.normpath(name).replace('\\', '/')
+ 
+     def _put_file(self, name, content):
++        if self.encrypt == True:
++
++            # Create a key object
++            k = ezPyCrypto.key()
++
++            # Read in a public key
++            fd = open(settings.CRYPTO_KEYS_PUB, "rb")
++            pubkey = fd.read()
++            fd.close()
++
++            # import this public key
++            k.importKey(pubkey)
++
++            # Now encrypt some text against this public key
++            content = k.encString(content)
++
+         content_type = mimetypes.guess_type(name)[0] or "application/x-octet-stream"
+         self.headers.update({
+             'x-amz-acl': self.acl, 
+@@ -95,6 +113,19 @@ class S3Storage(Storage):
+         if response.http_response.status not in (200, 206):
+             raise IOError("S3StorageError: %s" % response.message)
+         headers = response.http_response.msg
++
++        if self.encrypt == True:
++            # Read in a private key
++            fd = open(settings.CRYPTO_KEYS_PRIV, "rb")
++            pubprivkey = fd.read()
++            fd.close()
++
++            # Create a key object, and auto-import private key
++            k = ezPyCrypto.key(pubprivkey)
++
++            # Decrypt this file
++            response.object.data = k.decString(response.object.data)
++
+         return response.object.data, headers.get('etag', None), headers.get('content-range', None)
+         
+     def _save(self, name, content):