plone.keyring

Manage secrets

Project Description

Introduction

plone.keyring contains a Zope utility that facilitates handling of secrets in an application. Secrets are very important in modern applications, which is why a shared tool to manage them is useful.

plone.keyring contains two basic components:

a keyring: a data structures which contains one or more secrets.
a key manager: a utility which contains the available keyrings and provides some convenience methods to manage them

Keyrings

The keyring is the workhorse: it contains a set of secrets for a specific purpose. A ring has room for a fixed number of secrets which is set at creation time. The most recently added secret is considered to be the current secret and the one that should be used. Older secrets in the ring can be used to keep data generated with older secrets valid for a period of time.

Key manager

The key manager is a container for the available keyrings. It always contains a default system keyring which is used when no other ring is explicitly requested.

Installation

You’ll need to register a KeyManager as a persistent utility. On Zope2 with GenericSetup, this can be done by loading the included profile.

Changelog

3.0.2 (2017-08-27)

Fixes:

Use zope.interface decorator. [gforcada]

3.0.1 (2015-05-11)

Minor cleanup: whitespace, git ignores. [gforcada, rnix]

3.0.0 (2014-04-13)

use more default keyrings and be able to select random key from ring [vangheem]

2.0.1 (2012-12-15)

Use system random when available. This is part of the fix for https://plone.org/products/plone/security/advisories/20121106/24 [davisagli]
Add MANIFEST.in. [WouterVH]

2.0 - 2010-07-18

Update package information. [hannosch]

2.0b1 - 2010-06-13

Added a meta.zcml to load the GenericSetup ZCML if installed. [hannosch]
Update license to BSD following board decision. Cfr. http://lists.plone.org/pipermail/membership/2009-August/001038.html [elro]