Coder Social home page Coder Social logo

cryptredis's Introduction

cryptredis

cryptredis is an experimental BSD licensed C and C++ client library for Redis database, which also offers symmetric encryption (AES) of string values.

particularly useful for geo-distributed storage scenarios: encrypt/decrypt with local key, store remotely encrypted.

it has been inspired by MIT's CryptDB [1], Google's encrypted_bigquery_client [2] and concepts from OpenBSD's swap encryption and cryptographic softraid(4) [3,4].

currently, only strings store are supported, plus commands get and set.

[1] http://people.csail.mit.edu/nickolai/papers/raluca-cryptdb.pdf

[2] https://github.com/google/encrypted-bigquery-client

[3] http://www.openbsd.org/papers/swapencrypt-slides.pdf

[4] http://www.openbsd.org/papers/swapencrypt.pdf

Build & Install

Bootstrap bmake

% tools/bmakebuild.sh
% alias bmake=~/.opt/bmake/bin/bmake

Bitrig or OpenBSD
--------------
% bmake all runtests

Linux
-----
dependencies: ksh, clang

% bmake all runtests

Install
-------
% DESTDIR=/opt sudo -E bmake install

Usage

In C++ include cryptredisxx.h, then link libcryptredis.a statically to a given application.

Please check tools/Makefile.template for building/linking hints.

API design aims for simplicity, find sample code on tests/apicrypt.cpp, tests/rediscliget.cpp and tests/rediscliset.cpp.

Sample code:

...
// simple.cpp
#include "cryptredisxx.h"

CryptRedisDb	crdb;

if (!crdb.open("127.0.0.1", 6379))
	return (-1);

crdb.setCryptEnabled(true);
crdb.set("foo", "bar");
cerr << crdb.get("foo").toString();
crdb.close();
...

% CRYPTREDIS_KEYFILE="/etc/cryptredis/foobardb.key" ./simple
bar

Use the vanilla redis-client to inspect the stored value key:

% redis-cli get foo
"c2ihkiDk8bygSPYoGzFFJg=="

For C usage, one might integrate all .c file and all .h files to the application building tools, exception to cryptredisxx.h, which is only necessary for the C++ code.

Key setup

Use openssl command to generate a reasonable key file.

% openssl enc -aes-256-cbc -k"" -P -md sha512 > /etc/cryptredis.key

% chmod 600 /etc/cryptredis.key
% export CRYPTREDIS_KEYFILE=/etc/cryptredis.key

License

Check LICENSE file.

cryptredis's People

Contributors

bsdoliv avatar raitech avatar

Stargazers

Jean-Sebastien Gelinas avatar

Watchers

avatar Jean-Sebastien Gelinas avatar avatar

cryptredis's Issues

Get serious on performance

I have a couple simple benchmarks results which shows that plain-text set/get takes around 3ms each, while same operations cipher enabled takes around 18ms. :/

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.