This example demonstrates the [cryptography component] APIs in Dapr. It demonstrates the following APIs:
- encrypt: Encrypt a string/file with keys from the local store
- decrypt: Decrypt a string/file with keys from the local store
It creates a client using DaprClient, uses a local store defined in
./components/crypto-localstorage.yaml and invokes cryptography API methods available as example.
In order to run this sample, make sure that OpenSSL is available on your system.
- This sample requires a private RSA key and a 256-bit symmetric (AES) key. We will generate them using OpenSSL:
mkdir -p keys
# Generate a private RSA key, 4096-bit keys
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out keys/rsa-private-key.pem
# Generate a 256-bit key for AES
openssl rand -out keys/symmetric-key-256 32- Run the Python service app with Dapr - crypto:
dapr run --app-id crypto --resources-path ./components/ -- python3 crypto.py- Run the Python service app with Dapr - async crypto:
dapr run --app-id crypto-async --resources-path ./components/ -- python3 crypto-async.pyrm -r keys
rm encrypted.out
rm decrypted.out.jpgThe output should be as follows:
== APP == Running gRPC client synchronous API
== APP == Running encrypt/decrypt operation on string
== APP == Encrypted the message, got 856 bytes
== APP == Decrypted the message, got 24 bytes
== APP == b'The secret is "passw0rd"'
== APP == Running encrypt/decrypt operation on file
== APP == Wrote encrypted data to encrypted.out
== APP == Wrote decrypted data to decrypted.out.jpg
== APP == Running gRPC client asynchronous API
== APP == Running encrypt/decrypt operation on string
== APP == Encrypted the message, got 856 bytes
== APP == Decrypted the message, got 24 bytes
== APP == b'The secret is "passw0rd"'
== APP == Running encrypt/decrypt operation on file
== APP == Wrote encrypted data to encrypted.out
== APP == Wrote decrypted data to decrypted.out.jpg