[pulsar] branch master updated: [Doc] Add descriptions of end-to-end encryption for Python client (#9707)

liuyu Fri, 26 Feb 2021 17:48:17 -0800

This is an automated email from the ASF dual-hosted git repository.

liuyu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git



The following commit(s) were added to refs/heads/master by this push:
     new 9a1ed12  [Doc] Add descriptions of end-to-end encryption for Python 
client (#9707)
9a1ed12 is described below

commit 9a1ed1220ce7dce69b14dfe19d2d8c22e8418d1c
Author: Yu Liu <[email protected]>
AuthorDate: Sat Feb 27 09:47:24 2021 +0800

    [Doc] Add descriptions of end-to-end encryption for Python client (#9707)
    
    * [Doc] Add descriptions of end-to-end encryption for Python client
    
    * Update site2/docs/client-libraries-python.md
    
    Co-authored-by: Huanli Meng <[email protected]>
    
    * Update site2/docs/client-libraries-python.md
    
    Co-authored-by: Huanli Meng <[email protected]>
    
    * update
    
    Co-authored-by: Anonymitaet <anonymitaet_hotmail.com>
    Co-authored-by: Huanli Meng <[email protected]>
---
 site2/docs/client-libraries-python.md              | 100 +++++++++++++++++++++
 .../version-2.7.1/client-libraries-python.md       | 100 +++++++++++++++++++++
 2 files changed, 200 insertions(+)

diff --git a/site2/docs/client-libraries-python.md 
b/site2/docs/client-libraries-python.md
index 3b2c60a..99ad016 100644
--- a/site2/docs/client-libraries-python.md
+++ b/site2/docs/client-libraries-python.md
@@ -288,3 +288,103 @@ class Example(Record):
     a = String()
     sub = MySubRecord()
 ```
+
+## End-to-end encryption
+
+[End-to-end 
encryption](https://pulsar.apache.org/docs/en/next/cookbooks-encryption/#docsNav)
 allows applications to encrypt messages at producers and decrypt messages at 
consumers.
+
+### Configuration
+
+To use the end-to-end encryption feature in the Python client, you need to 
configure `publicKeyPath` and `privateKeyPath` for both producer and consumer.
+
+```
+publicKeyPath: "./public.pem"
+privateKeyPath: "./private.pem"
+```
+
+### Tutorial
+
+This section provides step-by-step instructions on how to use the end-to-end 
encryption feature in the Python client.
+
+**Prerequisite**
+
+- Pulsar Python client 2.7.1 or later 
+
+**Step**
+
+1. Create both public and private key pairs.
+
+    **Input**
+
+    ```shell
+    openssl genrsa -out private.pem 2048
+    openssl rsa -in private.pem -pubout -out public.pem
+    ```
+
+2. Create a producer to send encrypted messages.
+
+    **Input**
+
+    ```python
+    import pulsar
+
+    publicKeyPath = "./public.pem"
+    privateKeyPath = "./private.pem"
+    crypto_key_reader = pulsar.CryptoKeyReader(publicKeyPath, privateKeyPath)
+    client = pulsar.Client('pulsar://localhost:6650')
+    producer = client.create_producer(topic='encryption', 
encryption_key='encryption', crypto_key_reader=crypto_key_reader)
+    producer.send('encryption message'.encode('utf8'))
+    print('sent message')
+    producer.close()
+    client.close()
+    ```
+
+3. Create a consumer to receive encrypted messages.
+
+    **Input**
+
+    ```python
+    import pulsar
+
+    publicKeyPath = "./public.pem"
+    privateKeyPath = "./private.pem"
+    crypto_key_reader = pulsar.CryptoKeyReader(publicKeyPath, privateKeyPath)
+    client = pulsar.Client('pulsar://localhost:6650')
+    consumer = client.subscribe(topic='encryption', 
subscription_name='encryption-sub', crypto_key_reader=crypto_key_reader)
+    msg = consumer.receive()
+    print("Received msg '{}' id = '{}'".format(msg.data(), msg.message_id()))
+    consumer.close()
+    client.close()
+    ```
+
+4. Run the consumer to receive encrypted messages.
+
+    **Input**
+
+    ```shell
+    python consumer.py
+    ```
+
+5. In a new terminal tab, run the producer to produce encrypted messages.
+
+    **Input**
+
+    ```shell
+    python producer.py
+    ```
+
+    Now you can see the producer sends messages and the consumer receives 
messages successfully.
+
+    **Output**
+
+    This is from the producer side.
+
+    ```
+    sent message
+    ```
+
+    This is from the consumer side.
+
+    ```
+    Received msg 'b'encryption message'' id = '(0,0,-1,-1)'
+    ```
diff --git 
a/site2/website/versioned_docs/version-2.7.1/client-libraries-python.md 
b/site2/website/versioned_docs/version-2.7.1/client-libraries-python.md
index 39eb8eb..7aba185 100644
--- a/site2/website/versioned_docs/version-2.7.1/client-libraries-python.md
+++ b/site2/website/versioned_docs/version-2.7.1/client-libraries-python.md
@@ -289,3 +289,103 @@ class Example(Record):
     a = String()
     sub = MySubRecord()
 ```
+
+## End-to-end encryption
+
+[End-to-end 
encryption](https://pulsar.apache.org/docs/en/next/cookbooks-encryption/#docsNav)
 allows applications to encrypt messages at producers and decrypt at consumers.
+
+### Configuration
+
+If you want to use the end-to-end encryption feature in the Python client, you 
need to configure `publicKeyPath` and `privateKeyPath` for both producer and 
consumer.
+
+```
+publicKeyPath: "./public.pem"
+privateKeyPath: "./private.pem"
+```
+
+### Tutorial
+
+This section provides step-by-step instructions on how to use the end-to-end 
encryption feature in the Python client.
+
+#### Prerequisite
+
+- Pulsar Python client 2.7.1 or later 
+
+#### Step
+
+1. Create both public and private key pairs.
+
+    **Input**
+
+    ```shell
+    openssl genrsa -out private.pem 2048
+    openssl rsa -in private.pem -pubout -out public.pem
+    ```
+
+2. Create a producer to send encrypted messages.
+
+    **Input**
+
+    ```python
+    import pulsar
+
+    publicKeyPath = "./public.pem"
+    privateKeyPath = "./private.pem"
+    crypto_key_reader = pulsar.CryptoKeyReader(publicKeyPath, privateKeyPath)
+    client = pulsar.Client('pulsar://localhost:6650')
+    producer = client.create_producer(topic='encryption', 
encryption_key='encryption', crypto_key_reader=crypto_key_reader)
+    producer.send('encryption message'.encode('utf8'))
+    print('sent message')
+    producer.close()
+    client.close()
+    ```
+
+3. Create a consumer to receive encrypted messages.
+
+    **Input**
+
+    ```python
+    import pulsar
+
+    publicKeyPath = "./public.pem"
+    privateKeyPath = "./private.pem"
+    crypto_key_reader = pulsar.CryptoKeyReader(publicKeyPath, privateKeyPath)
+    client = pulsar.Client('pulsar://localhost:6650')
+    consumer = client.subscribe(topic='encryption', 
subscription_name='encryption-sub', crypto_key_reader=crypto_key_reader)
+    msg = consumer.receive()
+    print("Received msg '{}' id = '{}'".format(msg.data(), msg.message_id()))
+    consumer.close()
+    client.close()
+    ```
+
+4. Run the consumer to receive encrypted messages.
+
+    **Input**
+
+    ```shell
+    python consumer.py
+    ```
+
+5. In a new terminal tab, run the producer to produce encrypted messages.
+
+    **Input**
+
+    ```shell
+    python producer.py
+    ```
+
+    Now you can see the producer sends messages and the consumer receives 
messages successfully.
+
+    **Output**
+
+    This is from the producer side.
+
+    ```
+    sent message
+    ```
+
+    This is from the consumer side.
+
+    ```
+    Received msg 'b'encryption message'' id = '(0,0,-1,-1)'
+    ```
\ No newline at end of file

[pulsar] branch master updated: [Doc] Add descriptions of end-to-end encryption for Python client (#9707)

Reply via email to