oat-sa / extension-tao-encryption
Tao Encryption
Installs: 2 589
Dependents: 1
Suggesters: 0
Security: 0
Stars: 2
Watchers: 49
Forks: 0
Open Issues: 0
Type:tao-extension
Requires
- php: >=5.5
- oat-sa/extension-tao-delivery: >=15.0.0
- oat-sa/extension-tao-delivery-rdf: >=14.0.0
- oat-sa/extension-tao-lti: >=12.0.0
- oat-sa/extension-tao-oauth: >=6.0.0
- oat-sa/extension-tao-outcome: >=13.0.0
- oat-sa/extension-tao-proctoring: >=20.0.0
- oat-sa/extension-tao-publishing: >=6.0.0
- oat-sa/extension-tao-sync: >=8.0.0
- oat-sa/extension-tao-testcenter: >=10.0.0
- oat-sa/extension-tao-testqti: >=41.0.0
- oat-sa/extension-tao-testtaker: >=8.0.0
- oat-sa/generis: >=14.0.0
- oat-sa/tao-core: >=47.0.0
- phpseclib/phpseclib: ~2.0.0
- dev-master
- v6.1.2
- v6.1.1
- v6.1.0
- v6.0.1
- v6.0.0
- v5.3.0.1
- v5.3.0
- v5.2.0
- v5.1.0
- v5.0.1
- v5.0.0
- v4.0.0
- v3.2.2
- v3.2.1
- v3.2.0.1
- v3.2.0
- v3.1.0
- v3.0.0
- v2.0.1
- v2.0.0
- v1.2.2
- v1.2.1
- v1.2.0
- v1.1.0
- v1.0.0
- v0.16.1
- v0.16.0
- v0.15.0
- v0.14.0
- v0.13.1
- v0.13.0
- v0.12.0
- v0.11.1
- v0.9.1
- v0.8.4
- v0.8.3
- v0.8.1
- v0.8.0
- v0.7.1
- v0.6.2
- v0.6.1
- v0.3.0
- v0.2.0
- dev-fix/sonarqube-workflow-update-ops-184
- dev-feature/sonarqube-integration
- dev-develop
- dev-fix/update-autoRelease-action-with-bot-user
- dev-remove-jenkinsfile
- dev-feature/TAO-8584/refactor_encrypted_assembler
- dev-backport/depp-offline
- dev-feature/TAO-8853/export_encrypted_assembly
- dev-depp-2.0.1
- dev-feature/TAO-7191/create_sync_dashboard_on_central_server
- dev-fix/delete-variable-after-decrypt
- dev-depp/TAO-7070
- dev-fix/throw-exp-if-not-exists
- dev-feature/TAO-7008/launch-lti-local
- dev-release-0.8.4
- dev-feature/add-decrypt-button
- dev-fix/TAO-6250/fix-some-sync-issue
This package is auto-updated.
Last update: 2024-04-16 15:20:22 UTC
README
This article describes the functioning of tao encryption, focusing of encryption of sensitive data information on a database level.
Installation
You can add the Tao Encryption as a standard TAO extension to your current TAO instance.
$ composer require oat-sa/extension-tao-encryption
Encrypted services supported
1. Results Encryption
Encrypt
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupAsymmetricKeys' generate
Note:
This command will generate two keys (public and private) and save them on the filesystem.
Note:
On Client Tao instance. You have to copy the public key.
Note:
On Server Tao instance. You need both keys
Decrypt
In order to decrypt your results use the following script by passing a delivery id.
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\DecryptResults' -d <delivery_id>
Or by passing the -all argument
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\DecryptResults' -all
Note:
This command will decrypt results and store in the delivery result storage setup.
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupEncryptedResultStorage'
In order to sync encrypted results the script needs to be run on the server tao instance and client as well.
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupEncryptedSyncResult'
2. Test State data encryption
In order to use the encrypted state test service you have to run the following command on tao client instance:
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupEncryptedStateStorage'
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupEncryptedMonitoringService'
This service it's using the symmetric algorithm in order to encrypt information.
3. User Encryption
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupEncryptedUser'
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupUserEventSubscription'
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupUserSynchronizer'
Note:
You should ran this command on client tao instance
4. Setup Encrypted File Systems
$ sudo -u www-data php index.php "oat\taoEncryption\scripts\tools\SetupEncryptedFileSystem" -f private -e taoEncryption/symmetricEncryptionService -k taoEncryption/symmetricFileKeyProvider
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupDeliveryEncrypted'
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupUserApplicationKey'
$ sudo -u www-data php index.php 'oat\taoEncryption\scripts\tools\SetupRdfDeliveryEncrypted'
Note:
Extra You can make TAO file systems encrypted. The following command line enables encryption for the
privatefile system, using the service registered with IDtaoEncryption/symmetricEncryptionServicefor data encryption/decryption.
sudo -u www-data php index.php "oat\taoEncryption\scripts\tools\SetupEncryptedFileSystem" -f private -e taoEncryption/symmetricEncryptionService
