@Niphlod,
Thanks very much for your solution. Implemented it, it works -- no errors
when inserting/updating data.
However, one thing I don't fully get: the data I store using the encryption
are displayed as normal strings in the database. I'm not very familiar with
encryption specifics but isn't it the point to keep the data in sort of a
hard-to-crack code?
I use a normal string as key.
my test table:
db.define_table('contact',
Field('user_id', db.auth_user, default=auth.user_id, readable=False,
writable=False),
Field('email', label='Contact email'),
Field('phone', label='Contact phone')
)
db.contact.email.requires = [IS_EMAIL(error_message="Wrong email address")]
db.contact.phone.requires= [IS_LENGTH(maxsize=30, error_message="Bit too
long, right?")]
db.contact.email.filter_in = lambda value : w2p_encrypt(value)
db.contact.phone.filter_in = lambda value : w2p_encrypt(value)
db.contact.email.filter_out = lambda value : w2p_decrypt(value)
db.contact.phone.filter_out = lambda value : w2p_decrypt(value)
On Tuesday, June 25, 2013 8:42:29 PM UTC+2, Niphlod wrote:
>
> sorry, cut&paste error.
>
>
>
> import gluon.contrib.aes as AES
> import threading
> import os
> import base64
>
> def fast_urandom16(urandom=[], locker=threading.RLock()):
> """
> this is 4x faster than calling os.urandom(16) and prevents
> the "too many files open" issue with concurrent access to os.urandom()
> """
> try:
> return urandom.pop()
> except IndexError:
> try:
> locker.acquire()
> ur = os.urandom(16 * 1024)
> urandom += [ur[i:i + 16] for i in xrange(16, 1024 * 16, 16)]
> return ur[0:16]
> finally:
> locker.release()
>
> def pad(s, n=32, padchar=' '):
> return s + (32 - len(s) % 32) * padchar
>
> def AES_new(key, IV=None):
> """ Returns an AES cipher object and random IV if None specified """
> if IV is None:
> IV = fast_urandom16()
>
> return AES.new(key, AES.MODE_CBC, IV), IV
>
> def w2p_encrypt(data):
> key = 'asdsaddasdasdas'
> key = pad(key[:32])
> cipher, IV = AES_new(key)
> encrypted_data = IV + cipher.encrypt(pad(data))
> return base64.urlsafe_b64encode(encrypted_data)
>
> def w2p_decrypt(data):
> key = 'asdsaddasdasdas'
> key = pad(key[:32])
> data = base64.urlsafe_b64decode(data)
> IV, data = data[:16], data[16:]
> cipher, _ = AES_new(key, IV=IV)
> data = cipher.decrypt(data)
> data = data.rstrip(' ')
> return data
>
> db.define_table('t_test',
> Field('f_field')
> )
>
> db.t_test.f_field.filter_in = lambda value : w2p_encrypt(value)
> db.t_test.f_field.filter_out = lambda value : w2p_decrypt(value)
>
>
>
--
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
