if you're inspecting your db with web2py then of course you have all in
clear.... that's the whole point of the filter_in and filter_out methods,
being "transparent".
Try to inspect your database with an external tool instead.
On Wednesday, June 26, 2013 12:19:24 PM UTC+2, lesssugar wrote:
>
> @Niphlod,
>
> Thanks very much for your solution. Implemented it, it works -- no errors
> when inserting/updating data.
>
> However, one thing I don't fully get: the data I store using the
> encryption are displayed as normal strings in the database. I'm not very
> familiar with encryption specifics but isn't it the point to keep the data
> in sort of a hard-to-crack code?
>
> I use a normal string as key.
>
> my test table:
>
> db.define_table('contact',
> Field('user_id', db.auth_user, default=auth.user_id, readable=False,
> writable=False),
> Field('email', label='Contact email'),
> Field('phone', label='Contact phone')
> )
>
> db.contact.email.requires = [IS_EMAIL(error_message="Wrong email address")]
> db.contact.phone.requires= [IS_LENGTH(maxsize=30, error_message="Bit too
> long, right?")]
> db.contact.email.filter_in = lambda value : w2p_encrypt(value)
> db.contact.phone.filter_in = lambda value : w2p_encrypt(value)
> db.contact.email.filter_out = lambda value : w2p_decrypt(value)
> db.contact.phone.filter_out = lambda value : w2p_decrypt(value)
>
>
>
> On Tuesday, June 25, 2013 8:42:29 PM UTC+2, Niphlod wrote:
>>
>> sorry, cut&paste error.
>>
>>
>>
>> import gluon.contrib.aes as AES
>> import threading
>> import os
>> import base64
>>
>> def fast_urandom16(urandom=[], locker=threading.RLock()):
>> """
>> this is 4x faster than calling os.urandom(16) and prevents
>> the "too many files open" issue with concurrent access to
>> os.urandom()
>> """
>> try:
>> return urandom.pop()
>> except IndexError:
>> try:
>> locker.acquire()
>> ur = os.urandom(16 * 1024)
>> urandom += [ur[i:i + 16] for i in xrange(16, 1024 * 16, 16)]
>> return ur[0:16]
>> finally:
>> locker.release()
>>
>> def pad(s, n=32, padchar=' '):
>> return s + (32 - len(s) % 32) * padchar
>>
>> def AES_new(key, IV=None):
>> """ Returns an AES cipher object and random IV if None specified """
>> if IV is None:
>> IV = fast_urandom16()
>>
>> return AES.new(key, AES.MODE_CBC, IV), IV
>>
>> def w2p_encrypt(data):
>> key = 'asdsaddasdasdas'
>> key = pad(key[:32])
>> cipher, IV = AES_new(key)
>> encrypted_data = IV + cipher.encrypt(pad(data))
>> return base64.urlsafe_b64encode(encrypted_data)
>>
>> def w2p_decrypt(data):
>> key = 'asdsaddasdasdas'
>> key = pad(key[:32])
>> data = base64.urlsafe_b64decode(data)
>> IV, data = data[:16], data[16:]
>> cipher, _ = AES_new(key, IV=IV)
>> data = cipher.decrypt(data)
>> data = data.rstrip(' ')
>> return data
>>
>> db.define_table('t_test',
>> Field('f_field')
>> )
>>
>> db.t_test.f_field.filter_in = lambda value : w2p_encrypt(value)
>> db.t_test.f_field.filter_out = lambda value : w2p_decrypt(value)
>>
>>
>>
--
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
