Project

General

Profile

Actions

Feature #45

open

add backend encryption for all sensitive data

Added by The 2nd over 9 years ago. Updated almost 9 years ago.

Status:
In Bearbeitung
Priority:
Normal
Assignee:
Target version:
Start date:
19 October 2015
Due date:
% Done:

80%

Estimated time:
(Total: 0:00 h)

Description

we should not save password (hashes), PINs etc. in plaintext.


Subtasks 1 (1 open0 closed)

Feature #59: Add header to encrypted attributesIn BearbeitungThe 2nd19 October 2015

Actions
Actions #1

Updated by The 2nd over 9 years ago

  • Subject changed from Add backend encryption for all sensitive data to add backend encryption for all sensitive data
Actions #2

Updated by The 2nd over 9 years ago

  • Status changed from Neu to In Bearbeitung
  • % Done changed from 0 to 90

current implementation uses AES encryption in CFB mode.

from Crypto.Cipher import AES
from Crypto import Random

def encrypt(aeskey, data):
""" encrypt string with given aes key """
iv = Random.new().read(AES.block_size)
cipher = AES.new(aeskey.decode("hex"), AES.MODE_CFB, iv)
encrypted_data = iv + cipher.encrypt(data)
return encrypted_data.encode("hex")

still needs some investigation if this is the way to go. but replacing the encrypt/decryption functions should be easy.

Actions #3

Updated by The 2nd almost 9 years ago

Actions

Also available in: Atom PDF