Skip to main content

encrypt PostgreSQL database

Project description

Project Detail

You can find all technologies we used in our project into these files: * Version: 1.0.0 * Frameworks: - Django 3.2.4 * Database: - PostgreSQL 10 * Language: Python 3.9.4

Installation

First install package

$ pip install django-sage-encrypt

Then add ‘sage_encrypt’ to INSTALLED_APPS in settings.py

INSTALLED_APPS = [
  ...
  'sage_encrypt',
  ...
]

Also you need to install pgcrypto extension in your database:

sudo -u postgres psql <db_name>
CREATE EXTENSION pgcrypto;

Fields

For encrypting each row of your database there are multiple ways:

  1. use encrypt_field function in your models.py
from django.db import models
from sage_encrypt.services.encrypt import encrypt_field

# symmetric encryption
title = encrypt_field(models.CharField(max_length=255))

# asymmetric encryption
title = encrypt_field(models.CharField(max_length=255), algorithm='asymmetric')
  1. use field directly
# symmetric encryption
from sage_encrypt.fields.symmetric import EncryptedCharField

title = EncryptedCharField(max_length=255)


# asymmetric encryption
from sage_encrypt.fields.asymmetric import EncryptedCharField

title = EncryptedCharField(max_length=255)

If you want to use symmetric encryption you don’t need to generate secret keys default is SECRET_KEY

But if you want to use asymmetric encryption you have to generate private key & public key

Generate secret key

# generate private & public key
gpg --gen-key # in password section do not enter password

gpg --list-keys
# output
pub   rsa3072 2021-06-20 [SC] [expires: 2023-06-20]
      <test_token_generated>
uid           [ultimate] Test <test@gmail.com>
sub   rsa3072 2021-06-20 [E] [expires: 2023-06-20]

gpg -a --export <test_token_generated> > public.key
gpg -a --export-secret-keys <test_token_generated> > private.key

Settings

Here are the parameters that you can set from setting:

Parameter Description
ENCRYPT_KEY Secret key that using for symmetric encryption. default: SECRET_KEY
ENCRYPT_PRIVATE_KEY Private key for asymmetric encryption. default: None
ENCRYPT_PUBLIC_KEY Private key for asymmetric encryption. default: None

Management Commands

sage_encrypt provides 2 management commands:

  1. encryptdb
python manage.py encryptdb --table <table_name> --column <col_name> --cast <field_previous_cast_type> --algorithm <algorithm> #(symmetric/asymmetric)

Options:

  1. –database (if you have multiple db’s specify for your database)
  2. –table (table name in your database not django model title)
  3. –column (col name in the specified table)
  4. –algorithm (symmetric/asymmetric)
  5. –cast (field previous cast that you want to encrypt from that)

Usage:

When you want to add encryption on a row and there is valuable data in you db, you can encrypt the data to be compatible with Encrypted Field.

  1. decryptdb
python manage.py decryptdb --table <table_name> --column <col_name>

Options:

  1. –database (if you have multiple db’s specify for your database)
  2. –table (table name in your database not django model title)
  3. –column (col name in the specified table)

Usage:

When your data is encrypted in db and you want to remove encryption from a row, for getting back data you can use this command, it decrypts data and replaces in your db.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for django-sage-encrypt, version 0.4.4
Filename, size File type Python version Upload date Hashes
Filename, size django-sage-encrypt-0.4.4.tar.gz (21.6 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page