This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

This class implements a persistent dictionary using sqlite3 and encrypts the keys and the values of the dictionary in a way, that makes it very hard to bruteforce either the key or the values in the db.

example usage::
>>> from pcd import PersistentCryptoDict
>>> d=PersistentCryptoDict()
>>> print d
<pcd.PersistentCryptoDict instance at 0x8dcb54c>
>>> print d['my key']
None
>>> d['my key']='secret value'
>>> print d['my key']
secret value
>>> d['my key']='top secret value'
>>> print d['my key']
top secret value

Crypto

The key and the value in the dict is transformed according to the following algorithm (credit: dnet):

Setting values

  1. we calculate they keyhash - a hmac-sha512(salt,key)
  2. we split the key in half, the first half as a hexdigest (ascii), the second we keep as a binary
  3. we use the second binary half from step 2 of the keyhash to encrypt the value
  4. we use the ascii keyhash from step 2 as a key to the database, and the value is the encrypted result from step 3.

Getting values

  1. we calculate they keyhash - a hmac-sha512(salt,key)
  2. we split the key in half, the first half as a hexdigest (ascii), the second we keep as a binary
  3. we query the database using the ascii keyhash from step 2 as a key
  4. we use the second binary half from step 2 of the keyhash to decrypt the value

The database contains only the following pairs of data:

(hmac-sha512(key, salt).hexdigest()[:64], # key aes256-ofb(hmac-sha512(key, salt).digest()[32:], value)) # value

we diligently obey Schneier’s law: https://www.schneier.com/blog/archives/2011/04/schneiers_law.html, and thus we would consider the task to retrieve any meaningful data without huge rainbow tables from such a database a futile task. :)

Release History

Release History

0.4.3

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
persistent_crypto_dict-0.4.3-py2.7.egg (5.5 kB) Copy SHA256 Checksum SHA256 2.7 Egg Feb 4, 2013
persistent_crypto_dict-0.4.3.tar.gz (3.6 kB) Copy SHA256 Checksum SHA256 Source Feb 4, 2013

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting