Hi Malcom, Thanks for summarizing things so succinctly. ezPyCrypto (http:// www.freenet.org.nz/ezPyCrypto/) is a wrapper built on top of PyCrypto. After reviewing the documentation, I couldn't find anything explicitly stating that the encryption string is unicode, so I can only assume that it is random bytes. There is, however, a function built in ezPyCrypto called encStringToAscii, though using this did not change the error.
Regarding the security... This is essentially a registration system to be granted access to a protected marine reserve in Malaysia (for diving)--a passport number is required to do so, which is the only real need for the system. As mentioned, it is a small app that will have, at most, 2 or 3 trusted people checking data, and the current, email-based system receives no more than 10 or so requests per day (but obviously, they're not able to collect passport numbers this way, thus slowing down the process). At this point, checking will be done manually. For reference, the site is hosted on a VPS. I was just hoping to gauge an accepted level of security, though I know that is highly arbitrary and much debated. On May 13, 7:32 pm, Malcolm Tredinnick <[EMAIL PROTECTED]> wrote: > On Sun, 2007-05-13 at 11:15 +0000, elemental wrote: > > I have a small app that needs to store a passport number in a database > > (MySQL). I'd like to encrypt the passport for security, so I'm using > > ezPyCrypto. I've never had to encrypt data before so I'm a bit new at > > this. However, I've worked through a shell and successfully encrypted > > and decrypted a string. Applying the same logic in my model to my > > passport string, I get the following error when attempting to save: > > > UnicodeDecodeError at /register/ > > 'ascii' codec can't decode byte 0xb4 in position 0: ordinal not in > > range(128) > > > For reference, here is the save portion of the model: > > > def save(self): > > key = ezPyCrypto.key(512) > > self.passport = key.encString(self.passport) > > > I searched for the above error and it seems to be a known bug with > > newforms (which I'm using). > > This piece of code has nothing to do with newforms, since it isn't using > newforms at all. The error message is a standard one that Python raises > when you are trying to jam a non-ASCII string into something excepting > ASCII characters (this same error is *also* raised in some newforms code > for the same reason, but it's unrelated to this). > > Getting non-ASCII-encoded character strings to work with trunk at the > moment is a slightly fragile affair. The unicode branch is in > development to fix a number of those problems in a holistic fashion. > However, that may still not be a solution to the problem you are seeing. > > I am not familiar with ezPyCrypto. Does the encString() method return a > unicode string or just an arbitrary sequence of bytes? In the latter > case, you are pretty much guaranteed to have problems trying to store it > in a character field, since there is always going to be some encrypted > sequences that are not valid unicode or valid UTF-8 or > valid-any-encoding-you-like. > > [...] > > > Unrelated to the error: > > > Can I simply store a single generated key in my app or must I generate > > a unique key for each saved object and write the key to a file in a > > non-public directory? I realize there are different levels of accepted > > security, > > Which is why there isn't a single correct answer. These are passport > numbers, so leaks are not good. But how damaging is it if somebody gets > hold of a key or the directory of keys? Does your risk profile require > that only a single number should be exposed? Only a maximum of N > numbers? Would all numbers being exposed is "acceptable"? What happens > if you need to revoke a key because it's leaked, or somebody who had > access to it has left the organisation? > > > but because of the size and scale of this app I'd like to > > keep things simple if possible. Any advice here would be appreciated. > > If you have a large number of passport numbers and need to be able to > retrieve them, how is it going to happen? Automatically? Or will > somebody (or multiple somebodies) need to type in a password to decrypt > them? It's very hard to give a general answer to these sorts of > questions, because the necessary security at this level depends on other > factors: the number of people having access to the system, their trust > level, physical security of the systems, frequency of access required, > amount of authority required for access (one person? N of M people?), > etc. > > Regards, > Malcolm --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
