Re: [web2py] Re: web2py: encrypt uploaded files
Thanks Massimo for getting back. I can’t use an encrypted file system as when the file system is mounted, it’s totally open. Every file can be encrypted with the same master password. I’m thinking of storing this master password which is itself encrypted using the user’s password (or it’s hash) in the auth_user table. On a related note, I am planning to encrypt some columns of other tables using the same master password. Your thoughts on this approach? From: Massimo Di Pierro Sent: Wednesday, April 11, 2012 12.13 To: web2py@googlegroups.com Subject: [web2py] Re: web2py: encrypt uploaded files What are the specs? Can you store them in an encrypted file system? can you encrypt them with the same password? Should every file be encrypted with a different password? Where should the passwords be stored? On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote: I need to encrypt uploaded files in web2py (for a HIPAA compliant application) preferably with AES. How can I accomplish this?
Re: [web2py] Re: web2py: encrypt uploaded files
Perhaps this can be useful: http://stackoverflow.com/questions/6309958/encrypting-a-file-with-rsa-in-python (look at code in first answer) On Wednesday, 11 April 2012 12:35:05 UTC-5, naveed wrote: > > Thanks Massimo for getting back. I can’t use an encrypted file system > as when the file system is mounted, it’s totally open. Every file can be > encrypted with the same master password. I’m thinking of storing this > master password which is itself encrypted using the user’s password (or > it’s hash) in the auth_user table. > > On a related note, I am planning to encrypt some columns of other tables > using the same master password. Your thoughts on this approach? > > > *From:* Massimo Di Pierro > *Sent:* Wednesday, April 11, 2012 12.13 > *To:* web2py@googlegroups.com > *Subject:* [web2py] Re: web2py: encrypt uploaded files > > What are the specs? Can you store them in an encrypted file system? can > you encrypt them with the same password? Should every file be encrypted > with a different password? Where should the passwords be stored? > > On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote: >> >> I need to encrypt uploaded files in web2py (for a HIPAA compliant >> application) preferably with AES. How can I accomplish this? >> >
Re: [web2py] Re: web2py: encrypt uploaded files
I wasn’t asking as how to encrypt the file itself, but how to incorporate it in to web2py’s existing excellent form upload and download system. Assuming that we have functions encrypt(file, password) and decrypt(file, password) which return the encrypted and decrypted file respectively. From: Massimo Di Pierro Sent: Wednesday, April 11, 2012 13.31 To: web2py@googlegroups.com Subject: Re: [web2py] Re: web2py: encrypt uploaded files Perhaps this can be useful: http://stackoverflow.com/questions/6309958/encrypting-a-file-with-rsa-in-python (look at code in first answer) On Wednesday, 11 April 2012 12:35:05 UTC-5, naveed wrote: Thanks Massimo for getting back. I can’t use an encrypted file system as when the file system is mounted, it’s totally open. Every file can be encrypted with the same master password. I’m thinking of storing this master password which is itself encrypted using the user’s password (or it’s hash) in the auth_user table. On a related note, I am planning to encrypt some columns of other tables using the same master password. Your thoughts on this approach? From: Massimo Di Pierro Sent: Wednesday, April 11, 2012 12.13 To: web2py@googlegroups.com Subject: [web2py] Re: web2py: encrypt uploaded files What are the specs? Can you store them in an encrypted file system? can you encrypt them with the same password? Should every file be encrypted with a different password? Where should the passwords be stored? On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote: I need to encrypt uploaded files in web2py (for a HIPAA compliant application) preferably with AES. How can I accomplish this?
RE: [web2py] Re: web2py: encrypt uploaded files
You should make a custom validator for encrypt files. -- Alvaro Lizama http://alvarolizama.net El jueves 12 de abril de 2012 a las 16:35, Naveed Ahmed escribió: > I wasn’t asking as how to encrypt the file itself, but how to incorporate it > in to web2py’s existing excellent form upload and download system. Assuming > that we have functions encrypt(file, password) and decrypt(file, password) > which return the encrypted and decrypted file respectively. > > > From: Massimo Di Pierro (mailto:massimo.dipie...@gmail.com) > Sent: Wednesday, April 11, 2012 13.31 > To: web2py@googlegroups.com (mailto:web2py@googlegroups.com) > Subject: Re: [web2py] Re: web2py: encrypt uploaded files > > > > Perhaps this can be useful: > http://stackoverflow.com/questions/6309958/encrypting-a-file-with-rsa-in-python > (look at code in first answer) > > On Wednesday, 11 April 2012 12:35:05 UTC-5, naveed wrote: > > Thanks Massimo for getting back. I can’t use an encrypted file system as > > when the file system is mounted, it’s totally open. Every file can be > > encrypted with the same master password. I’m thinking of storing this > > master password which is itself encrypted using the user’s password (or > > it’s hash) in the auth_user table. > > > > On a related note, I am planning to encrypt some columns of other tables > > using the same master password. Your thoughts on this approach? > > > > > > From: Massimo Di Pierro (mailto:massimo.dipie...@gmail.com) > > Sent: Wednesday, April 11, 2012 12.13 > > To: web2py@googlegroups.com (mailto:web2py@googlegroups.com) > > Subject: [web2py] Re: web2py: encrypt uploaded files > > > > > > > > What are the specs? Can you store them in an encrypted file system? can you > > encrypt them with the same password? Should every file be encrypted with a > > different password? Where should the passwords be stored? > > > > On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote: > > > I need to encrypt uploaded files in web2py (for a HIPAA compliant > > > application) preferably with AES. How can I accomplish this? > > >
Re: [web2py] Re: web2py: encrypt uploaded files
You put it on the 'accept' or else you make it a job in cron. On Thursday, April 12, 2012 2:35:36 PM UTC-7, naveed wrote: > > I wasn’t asking as how to encrypt the file itself, but how to > incorporate it in to web2py’s existing excellent form upload and download > system. Assuming that we have functions encrypt(file, password) and > decrypt(file, password) which return the encrypted and decrypted file > respectively. > > > *From:* Massimo Di Pierro > *Sent:* Wednesday, April 11, 2012 13.31 > *To:* web2py@googlegroups.com > *Subject:* Re: [web2py] Re: web2py: encrypt uploaded files > > Perhaps this can be useful: > > http://stackoverflow.com/questions/6309958/encrypting-a-file-with-rsa-in-python > (look at code in first answer) > > On Wednesday, 11 April 2012 12:35:05 UTC-5, naveed wrote: >> >> Thanks Massimo for getting back. I can’t use an encrypted file system >> as when the file system is mounted, it’s totally open. Every file can be >> encrypted with the same master password. I’m thinking of storing this >> master password which is itself encrypted using the user’s password (or >> it’s hash) in the auth_user table. >> >> On a related note, I am planning to encrypt some columns of other tables >> using the same master password. Your thoughts on this approach? >> >> >> *From:* Massimo Di Pierro >> *Sent:* Wednesday, April 11, 2012 12.13 >> *To:* web2py@googlegroups.com >> *Subject:* [web2py] Re: web2py: encrypt uploaded files >> >> What are the specs? Can you store them in an encrypted file system? can >> you encrypt them with the same password? Should every file be encrypted >> with a different password? Where should the passwords be stored? >> >> On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote: >>> >>> I need to encrypt uploaded files in web2py (for a HIPAA compliant >>> application) preferably with AES. How can I accomplish this? >>> >>
Re: [web2py] Re: web2py: encrypt uploaded files
I have not tried it but you can do
class EncryptedField(Field):
def __init__(self,*a,**b):
self.password = b['password']
del b['password']
Field.__init__(self,*a,**b)
def store(self,file, filename=None, path=None):
newfile = encrypt(file,self.password)
return Field.store(self,file,filename,path)
def retrieve(self, name, path=None):
(filename, file) = Field.retrieve(self,name,path)
newfile = decrypt(file,self.password)
return (filename, newfile)
the use
db.define_table('person',Field('name'),EncryptedField('secret','upload',password='too
many secrets!'))
On Thursday, 12 April 2012 16:35:36 UTC-5, naveed wrote:
>
> I wasn’t asking as how to encrypt the file itself, but how to
> incorporate it in to web2py’s existing excellent form upload and download
> system. Assuming that we have functions encrypt(file, password) and
> decrypt(file, password) which return the encrypted and decrypted file
> respectively.
>
>
> *From:* Massimo Di Pierro
> *Sent:* Wednesday, April 11, 2012 13.31
> *To:* web2py@googlegroups.com
> *Subject:* Re: [web2py] Re: web2py: encrypt uploaded files
>
> Perhaps this can be useful:
>
> http://stackoverflow.com/questions/6309958/encrypting-a-file-with-rsa-in-python
> (look at code in first answer)
>
> On Wednesday, 11 April 2012 12:35:05 UTC-5, naveed wrote:
>>
>> Thanks Massimo for getting back. I can’t use an encrypted file system
>> as when the file system is mounted, it’s totally open. Every file can be
>> encrypted with the same master password. I’m thinking of storing this
>> master password which is itself encrypted using the user’s password (or
>> it’s hash) in the auth_user table.
>>
>> On a related note, I am planning to encrypt some columns of other tables
>> using the same master password. Your thoughts on this approach?
>>
>>
>> *From:* Massimo Di Pierro
>> *Sent:* Wednesday, April 11, 2012 12.13
>> *To:* web2py@googlegroups.com
>> *Subject:* [web2py] Re: web2py: encrypt uploaded files
>>
>> What are the specs? Can you store them in an encrypted file system? can
>> you encrypt them with the same password? Should every file be encrypted
>> with a different password? Where should the passwords be stored?
>>
>> On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote:
>>>
>>> I need to encrypt uploaded files in web2py (for a HIPAA compliant
>>> application) preferably with AES. How can I accomplish this?
>>>
>>
Re: [web2py] Re: web2py: encrypt uploaded files
Hi, I think your recipe will work ;)
My situation is different a bit from Naveed. My database is RDBMS, but i
want to store uploaded file in a Key/Value storage(NoSQL). How can I
intervent to store/retrieve process?
I want to temporarily store uploaded file in memory, than call API to put
this in-memory file to my Key/Value storage. (and similar when have
"retrieve" request)
Could you have me figure it out pls?
Thanks in advance!
On Friday, April 13, 2012 8:22:02 PM UTC+7, Massimo Di Pierro wrote:
>
> I have not tried it but you can do
>
> class EncryptedField(Field):
> def __init__(self,*a,**b):
>self.password = b['password']
>del b['password']
>Field.__init__(self,*a,**b)
> def store(self,file, filename=None, path=None):
>newfile = encrypt(file,self.password)
>return Field.store(self,file,filename,path)
> def retrieve(self, name, path=None):
>(filename, file) = Field.retrieve(self,name,path)
>newfile = decrypt(file,self.password)
>return (filename, newfile)
>
> the use
>
> db.define_table('person',Field('name'),EncryptedField('secret','upload',password='too
>
> many secrets!'))
>
> On Thursday, 12 April 2012 16:35:36 UTC-5, naveed wrote:
>>
>> I wasn’t asking as how to encrypt the file itself, but how to
>> incorporate it in to web2py’s existing excellent form upload and download
>> system. Assuming that we have functions encrypt(file, password) and
>> decrypt(file, password) which return the encrypted and decrypted file
>> respectively.
>>
>>
>> *From:* Massimo Di Pierro
>> *Sent:* Wednesday, April 11, 2012 13.31
>> *To:* web2py@googlegroups.com
>> *Subject:* Re: [web2py] Re: web2py: encrypt uploaded files
>>
>> Perhaps this can be useful:
>>
>> http://stackoverflow.com/questions/6309958/encrypting-a-file-with-rsa-in-python
>> (look at code in first answer)
>>
>> On Wednesday, 11 April 2012 12:35:05 UTC-5, naveed wrote:
>>>
>>> Thanks Massimo for getting back. I can’t use an encrypted file system
>>> as when the file system is mounted, it’s totally open. Every file can be
>>> encrypted with the same master password. I’m thinking of storing this
>>> master password which is itself encrypted using the user’s password (or
>>> it’s hash) in the auth_user table.
>>>
>>> On a related note, I am planning to encrypt some columns of other tables
>>> using the same master password. Your thoughts on this approach?
>>>
>>>
>>> *From:* Massimo Di Pierro
>>> *Sent:* Wednesday, April 11, 2012 12.13
>>> *To:* web2py@googlegroups.com
>>> *Subject:* [web2py] Re: web2py: encrypt uploaded files
>>>
>>> What are the specs? Can you store them in an encrypted file system? can
>>> you encrypt them with the same password? Should every file be encrypted
>>> with a different password? Where should the passwords be stored?
>>>
>>> On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote:
>>>>
>>>> I need to encrypt uploaded files in web2py (for a HIPAA compliant
>>>> application) preferably with AES. How can I accomplish this?
>>>>
>>>
Re: [web2py] Re: web2py: encrypt uploaded files
Edit: I want to temporarily store uploaded file in memory, *then* call API
to put this in-memory file to my Key/Value storage. When I put this
in-memory file (Value) to Key/Value storage, i will get back a *Key* from
it, and save this Key to RDBMS. When i want retrieve this "blob", i will
get this Key from RDBMS, then query Key/Value storage to get file(Value)
and streaming back to browser.
On Thursday, April 26, 2012 11:41:18 PM UTC+7, minhcd wrote:
>
> Hi, I think your recipe will work ;)
>
> My situation is different a bit from Naveed. My database is RDBMS, but i
> want to store uploaded file in a Key/Value storage(NoSQL). How can I
> intervent to store/retrieve process?
> I want to temporarily store uploaded file in memory, *then* call API to
> put this in-memory file to my Key/Value storage. (and similar when have
> "retrieve" request)
>
> Could you have me figure it out pls?
> Thanks in advance!
>
> On Friday, April 13, 2012 8:22:02 PM UTC+7, Massimo Di Pierro wrote:
>>
>> I have not tried it but you can do
>>
>> class EncryptedField(Field):
>> def __init__(self,*a,**b):
>>self.password = b['password']
>>del b['password']
>>Field.__init__(self,*a,**b)
>> def store(self,file, filename=None, path=None):
>>newfile = encrypt(file,self.password)
>>return Field.store(self,file,filename,path)
>> def retrieve(self, name, path=None):
>>(filename, file) = Field.retrieve(self,name,path)
>>newfile = decrypt(file,self.password)
>>return (filename, newfile)
>>
>> the use
>>
>> db.define_table('person',Field('name'),EncryptedField('secret','upload',password='too
>>
>> many secrets!'))
>>
>> On Thursday, 12 April 2012 16:35:36 UTC-5, naveed wrote:
>>>
>>> I wasn’t asking as how to encrypt the file itself, but how to
>>> incorporate it in to web2py’s existing excellent form upload and download
>>> system. Assuming that we have functions encrypt(file, password) and
>>> decrypt(file, password) which return the encrypted and decrypted file
>>> respectively.
>>>
>>>
>>> *From:* Massimo Di Pierro
>>> *Sent:* Wednesday, April 11, 2012 13.31
>>> *To:* web2py@googlegroups.com
>>> *Subject:* Re: [web2py] Re: web2py: encrypt uploaded files
>>>
>>> Perhaps this can be useful:
>>>
>>> http://stackoverflow.com/questions/6309958/encrypting-a-file-with-rsa-in-python
>>> (look at code in first answer)
>>>
>>> On Wednesday, 11 April 2012 12:35:05 UTC-5, naveed wrote:
>>>>
>>>> Thanks Massimo for getting back. I can’t use an encrypted file
>>>> system as when the file system is mounted, it’s totally open. Every file
>>>> can be encrypted with the same master password. I’m thinking of storing
>>>> this master password which is itself encrypted using the user’s password
>>>> (or it’s hash) in the auth_user table.
>>>>
>>>> On a related note, I am planning to encrypt some columns of other
>>>> tables using the same master password. Your thoughts on this approach?
>>>>
>>>>
>>>> *From:* Massimo Di Pierro
>>>> *Sent:* Wednesday, April 11, 2012 12.13
>>>> *To:* web2py@googlegroups.com
>>>> *Subject:* [web2py] Re: web2py: encrypt uploaded files
>>>>
>>>> What are the specs? Can you store them in an encrypted file system? can
>>>> you encrypt them with the same password? Should every file be encrypted
>>>> with a different password? Where should the passwords be stored?
>>>>
>>>> On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote:
>>>>>
>>>>> I need to encrypt uploaded files in web2py (for a HIPAA compliant
>>>>> application) preferably with AES. How can I accomplish this?
>>>>>
>>>>
Re: [web2py] Re: web2py: encrypt uploaded files
gt;
>>> the use
>>>
>>> db.define_table('person',Field('name'),EncryptedField('secret','upload',password='too
>>>
>>> many secrets!'))
>>>
>>> On Thursday, 12 April 2012 16:35:36 UTC-5, naveed wrote:
>>>>
>>>> I wasn’t asking as how to encrypt the file itself, but how to
>>>> incorporate it in to web2py’s existing excellent form upload and download
>>>> system. Assuming that we have functions encrypt(file, password) and
>>>> decrypt(file, password) which return the encrypted and decrypted file
>>>> respectively.
>>>>
>>>>
>>>> *From:* Massimo Di Pierro
>>>> *Sent:* Wednesday, April 11, 2012 13.31
>>>> *To:* web2py@googlegroups.com
>>>> *Subject:* Re: [web2py] Re: web2py: encrypt uploaded files
>>>>
>>>> Perhaps this can be useful:
>>>>
>>>> http://stackoverflow.com/questions/6309958/encrypting-a-file-with-rsa-in-python
>>>> (look at code in first answer)
>>>>
>>>> On Wednesday, 11 April 2012 12:35:05 UTC-5, naveed wrote:
>>>>>
>>>>> Thanks Massimo for getting back. I can’t use an encrypted file
>>>>> system as when the file system is mounted, it’s totally open. Every file
>>>>> can be encrypted with the same master password. I’m thinking of storing
>>>>> this master password which is itself encrypted using the user’s password
>>>>> (or it’s hash) in the auth_user table.
>>>>>
>>>>> On a related note, I am planning to encrypt some columns of other
>>>>> tables using the same master password. Your thoughts on this approach?
>>>>>
>>>>>
>>>>> *From:* Massimo Di Pierro
>>>>> *Sent:* Wednesday, April 11, 2012 12.13
>>>>> *To:* web2py@googlegroups.com
>>>>> *Subject:* [web2py] Re: web2py: encrypt uploaded files
>>>>>
>>>>> What are the specs? Can you store them in an encrypted file system?
>>>>> can you encrypt them with the same password? Should every file be
>>>>> encrypted
>>>>> with a different password? Where should the passwords be stored?
>>>>>
>>>>> On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote:
>>>>>>
>>>>>> I need to encrypt uploaded files in web2py (for a HIPAA compliant
>>>>>> application) preferably with AES. How can I accomplish this?
>>>>>>
>>>>>
Re: [web2py] Re: web2py: encrypt uploaded files
For encrypting/decrypting DB columns, we also use a validator:
Ex:
db.define_table('table',
Field('name', 'text'),
Field('host', 'text', requires =
SecureValidator(symmetrickey)),
Field('secret', 'text', requires =
SecureValidator(symmetrickey))
)
Where SecureValidator is similar to:
class SecureValidator:
''' Encrypts and decrypts data to database
'''
def __init__(self, phrase, error_message="Error"):
self.phrase = phrase
self.e = error_message
def __call__(self, value):
# Encrypt Data here
val = encrypt_string(value, phrase=self.phrase) # Encrypt string
method
return (val, None)
def formatter(self, value):
val,err = decrypt_string(value, self.phrase) # Decrypt data
if err:
# Log Error: ('Error occured when decrypting data')
return 'Error: %s' % err
else:
return val
-- Richard
On Wednesday, April 11, 2012 12:35:05 PM UTC-5, naveed wrote:
>
> Thanks Massimo for getting back. I can’t use an encrypted file system
> as when the file system is mounted, it’s totally open. Every file can be
> encrypted with the same master password. I’m thinking of storing this
> master password which is itself encrypted using the user’s password (or
> it’s hash) in the auth_user table.
>
> On a related note, I am planning to encrypt some columns of other tables
> using the same master password. Your thoughts on this approach?
>
>
> *From:* Massimo Di Pierro
> *Sent:* Wednesday, April 11, 2012 12.13
> *To:* web2py@googlegroups.com
> *Subject:* [web2py] Re: web2py: encrypt uploaded files
>
> What are the specs? Can you store them in an encrypted file system? can
> you encrypt them with the same password? Should every file be encrypted
> with a different password? Where should the passwords be stored?
>
> On Wednesday, 11 April 2012 11:54:24 UTC-5, naveed wrote:
>>
>> I need to encrypt uploaded files in web2py (for a HIPAA compliant
>> application) preferably with AES. How can I accomplish this?
>>
>
