This is a collection of Django Model Field classes that are encrypted using Keyczar.
Keyczar is a crypto library that exposes a simple API by letting the user set things like the algorithm and key size right in the keyfile. It also provides for things like expiring old keys and cycling in new ones.
$ pip install django-encrypted-fields
Create a basic keyczar keyset. AES-256
in this case.
$ mkdir fieldkeys
$ keyczart create --location=fieldkeys --purpose=crypt
$ keyczart addkey --location=fieldkeys --status=primary --size=256
In your settings.py
ENCRYPTED_FIELDS_KEYDIR = '/path/to/fieldkeys'
Then, in models.py
from encrypted_fields import EncryptedTextField
class MyModel(models.Model):
text_field = EncryptedTextField()
Use your model as normal and your data will be encrypted in the database.
Warning: Once the data is encrypted, it can no longer to used to query or sort. In SQL, these will all look like text fields with random noise in them (which is what you want).
Currently build in and unit-tested fields. They have the save APIs as their non-encrypted counterparts.
EncryptedCharField
EncryptedTextField
EncryptedDateTimeField
EncryptedIntegerField
EncryptedFloatField
EncryptedEmailField
EncryptedBooleanField
Making new fields is easy! Django Encrypted Fields uses a handy mixin to make upgrading pre-existing fields quite easy.
from django.db import models
from encrypted_fields import EncryptedFieldMixin
class EncryptedIPAddressField(EncryptedFieldMixin, models.IPAddressField):
pass
Please report an issues you encounter when trying this, since I've only tested it with the fields above.