Saving passwords for other services (semi-)securely in a database

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
from os import urandom
from base64 import b64encode, b64decode
from django.db import models
from Crypto.Cipher import ARC4


def get_value(name):
    def f(self):
        return Password.decrypt(getattr(self, 'e_%s'%name))
    return f
    
def set_value(name):
    def f(self, value):
        setattr(self, 'e_%s'%name, Password.encrypt(value))
    return f
    

class Password(models.Model):
    SALT_SIZE = 8
    
    name = models.CharField(max_length=128)
    slug = models.SlugField()
    e_username = models.TextField(blank=True)
    e_password = models.TextField(blank=True)
    e_host = models.TextField(blank=True)
    e_resource = models.TextField(blank=True)

    @staticmethod
    def encrypt(plaintext):
        salt = urandom(Password.SALT_SIZE)
        arc4 = ARC4.new(salt + settings.SECRET_KEY)
        plaintext = "%3d%s%s" % (len(plaintext), plaintext, urandom(256-len(plaintext)))
        return "%s$%s" % (b64encode(salt), b64encode(arc4.encrypt(plaintext)))
        
    @staticmethod
    def decrypt(ciphertext):
        salt, ciphertext = map(b64decode, ciphertext.split('$'))
        arc4 = ARC4.new(salt + settings.SECRET_KEY)
        plaintext = arc4.decrypt(ciphertext)
        return plaintext[3:3+int(plaintext[:3].strip())]
    
    def encrypted_property(name):
        return property(get_value(name), set_value(name))    
    

    username = encrypted_property('username')
    password = encrypted_property('password')
    host = encrypted_property('host')
    resource = encrypted_property('resource')

More like this

  1. Basic Auth Middleware by joshsharp 2 years, 10 months ago
  2. JSONField by deadwisdom 6 years, 8 months ago
  3. ByteSplitterField by Lacour 2 years, 8 months ago
  4. PositionField by jpwatts 5 years, 9 months ago
  5. Obfuscator for django project sources by audial 6 years, 4 months ago

Comments

(Forgotten your password?)